1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
1592
1593
1594
1595
1596
1597
1598
1599
1600
1601
1602
1603
1604
1605
1606
1607
1608
1609
1610
1611
1612
1613
1614
1615
1616
1617
1618
1619
1620
1621
1622
1623
1624
1625
1626
1627
1628
1629
1630
1631
1632
1633
1634
1635
1636
1637
1638
1639
1640
1641
1642
1643
1644
1645
1646
1647
1648
1649
1650
1651
1652
1653
1654
1655
1656
1657
1658
1659
1660
1661
1662
1663
1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
1678
1679
1680
1681
1682
1683
1684
1685
1686
1687
1688
1689
1690
1691
1692
1693
1694
1695
1696
1697
1698
1699
1700
1701
1702
1703
1704
1705
1706
1707
1708
1709
1710
1711
1712
1713
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
1731
1732
1733
1734
1735
1736
1737
1738
1739
1740
1741
1742
1743
1744
1745
1746
1747
1748
1749
1750
1751
1752
1753
1754
1755
1756
1757
1758
1759
1760
1761
1762
1763
1764
1765
1766
1767
1768
1769
1770
1771
1772
1773
1774
1775
1776
1777
1778
1779
1780
1781
1782
1783
1784
1785
1786
1787
1788
1789
1790
1791
1792
1793
1794
1795
1796
1797
1798
1799
1800
1801
1802
1803
1804
1805
1806
1807
1808
1809
1810
1811
1812
1813
1814
1815
1816
1817
1818
1819
1820
1821
1822
1823
1824
1825
1826
1827
1828
1829
1830
1831
1832
1833
1834
1835
1836
1837
1838
1839
1840
1841
1842
1843
1844
1845
1846
1847
1848
1849
1850
1851
1852
1853
1854
1855
1856
1857
1858
1859
1860
1861
1862
1863
1864
1865
1866
1867
1868
1869
1870
1871
1872
1873
1874
1875
1876
1877
1878
1879
1880
1881
1882
1883
1884
1885
1886
1887
1888
1889
1890
1891
1892
1893
1894
1895
1896
1897
1898
1899
1900
1901
1902
1903
1904
1905
1906
1907
1908
1909
1910
1911
1912
1913
1914
1915
1916
1917
1918
1919
1920
1921
1922
1923
1924
1925
1926
1927
1928
1929
1930
1931
1932
1933
1934
1935
1936
1937
1938
1939
1940
1941
1942
1943
1944
1945
1946
1947
1948
1949
1950
1951
1952
1953
1954
1955
1956
1957
1958
1959
1960
1961
1962
1963
1964
1965
1966
1967
1968
1969
1970
1971
1972
1973
1974
1975
1976
1977
1978
1979
1980
1981
1982
1983
1984
1985
1986
1987
1988
1989
1990
1991
1992
1993
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
2026
2027
2028
2029
2030
2031
2032
2033
2034
2035
2036
2037
2038
2039
2040
2041
2042
2043
2044
2045
2046
2047
2048
2049
2050
2051
2052
2053
2054
2055
2056
2057
2058
2059
2060
2061
2062
2063
2064
2065
2066
2067
2068
2069
2070
2071
2072
2073
2074
2075
2076
2077
2078
2079
2080
2081
2082
2083
2084
2085
2086
2087
2088
2089
2090
2091
2092
2093
2094
2095
2096
2097
2098
2099
2100
2101
2102
2103
2104
2105
2106
2107
2108
2109
2110
2111
2112
2113
2114
2115
2116
2117
2118
2119
2120
2121
2122
2123
2124
2125
|
<pre>Internet Research Task Force (IRTF) RJ Atkinson
Request for Comments: 6741 Consultant
Category: Experimental SN Bhatti
ISSN: 2070-1721 U. St Andrews
November 2012
<span class="h1">Identifier-Locator Network Protocol (ILNP)</span>
<span class="h1">Engineering Considerations</span>
Abstract
This document describes common (i.e., version independent)
engineering details for the Identifier-Locator Network Protocol
(ILNP), which is an experimental, evolutionary enhancement to IP.
This document is a product of the IRTF Routing Research Group.
Status of This Memo
This document is not an Internet Standards Track specification; it is
published for examination, experimental implementation, and
evaluation.
This document defines an Experimental Protocol for the Internet
community. This document is a product of the Internet Research Task
Force (IRTF). The IRTF publishes the results of Internet-related
research and development activities. These results might not be
suitable for deployment. This RFC represents the individual
opinion(s) of one or more members of the Routing Research Group of
the Internet Research Task Force (IRTF). Documents approved for
publication by the IRSG are not a candidate for any level of Internet
Standard; see <a href="./rfc5741#section-2">Section 2 of RFC 5741</a>.
Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
<a href="http://www.rfc-editor.org/info/rfc6741">http://www.rfc-editor.org/info/rfc6741</a>.
<span class="grey">Atkinson & Bhatti Experimental [Page 1]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-2" ></span>
<span class="grey"><a href="./rfc6741">RFC 6741</a> ILNP Engineering November 2012</span>
Copyright Notice
Copyright (c) 2012 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to <a href="https://www.rfc-editor.org/bcp/bcp78">BCP 78</a> and the IETF Trust's Legal
Provisions Relating to IETF Documents
(<a href="http://trustee.ietf.org/license-info">http://trustee.ietf.org/license-info</a>) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document.
This document may not be modified, and derivative works of it may not
be created, except to format it for publication as an RFC or to
translate it into languages other than English.
Table of Contents
<a href="#section-1">1</a>. Introduction ....................................................<a href="#page-3">3</a>
<a href="#section-1.1">1.1</a>. Document Roadmap ...........................................<a href="#page-4">4</a>
<a href="#section-1.2">1.2</a>. Terminology ................................................<a href="#page-5">5</a>
<a href="#section-2">2</a>. ILNP Identifiers ................................................<a href="#page-5">5</a>
<a href="#section-2.1">2.1</a>. Syntax .....................................................<a href="#page-6">6</a>
<a href="#section-2.2">2.2</a>. Default Values for an Identifier ...........................<a href="#page-6">6</a>
<a href="#section-2.3">2.3</a>. Local-Scoped Identifier Values .............................<a href="#page-6">6</a>
<a href="#section-2.4">2.4</a>. Multicast Identifiers ......................................<a href="#page-7">7</a>
<a href="#section-2.5">2.5</a>. Administration of Identifier Values ........................<a href="#page-7">7</a>
<a href="#section-3">3</a>. Encoding of Identifiers and Locators for ILNPv6 .................<a href="#page-7">7</a>
<a href="#section-3.1">3.1</a>. Encoding of I and L Values .................................<a href="#page-7">7</a>
<a href="#section-3.2">3.2</a>. Network-Level Packet Formats ..............................<a href="#page-10">10</a>
<a href="#section-3.3">3.3</a>. Encoding of Identifiers and Locators for ILNPv4 ...........<a href="#page-11">11</a>
<a href="#section-4">4</a>. Transport-Layer Changes ........................................<a href="#page-12">12</a>
<a href="#section-4.1">4.1</a>. End-System State ..........................................<a href="#page-12">12</a>
<a href="#section-4.2">4.2</a>. TCP/UDP Checksum Handling .................................<a href="#page-12">12</a>
<a href="#section-4.3">4.3</a>. ICMP Checksum Handling ....................................<a href="#page-12">12</a>
<a href="#section-5">5</a>. ILNP Communication Cache (ILCC) ................................<a href="#page-13">13</a>
<a href="#section-5.1">5.1</a>. Formal Definition .........................................<a href="#page-13">13</a>
<a href="#section-5.2">5.2</a>. Ageing ILCC Entries .......................................<a href="#page-15">15</a>
<a href="#section-5.3">5.3</a>. Large Numbers of Locators .................................<a href="#page-15">15</a>
<a href="#section-5.4">5.4</a>. Lookups into the ILCC .....................................<a href="#page-16">16</a>
<a href="#section-6">6</a>. Handling Location/Connectivity Changes .........................<a href="#page-16">16</a>
<a href="#section-6.1">6.1</a>. Node Location/Connectivity Changes ........................<a href="#page-16">16</a>
<a href="#section-6.2">6.2</a>. Network Connectivity/Locator Changes ......................<a href="#page-17">17</a>
<a href="#section-7">7</a>. Subnetting .....................................................<a href="#page-17">17</a>
<a href="#section-7.1">7.1</a>. Subnetting for ILNPv6 .....................................<a href="#page-18">18</a>
<a href="#section-7.2">7.2</a>. Subnetting for ILNPv4 .....................................<a href="#page-19">19</a>
<a href="#section-7.3">7.3</a>. Subnetting for Router-Router Links in IPv6/ILNPv6 .........<a href="#page-19">19</a>
<a href="#section-8">8</a>. DNS Considerations .............................................<a href="#page-19">19</a>
<span class="grey">Atkinson & Bhatti Experimental [Page 2]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-3" ></span>
<span class="grey"><a href="./rfc6741">RFC 6741</a> ILNP Engineering November 2012</span>
<a href="#section-8.1">8.1</a>. Secure Dynamic DNS Update .................................<a href="#page-19">19</a>
<a href="#section-8.2">8.2</a>. New DNS RR Types ..........................................<a href="#page-20">20</a>
<a href="#section-8.4">8.4</a>. DNS TTL Values for ILNP RRS Types .........................<a href="#page-21">21</a>
<a href="#section-8.5">8.5</a>. IP/ILNP Dual Operation and Transition .....................<a href="#page-21">21</a>
<a href="#section-9">9</a>. IP Security for ILNP ...........................................<a href="#page-22">22</a>
<a href="#section-9.1">9.1</a>. IPsec Security Association Enhancements for ILNP ..........<a href="#page-22">22</a>
<a href="#section-9.2">9.2</a>. IP Authentication Header Enhancements for ILNP ............<a href="#page-23">23</a>
<a href="#section-9.3">9.3</a>. Key Management Considerations .............................<a href="#page-23">23</a>
<a href="#section-10">10</a>. Backwards Compatibility and Incremental Deployment ............<a href="#page-24">24</a>
<a href="#section-10.1">10.1</a>. Priorities in the Design of ILNPv6 and ILNPv4 ............<a href="#page-24">24</a>
<a href="#section-10.2">10.2</a>. Infrastructure ...........................................<a href="#page-25">25</a>
<a href="#section-10.3">10.3</a>. Core Protocols ...........................................<a href="#page-25">25</a>
<a href="#section-10.4">10.4</a>. Scope of End-System Changes ..............................<a href="#page-26">26</a>
<a href="#section-10.5">10.5</a>. Applications .............................................<a href="#page-27">27</a>
<a href="#section-10.6">10.6</a>. Interworking between IP and ILNP .........................<a href="#page-27">27</a>
<a href="#section-11">11</a>. Security Considerations .......................................<a href="#page-28">28</a>
<a href="#section-11.1">11.1</a>. Authenticating ICMP Messages .............................<a href="#page-29">29</a>
<a href="#section-11.2">11.2</a>. Forged Identifier Attacks ................................<a href="#page-31">31</a>
<a href="#section-12">12</a>. Privacy Considerations ........................................<a href="#page-31">31</a>
<a href="#section-13">13</a>. Operational Considerations ....................................<a href="#page-31">31</a>
<a href="#section-13.1">13.1</a>. Session Liveness and Reachability ........................<a href="#page-32">32</a>
<a href="#section-13.2">13.2</a>. Key Management Considerations ............................<a href="#page-33">33</a>
<a href="#section-13.3">13.3</a>. Point-to-Point Router Links ..............................<a href="#page-33">33</a>
<a href="#section-14">14</a>. Referrals and Application Programming Interfaces ..............<a href="#page-34">34</a>
<a href="#section-14.1">14.1</a>. BSD Sockets APIs .........................................<a href="#page-34">34</a>
<a href="#section-14.2">14.2</a>. Java (and Other) APIs ....................................<a href="#page-34">34</a>
<a href="#section-14.3">14.3</a>. Referrals in the Future ..................................<a href="#page-35">35</a>
<a href="#section-15">15</a>. References ....................................................<a href="#page-35">35</a>
<a href="#section-15.1">15.1</a>. Normative References .....................................<a href="#page-35">35</a>
<a href="#section-15.2">15.2</a>. Informative References ...................................<a href="#page-36">36</a>
<a href="#section-16">16</a>. Acknowledgements ..............................................<a href="#page-38">38</a>
<span class="h2"><a class="selflink" id="section-1" href="#section-1">1</a>. Introduction</span>
The ILNP document set has had extensive review within the IRTF
Routing RG. ILNP is one of the recommendations made by the RG
Chairs. Separately, various refereed research papers on ILNP have
also been published during this decade. So, the ideas contained
herein have had much broader review than IRTF Routing RG. The views
in this document were considered controversial by the Routing RG, but
the RG reached a consensus that the document still should be
published. The Routing RG has had remarkably little consensus on
anything, so virtually all Routing RG outputs are considered
controversial.
At present, the Internet research and development community is
exploring various approaches to evolving the Internet Architecture to
solve a variety of issues including, but not limited to, scalability
<span class="grey">Atkinson & Bhatti Experimental [Page 3]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-4" ></span>
<span class="grey"><a href="./rfc6741">RFC 6741</a> ILNP Engineering November 2012</span>
of inter-domain routing [<a href="./rfc4984" title=""Report from the IAB Workshop on Routing and Addressing"">RFC4984</a>]. A wide range of other issues
(e.g., site multihoming, node multihoming, site/subnet mobility, node
mobility) are also active concerns at present. Several different
classes of evolution are being considered by the Internet research
and development community. One class is often called "Map and
Encapsulate", where traffic would be mapped and then tunnelled
through the inter-domain core of the Internet. Another class being
considered is sometimes known as "Identifier/Locator Split". This
document relates to a proposal that is in the latter class of
evolutionary approaches.
The Identifier-Locator Network Protocol (ILNP) is an experimental
network protocol that provides evolutionary enhancements to IP. ILNP
is backwards compatible with IP and is incrementally deployable. The
best starting point for learning about ILNP is the ILNP Architectural
Description, which includes a document roadmap [<a href="./rfc6740" title=""Identifier-Locator Network Protocol (ILNP) Architectural Description"">RFC6740</a>].
<span class="h3"><a class="selflink" id="section-1.1" href="#section-1.1">1.1</a>. Document Roadmap</span>
This document describes engineering and implementation considerations
that are common to both ILNP for IPv4 (ILNPv4) and ILNP for IPv6
(ILNPv6).
The ILNP architecture can have more than one engineering
instantiation. For example, one can imagine a "clean-slate"
engineering design based on the ILNP architecture. In separate
documents, we describe two specific engineering instances of ILNP.
The term "ILNPv6" refers precisely to an instance of ILNP that is
based upon, and backwards compatible with, IPv6. The term "ILNPv4"
refers precisely to an instance of ILNP that is based upon, and
backwards compatible with, IPv4.
Many engineering aspects common to both ILNPv4 and ILNPv6 are
described in this document. A full engineering specification for
either ILNPv6 or ILNPv4 is beyond the scope of this document.
Readers are referred to other related ILNP documents for details not
described here:
a) [<a href="./rfc6740" title=""Identifier-Locator Network Protocol (ILNP) Architectural Description"">RFC6740</a>] is the main architectural description of ILNP, including
the concept of operations.
b) [<a href="./rfc6742" title=""DNS Resource Records for the Identifier-Locator Network Protocol (ILNP)"">RFC6742</a>] defines additional DNS resource records that support
ILNP.
c) [<a href="./rfc6743" title=""ICMPv6 Locator Update Message"">RFC6743</a>] defines a new ICMPv6 Locator Update message used by an
ILNP node to inform its correspondent nodes of any changes to its
set of valid Locators.
<span class="grey">Atkinson & Bhatti Experimental [Page 4]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-5" ></span>
<span class="grey"><a href="./rfc6741">RFC 6741</a> ILNP Engineering November 2012</span>
d) [<a href="./rfc6744" title=""IPv6 Nonce Destination Option for the Identifier-Locator Network Protocol for IPv6 (ILNPv6)"">RFC6744</a>] defines a new IPv6 Nonce Destination Option used by
ILNPv6 nodes (1) to indicate to ILNP correspondent nodes (by
inclusion within the initial packets of an ILNP session) that the
node is operating in the ILNP mode and (2) to prevent off-path
attacks against ILNP ICMP messages. This Nonce is used, for
example, with all ILNP ICMPv6 Locator Update messages that are
exchanged among ILNP correspondent nodes.
e) [<a href="./rfc6745" title=""ICMP Locator Update Message for the Identifier-Locator Network Protocol for IPv4 (ILNPv4)"">RFC6745</a>] defines a new ICMPv4 Locator Update message used by an
ILNP node to inform its correspondent nodes of any changes to its
set of valid Locators.
f) [<a href="./rfc6746" title=""IPv4 Options for the Identifier-Locator Network Protocol (ILNP)"">RFC6746</a>] defines a new IPv4 Nonce Option used by ILNPv4 nodes to
carry a security nonce to prevent off-path attacks against ILNP
ICMP messages and also defines a new IPv4 Identifier Option used
by ILNPv4 nodes.
g) [<a href="./rfc6747" title=""Address Resolution Protocol (ARP) Extension for the Identifier-Locator Network Protocol for IPv4 (ILNPv4)"">RFC6747</a>] describes extensions to Address Resolution Protocol
(ARP) for use with ILNPv4.
h) [<a href="./rfc6748" title=""Optional Advanced Deployment Scenarios for the Identifier-Locator Network Protocol (ILNP)"">RFC6748</a>] describes optional engineering and deployment functions
for ILNP. These are not required for the operation or use of ILNP
and are provided as additional options.
<span class="h3"><a class="selflink" id="section-1.2" href="#section-1.2">1.2</a>. Terminology</span>
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [<a href="./rfc2119" title=""Key words for use in RFCs to Indicate Requirement Levels"">RFC2119</a>].
Several technical terms (e.g., "ILNP session") that are used by this
document are defined in [<a href="./rfc6740" title=""Identifier-Locator Network Protocol (ILNP) Architectural Description"">RFC6740</a>]. It is strongly recommended that
one read [<a href="./rfc6740" title=""Identifier-Locator Network Protocol (ILNP) Architectural Description"">RFC6740</a>] before reading this document.
<span class="h2"><a class="selflink" id="section-2" href="#section-2">2</a>. ILNP Identifiers</span>
All ILNP nodes must have at least one Node Identifier (or just
"Identifier") value. However, there are various options for
generating those Identifier values. We describe, in this section,
the relevant engineering issues related to Identifier generation and
usage.
Note well that an ILNP Node Identifier names an ILNP-capable node,
and it is NOT bound to a specific interface of that node. So a given
ILNP Node Identifier is valid on all active interfaces of the node to
which that ILNP Identifier is bound. This is true even if the bits
used to form the Identifier value happened to be taken from a
specific interface as an engineering convenience.
<span class="grey">Atkinson & Bhatti Experimental [Page 5]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-6" ></span>
<span class="grey"><a href="./rfc6741">RFC 6741</a> ILNP Engineering November 2012</span>
<span class="h3"><a class="selflink" id="section-2.1" href="#section-2.1">2.1</a>. Syntax</span>
ILNP Identifiers are always unsigned 64-bit strings, and they may be
realised as 64-bit unsigned integers. Both ILNPv4 and ILNPv6 use the
Modified EUI-64 [<a href="#ref-IEEE-EUI" title=""Guidelines for 64-bit Global Identifier (EUI-64) Registration Authority"">IEEE-EUI</a>] syntax that is used by IPv6 interface
identifiers <a href="./rfc4291#section-2.5.1">[RFC4291], Section 2.5.1</a>, as shown in Figure 2.1.
+--------------------------------------------------+
| 6 id bits | U bit | G bit | 24 id bits |
+--------------------------------------------------+
| 32 id bits |
+--------------------------------------------------+
Figure 2.1: Node Identifier Format as Used for IPv6, Using the
Same Syntax as in <a href="./rfc4291#section-2.5.1">RFC 4291, Section 2.5.1</a>.
That syntax contains two special reserved bit flags. One flag (the U
bit) indicates whether the value has "universal" (i.e., global) scope
(1) or "local" (0) scope. The other flag (the G bit) indicates
whether the value is an "individual" address (1) or "group" (i.e.,
multicast) (0) address.
However, this format does allow other values to be set, by use of
administrative or other policy control, as required, by setting the U
bit to "local".
<span class="h3"><a class="selflink" id="section-2.2" href="#section-2.2">2.2</a>. Default Values for an Identifier</span>
By default, this value, including the U bit and G bit, are set as
described in <a href="./rfc4291#section-2.5.1">Section 2.5.1 of [RFC4291]</a>. Where no other value of
Identifier is available for an ILNP node, this is the value that MUST
be used.
Because ILNP Identifiers might have local scope, and also to handle
the case where two nodes at different locations happen to be using
the same global scope Identifier (e.g., due to a manufacturing fault
in a network chipset or card), implementers must be careful in how
ILNP Identifiers are handled within an end system's networking
implementation. Some details are discussed in <a href="#section-4">Section 4</a> below.
<span class="h3"><a class="selflink" id="section-2.3" href="#section-2.3">2.3</a>. Local-Scoped Identifier Values</span>
ILNP Identifiers for a node also MAY have the Scope bit of the Node
Identifier set to "local" scope. Locally unique identifiers MAY be
Cryptographically Generated, created following the procedures used
for IPv6 Cryptographically Generated Addresses (CGAs) [<a href="./rfc3972" title=""Cryptographically Generated Addresses (CGA)"">RFC3972</a>]
[<a href="./rfc4581" title=""Cryptographically Generated Addresses (CGA) Extension Field Format"">RFC4581</a>] [<a href="./rfc4982" title=""Support for Multiple Hash Algorithms in Cryptographically Generated Addresses (CGAs)"">RFC4982</a>].
<span class="grey">Atkinson & Bhatti Experimental [Page 6]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-7" ></span>
<span class="grey"><a href="./rfc6741">RFC 6741</a> ILNP Engineering November 2012</span>
Also, locally unique identifiers MAY be used to create the ILNP
equivalent to the Privacy Extensions for IPv6, generating ILNP
Identifiers following the procedures used for IPv6 [<a href="./rfc4941" title=""Privacy Extensions for Stateless Address Autoconfiguration in IPv6"">RFC4941</a>].
<span class="h3"><a class="selflink" id="section-2.4" href="#section-2.4">2.4</a>. Multicast Identifiers</span>
An ILNP Identifier with the G bit set to "group" names an ILNP
multicast group, while an ILNP Identifier with the G bit set to
"individual" names an individual ILNP node. However, this usage of
multicast for Identifiers for ILNP is currently undefined: ILNP uses
IPv6 multicast for ILNPv6 and IPv4 multicast for ILNPv4 and uses the
multicast address formats defined as appropriate.
The use of multicast Identifiers and design of an enhanced multicast
capability for ILNPv6 and ILNPv4 is currently work in progress.
<span class="h3"><a class="selflink" id="section-2.5" href="#section-2.5">2.5</a>. Administration of Identifier Values</span>
Note that just as IPv6 does not need global, centralised
administrative management of its interface identifiers, so ILNPv6
does not need global, centralised administrative management of the
Node Identifier (NID) values.
<span class="h2"><a class="selflink" id="section-3" href="#section-3">3</a>. Encoding of Identifiers and Locators for ILNPv6</span>
<span class="h3"><a class="selflink" id="section-3.1" href="#section-3.1">3.1</a>. Encoding of I and L Values</span>
With ILNPv6, the Identifier and Locator values within a packet are
encoded in the existing space for the IPv6 address. In general, the
ILNPv6 Locator has the same syntax and semantics as the current IPv6
unicast routing prefix, as shown in Figure 3.1:
/* IPv6 */
| 64 bits | 64 bits |
+-------------------------------------+-------------------------+
| IPv6 Unicast Routing Prefix | Interface Identifier |
+-------------------------------------+-------------------------+
/* ILNPv6 */
| 64 bits | 64 bits |
+-------------------------------------+-------------------------+
| Locator | Node Identifier (NID) |
+-------------------------------------+-------------------------+
Figure 3.1: The General Format of Encoding of I/NID and L Values
for ILNPv6 into the IPv6 Address Bits
<span class="grey">Atkinson & Bhatti Experimental [Page 7]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-8" ></span>
<span class="grey"><a href="./rfc6741">RFC 6741</a> ILNP Engineering November 2012</span>
The syntactical structure of the IPv6 address spaces remains as given
in <a href="./rfc4291#section-2.5.4">Section 2.5.4 of [RFC4291]</a>, and an example is shown in Figure 3.2,
which is based in part on [<a href="./rfc3177" title=""IAB/IESG Recommendations on IPv6 Address Allocations to Sites"">RFC3177</a>] (which has since been obsoleted
by [<a href="./rfc6177" title=""IPv6 Address Assignment to End Sites"">RFC6177</a>]).
/* IPv6 */
| 3 | 45 bits | 16 bits | 64 bits |
+---+---------------------+-----------+-------------------------+
|001|global routing prefix| subnet ID | Interface Identifier |
+---+---------------------+-----------+-------------------------+
/* ILNPv6 */
| 64 bits | 64 bits |
+---+---------------------+-----------+-------------------------+
| Locator (L64) | Node Identifier (NID) |
+---+---------------------+-----------+-------------------------+
Figure 3.2: Example of IPv6 Address Format as Used in ILNPv6
The global routing prefix bits and subnet ID bits above are as for
[<a href="./rfc3177" title=""IAB/IESG Recommendations on IPv6 Address Allocations to Sites"">RFC3177</a>], but could be different, e.g., as for [<a href="./rfc6177" title=""IPv6 Address Assignment to End Sites"">RFC6177</a>].
The ILNPv6 Locator uses the upper 64-bits of the 128-bit IPv6 address
space. It has the same syntax and semantics as today's IPv6 routing
prefix. So, an ILNPv6 packet carrying a Locator value can be used
just like an IPv6 packet today as far as core routers are concerned.
The example in Figure 3.2 happens to use a /48 prefix, as was
recommended by [<a href="./rfc3177" title=""IAB/IESG Recommendations on IPv6 Address Allocations to Sites"">RFC3177</a>]. However, more recent advice is that
prefixes need not be fixed at /48 and could be up to /64 [<a href="./rfc6177" title=""IPv6 Address Assignment to End Sites"">RFC6177</a>].
This change, however, does not impact the syntax or semantics of the
Locator value.
The ILNPv6 Identifier value uses the lower 64-bits of the 128-bit
IPv6 address. It has the same syntax as an IPv6 identifier, but
different semantics. This provides a fixed-length non-topological
name for a node. Identifiers are bound to nodes, not to interfaces
of a node. All ILNP Identifiers MUST comply with the modified EUI-64
syntax already specified for IPv6's "interface identifier" values, as
described in <a href="#section-2.1">Section 2.1</a>.
IEEE EUI-64 Identifiers can have either global-scope or local-scope.
So ILNP Identifiers also can have either global-scope or local-scope.
A reserved bit in the modified EUI-64 syntax clearly indicates
whether a given Identifier has global-scope or local-scope. A node
is not required to use a global-scope Identifier, although that is
the recommended practice. Note that the syntax of the Node
<span class="grey">Atkinson & Bhatti Experimental [Page 8]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-9" ></span>
<span class="grey"><a href="./rfc6741">RFC 6741</a> ILNP Engineering November 2012</span>
Identifier field has exactly the same syntax as that defined for IPv6
address in <a href="./rfc4291#section-2.5.1">Section 2.5.1 of [RFC4291]</a>. (This is based on the IEEE
EUI-64 syntax [<a href="#ref-IEEE-EUI" title=""Guidelines for 64-bit Global Identifier (EUI-64) Registration Authority"">IEEE-EUI</a>], but is not the same.)
Most commonly, Identifiers have global-scope and are derived from one
or more IEEE 802 or IEEE 1394 'MAC Addresses' (sic) already
associated with the node, following the procedure already defined for
IPv6 [<a href="./rfc4291" title=""IP Version 6 Addressing Architecture"">RFC4291</a>]. Global-scope identifiers have a high probability of
being globally unique. This approach eliminates the need to manage
Identifiers, among other benefits.
Local-scope Identifiers MUST be unique within the context of their
Locators. The existing mechanisms of the IPv4 Address Resolution
Protocol [<a href="./rfc826" title=""Ethernet Address Resolution Protocol: Or Converting Network Protocol Addresses to 48.bit Ethernet Address for Transmission on Ethernet Hardware"">RFC826</a>] and IPv6 Stateless Address Autoconfiguration
(SLAAC) [<a href="./rfc4862" title=""IPv6 Stateless Address Autoconfiguration"">RFC4862</a>] automatically enforce this constraint.
For example, on an Ethernet-based IPv4 subnetwork the ARP Reply
message is sent via link-layer broadcast, thereby advertising the
current binding between an IPv4 address and a Media Access Control
(MAC) address to all nodes on that IPv4 subnetwork. (Note also that
a well-known, long standing, issue with ARP is that it cannot be
authenticated.) Local-scope Identifiers MUST NOT be used with other
Locators without first ensuring uniqueness in the context of those
other Locators e.g., by using IPv6 Neighbour Discovery's Duplicate
Address Detection mechanism when using ILNPv6 or by sending an ARP
Request when using ILNPv4.
Other methods might be used to generate local-scope Identifiers. For
example, one might derive Identifiers using some form of
cryptographic generation or using the methods specified in the IPv6
Privacy Extensions [<a href="./rfc4941" title=""Privacy Extensions for Stateless Address Autoconfiguration in IPv6"">RFC4941</a>] to Stateless Address Autoconfiguration
(SLAAC) [<a href="./rfc4862" title=""IPv6 Stateless Address Autoconfiguration"">RFC4862</a>]. When cryptographic generation of Identifiers
using methods described in <a href="./rfc3972">RFC 3972</a> is in use, only the Identifier is
included, never the Locator, thereby preserving roaming capability.
One could also imagine creating a local-scope Identifier by taking a
cryptographic hash of a node's public key. Of course, in the
unlikely event of an Identifier collision, for example, when a node
has chosen to use a local-scope Identifier value, the node remains
free to use some other local-scope Identifier value(s).
It is worth remembering here that an IPv6 address names a specific
network interface on a specific node, but an ILNPv6 Identifier names
the node itself, not a specific interface on the node. This
difference in definition is essential to providing seamless support
for mobility and multihoming, which are discussed in more detail
later in this note.
<span class="grey">Atkinson & Bhatti Experimental [Page 9]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-10" ></span>
<span class="grey"><a href="./rfc6741">RFC 6741</a> ILNP Engineering November 2012</span>
<span class="h3"><a class="selflink" id="section-3.2" href="#section-3.2">3.2</a>. Network-Level Packet Formats</span>
ILNPv6 Locator and Identifier values are encoded into IPv6 address
space and ILNPv6 uses directly the Classic IPv6 packet format, as
shown in Figure 3.3. This is also the view of an ILNPv6 packet as
seen by core routers -- they simply use the Locator value (top
64-bits of the address field) just as they would use an IPv6 prefix
today (e.g., either as /48 or as /64 when using sub-network routing).
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Version| Traffic Class | Flow Label |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Payload Length | Next Header | Hop Limit |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Source Address |
+ +
| |
+ +
| |
+ +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Destination Address |
+ +
| |
+ +
| |
+ +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 3.3: Existing ("Classic") IPv6 Header
In essence, the Locator names a subnetwork. (Locators can also be
referred to as Routing Prefixes if discussing Classic IPv6). Of
course, backwards compatibility requirements mean that ILNPv6
Locators use the same number space as IPv6 routing prefixes. This
ensures that no changes are needed to deployed IPv6 routers when
deploying ILNPv6.
The low-order 64-bits of the IPv6 address become the Identifier.
Details of the Identifier were discussed above. The Identifier is
only used by end-systems, so Figure 3.4 shows the view of the same
packet format, but as viewed by an ILNPv6 node. As this only needs
to be parsed in this way by the end-system, so ILNPv6 deployment is
enabled incrementally by updating end-systems as required.
<span class="grey">Atkinson & Bhatti Experimental [Page 10]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-11" ></span>
<span class="grey"><a href="./rfc6741">RFC 6741</a> ILNP Engineering November 2012</span>
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Version| Traffic Class | Flow Label |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Payload Length | Next Header | Hop Limit |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Source Locator |
+ +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Source Identifier |
| |
+ +
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Destination Locator |
+ +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Destination Identifier |
+ +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 3.4: ILNPv6 Header as Seen by ILNPv6-Enabled End-Systems
<span class="h3"><a class="selflink" id="section-3.3" href="#section-3.3">3.3</a>. Encoding of Identifiers and Locators for ILNPv4</span>
Encoding of Identifier and Locator values for ILNPv4 is not as
straightforward as for ILNPv6. In analogy to ILNPv6, in ILNPv4, the
Locator value is a routing prefix for IPv4, but is at most 30 bits.
Source Locator values are carried in the source address field of the
IPv4 header, and destination Locator values in the destination
address field. So, just like for ILNPv6, for ILNPv4, packet routing
can be performed by routers examining existing prefix values in the
IPv4 header.
However, for ILNPv4, additional option headers have to be used to
carry the Identifier value as there is not enough room in the normal
IPv4 header fields. A 64-bit Identifier value is carried in an
option header. So, the detailed explanation of the ILNPv4 packet
header is to be found in [<a href="./rfc6746" title=""IPv4 Options for the Identifier-Locator Network Protocol (ILNP)"">RFC6746</a>].
<span class="grey">Atkinson & Bhatti Experimental [Page 11]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-12" ></span>
<span class="grey"><a href="./rfc6741">RFC 6741</a> ILNP Engineering November 2012</span>
<span class="h2"><a class="selflink" id="section-4" href="#section-4">4</a>. Transport-Layer Changes</span>
ILNP uses an Identifier value in order to form the invariant end-
system state for end-to-end protocols. Currently, transport
protocols such as TCP and UDP use all the bits of an IP Address to
form such state. So, transport protocol implementations MUST be
modified in order to operate over ILNP.
<span class="h3"><a class="selflink" id="section-4.1" href="#section-4.1">4.1</a>. End-System State</span>
Currently, TCP and UDP, for example, use the 4-tuple:
<local port, remote port, local IP Address, remote IP Address>
for the end-system state for a transport layer end-point. For ILNP,
implementations must be modified to instead use the following:
<local port, remote port, local Identifier, remote Identifier>
<span class="h3"><a class="selflink" id="section-4.2" href="#section-4.2">4.2</a>. TCP/UDP Checksum Handling</span>
In IP-based implementations, the TCP or UDP pseudo-header checksum
calculations include all the bits of the IP Address. By contrast,
when calculating the TCP or UDP pseudo-header checksums for use with
ILNP, only the Identifier values are included in the TCP or UDP
pseudo-header checksum calculations.
To minimise the changes required within transport protocol
implementations, and to maximise interoperability, current
implementations are modified to zero the Locator fields (only for the
purpose of TCP or UDP checksum calculations). For example, for
ILNPv6, this means that the existing code for IPv6 can be used, with
the ILNPv6 Identifier bits occupying the lower 64 bits of the IPv6
address field, and the upper 64 bits of the IPv6 address filed being
set to zero. For ILNPv4, the Identifier fields are carried in an
IPv4 Option [<a href="./rfc6746" title=""IPv4 Options for the Identifier-Locator Network Protocol (ILNP)"">RFC6746</a>].
<a href="#section-7">Section 7</a> describes methods for incremental deployment of this ILNP-
specific change and backwards compatibility with non-upgraded nodes
(e.g., classic IPv4 or IPv6 nodes) in more detail.
<span class="h3"><a class="selflink" id="section-4.3" href="#section-4.3">4.3</a>. ICMP Checksum Handling</span>
To maximise backwards compatibility, the ILNPv6 ICMP checksum is
always calculated in the same way as for IPv6 ICMP. Similarly, the
ILNPv4 ICMP checksum is always calculated in the same way as for IPv4
ICMP.
<span class="grey">Atkinson & Bhatti Experimental [Page 12]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-13" ></span>
<span class="grey"><a href="./rfc6741">RFC 6741</a> ILNP Engineering November 2012</span>
<span class="h2"><a class="selflink" id="section-5" href="#section-5">5</a>. ILNP Communication Cache (ILCC)</span>
For operational purposes, implementations need to have a local cache
of state information that allow communication endpoints to be
constructed and for communication protocols to operate. Such cache
information is common today, e.g., IPv4 nodes commonly maintain an
Address Resolution Protocol (ARP) cache with information relating to
current and recent Correspondent Nodes (CNs); IPv6 nodes maintain a
Neighbor Discovery (ND) table with information relating to current
and CNs. Likewise, ILNP maintains an Identifier Locator
Communication Cache (ILCC) with information relating to the operation
of ILNP.
The ILCC is a (logical) set of data values required for ILNP to
operate. These values are maintained by the endpoints of each ILNP
session.
In theory, this cache is within the ILNP network-layer. However,
many network protocol implementations do not have strict protocol
separation or layering. So there is no requirement that the ILCC be
kept partitioned from transport-layer protocols.
Note that, in many implementations, much of the information required
for the ILCC may already be present. Where some additional
information is required for ILNP, from an engineering viewpoint, the
ILCC could be implemented by extending or enhancing existing data
structures within existing implementations. For example, by adding
appropriate flags to the data structures in existing implementations.
Note that the ILCC does not impose any extra state maintenance
requirements for applications or applications servers. For example,
in the case of, say, HTTP, there will be no additional state for a
server to maintain, and any TCP state will be handled by the ILNP
code in the OS just as for IP.
<span class="h3"><a class="selflink" id="section-5.1" href="#section-5.1">5.1</a>. Formal Definition</span>
The ILCC contains information about both the local node and also
about current or recent correspondent nodes, as follows.
Information about the local node:
- Each currently valid Identifier value, including its Identifier
Precedence and whether it is active at present.
- Each currently valid Locator value, including its associated
local interface(s), its Locator Precedence and whether it is
active at present.
<span class="grey">Atkinson & Bhatti Experimental [Page 13]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-14" ></span>
<span class="grey"><a href="./rfc6741">RFC 6741</a> ILNP Engineering November 2012</span>
- Each currently valid IL Vector (I-LV), including whether it is
active at present.
Information about each correspondent node:
- Most recent set of Identifiers, including lifetime and validity
for each.
- Most recent set of Locators, including lifetime and validity for
each.
- Nonce value for packets from the local host to the
correspondent.
- Nonce value for packets from the correspondent to the local
host.
In the above list for the ILNP Communication Cache:
- A "valid" item is usable, from an administrative point of view,
but it might or might not be in use at present.
- The "validity" parameter for the correspondent node indicates
one of several different states for a datum. These include at
least the following:
- "valid": data is usable and has not expired.
- "active": data is usable, has not expired, and is in active
use at present.
- "expired": data is still in use at present, but is beyond its
expiration (i.e., without a replacement value).
- "aged": data was recently in use, but is not in active use at
present, and is beyond its expiration.
- The "lifetime" parameter is an implementation-specific
representation of the validity lifetime for the associated data
element. In normal operation, the Lifetime for a correspondent
node's Locator(s) are learned from the DNS Time-To-Live (DNS
TTL) value associated with DNS records (NID, L32, L64, etc.) of
the Fully Qualified Domain Name (FQDN) owner name of the
correspondent node. For time, a node might use UTC (e.g., via
Network Time Protocol) or perhaps some node-specific time (e.g.,
seconds since node boot).
<span class="grey">Atkinson & Bhatti Experimental [Page 14]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-15" ></span>
<span class="grey"><a href="./rfc6741">RFC 6741</a> ILNP Engineering November 2012</span>
<span class="h3"><a class="selflink" id="section-5.2" href="#section-5.2">5.2</a>. Ageing ILCC Entries</span>
As a practical engineering matter, it is not sensible to flush all
Locator values associated with an existing ILNP session's
correspondent node even if the DNS TTL associated with those Locator
values expires.
In some situations, a CN might be disconnected briefly when moving
location (e.g., immediate handover, which sometimes is called "break
before make"). If this happens, there might be a brief pause before
the Correspondent Node can (a) update its own L values in the DNS,
and (b) send an ICMP Locator Update message to the local node with
information about its new location. Implementers ought to try to
maintain ILNP sessions even when such events occur.
Instead, Locator values cached for a correspondent node SHOULD be
marked as "aged" when their TTL has expired, but retained until
either the next Locator Update message is received, there is other
indication that a given Locator is not working any longer, there is
positive indication that the Correspondent Node has terminated the
ILNP session (e.g., TCP RST if the only transport-layer session for
this ILNP session is a TCP session), until some appropriate timeout
(e.g., 2*MSL for TCP if the only transport-layer session for this
ILNP session is a TCP session), or the ILNP session has been inactive
for several minutes (e.g., no transport-layer session exists for this
ILNP session) and the storage space associated with the aged entry
needs to be reclaimed.
Separately, received authenticated Locator Update messages cause the
ILCC entries listed above to be updated.
Similarly, if there is indication that an ILNP session with a
Correspondent Node remains active and the DNS TTL associated with
that Correspondent Node's active Identifier value(s) has expired,
those remote Identifier value(s) ought to be marked as "expired", but
retained since they are in active use.
<span class="h3"><a class="selflink" id="section-5.3" href="#section-5.3">5.3</a>. Large Numbers of Locators</span>
Implementers should keep in mind that a node or site might have a
large number of concurrent Locators, and it should ensure that a
system fault does not arise if the system receives an authentic ICMP
Locator Update containing a large number of Locator values.
<span class="grey">Atkinson & Bhatti Experimental [Page 15]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-16" ></span>
<span class="grey"><a href="./rfc6741">RFC 6741</a> ILNP Engineering November 2012</span>
<span class="h3"><a class="selflink" id="section-5.4" href="#section-5.4">5.4</a>. Lookups into the ILCC</span>
For received packets containing an ILNP Nonce Option, lookups in the
ILCC MUST use the <remote Identifier, Nonce> tuple as the lookup key.
For all other ILNP packets, lookups in the ILNP Correspondent Cache
MUST use the <remote Locator, remote Identifier> tuple, i.e., the
remote I-LV, as the lookup key.
These two checks between them facilitate situations where, perhaps
due to deployment of Local-scope Identifiers, more than one
correspondent node is using the same Identifier value.
(NOTE: Other mechanisms, such as IPv6 Neighbor Discovery, ensure that
two different nodes are incapable of using a given I-LV at the same
location, i.e., on the same link.)
While Locators are omitted from the transport-layer checksum, an
implementation SHOULD use Locator values to distinguish between
correspondents coincidentally using the same Identifier value (e.g.,
due to deployment of Local-scope Identifier values) when
demultiplexing to determine which application(s) should receive the
user data delivered by the transport-layer protocol.
<span class="h2"><a class="selflink" id="section-6" href="#section-6">6</a>. Handling Location/Connectivity Changes</span>
In normal operation, an ILNP node uses the DNS for initial rendezvous
in setting up ILNP sessions. The use of DNS for initial rendezvous
with mobile nodes was earlier proposed by others [<a href="#ref-PHG02" title=""Mobile Host Location Tracking through DNS"">PHG02</a>] and then
separately reinvented by the current authors later on.
<span class="h3"><a class="selflink" id="section-6.1" href="#section-6.1">6.1</a>. Node Location/Connectivity Changes</span>
To handle the move of a node or a change to the upstream connectivity
of a multihomed node, we add a new ICMP control message [<a href="./rfc6745" title=""ICMP Locator Update Message for the Identifier-Locator Network Protocol for IPv4 (ILNPv4)"">RFC6745</a>]
[<a href="./rfc6743" title=""ICMPv6 Locator Update Message"">RFC6743</a>]. The ICMP Locator Update (LU) message is used by a node to
inform its existing CNs that the set of valid Locators for the node
has changed. This mechanism can be used to add newly valid Locators,
to remove no longer valid Locators, or to do both at the same time.
The LU mechanism is analogous to the Binding Update mechanism in
Mobile IPv6, but in ILNP, such messages are used any time Locator
value changes need to be notified to CNs, e.g., for multihomed hosts
as well as for mobile hosts.
Further, if the node wishes to be able to receive new incoming ILNP
sessions, the node normally uses Secure Dynamic DNS Update [<a href="./rfc3007" title=""Secure Domain Name System (DNS) Dynamic Update"">RFC3007</a>]
to ensure that a correct set of Locator values are present in the
<span class="grey">Atkinson & Bhatti Experimental [Page 16]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-17" ></span>
<span class="grey"><a href="./rfc6741">RFC 6741</a> ILNP Engineering November 2012</span>
appropriate DNS records (i.e., L32, L64) in the DNS for that node
[<a href="./rfc6742" title=""DNS Resource Records for the Identifier-Locator Network Protocol (ILNP)"">RFC6742</a>]. This enables any new correspondents to correctly initiate
a new ILNP session with the node at its new location.
While the Locator Update control message could be an entirely new
protocol running over UDP, for example, there is no obvious advantage
to creating a new protocol rather than using a new ICMP message. So
ILNP defines a new ICMP Locator Update message for both IPv4 and
IPv6.
<span class="h3"><a class="selflink" id="section-6.2" href="#section-6.2">6.2</a>. Network Connectivity/Locator Changes</span>
As a DNS performance optimisation, the LP DNS resource record MAY be
used to avoid requiring each node on a subnetwork to update its DNS
L64 record entries when that subnetwork's location (e.g., upstream
connectivity) changes [<a href="./rfc6742" title=""DNS Resource Records for the Identifier-Locator Network Protocol (ILNP)"">RFC6742</a>]. This can reduce the number of DNS
updates required when a subnetwork moves from Order (number of nodes
on subnetwork) to Order(1).
In this case, the nodes on the subnetwork each would have an LP
record pointing to a common FQDN used to name that subnetwork. In
turn, that subnetwork's domain name would have one or more L64
record(s) in the DNS. Since the contents of an LP record are stable,
relatively long DNS TTL values can be associated with these records
facilitating DNS caching. By contrast, the DNS TTL of an L32 or L64
record for a mobile or multihomed node should be small. Experimental
work at the University of St Andrews indicates that the DNS continues
to work well even with very low (e.g., zero) DNS TTL values [<a href="#ref-BA11" title=""Reducing DNS Caching"">BA11</a>].
Correspondents of a node on a mobile subnetwork using this DNS
performance optimisation would initially perform a normal FQDN lookup
for a node. If that lookup returned another FQDN in an LP record as
additional data, then the correspondent would perform a lookup on
that FQDN and expect an L32 or L64 record returned as additional
data, in order to learn the Locator value to use to reach that target
node. (Of course, a lookup that did not return any ILNP-related DNS
records would result in an ordinary IPv4 session or ordinary IPv6
session being initiated, instead.)
<span class="h2"><a class="selflink" id="section-7" href="#section-7">7</a>. Subnetting</span>
For ILNPv4 and ILNPv6, the Locator value includes the subnetting
information, as that also is topological information. As well as
being architecturally correct, the placement of subnetting as part of
the Locator is also convenient from an engineering point of view in
both IPv4 and IPv6.
<span class="grey">Atkinson & Bhatti Experimental [Page 17]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-18" ></span>
<span class="grey"><a href="./rfc6741">RFC 6741</a> ILNP Engineering November 2012</span>
We consider that a Locator value, L consists of two parts:
- L_pp: the Locator prefix part, which occupies the most significant
bits in the address (for both ILNPv4 and ILNPv6).
- L_ss: Locator subnetwork selector, which occupies bits just after
the L_pp.
For each of ILNPv4 and ILNPv6, L_pp gets its value from the provider-
assigned routing prefix for IPv4 and IPv6, respectively. For L_ss,
in each case of ILNPv4 and ILNPv6, the L_ss bits are located in the
part of the address space which you might expect them to be located
if IPv4 or IPv6 addresses were being used, respectively.
<span class="h3"><a class="selflink" id="section-7.1" href="#section-7.1">7.1</a>. Subnetting for ILNPv6</span>
For ILNPv6, recall that the Locator value is encoded to be
syntactically similar to an IPv6 address prefix, as shown in Figure
7.1.
/* IPv6 */
| 3 | 45 bits | 16 bits | 64 bits |
+---+---------------------+-----------+-------------------------+
|001|global routing prefix| subnet ID | Interface Identifier |
+---+---------------------+-----------+-------------------------+
/* ILNPv6 */
| 64 bits | 64 bits |
+---+---------------------+-----------+-------------------------+
| Locator (L64) | Node Identifier (NID) |
+---+---------------------+-----------+-------------------------+
+<-------- L_pp --------->+<- L_ss -->+
L_pp = Locator prefix part (assigned IPv6 prefix)
L_ss = Locator subnet selector (locally managed subnet ID)
Figure 7.1: IPv6 Address Format [<a href="./rfc3587" title=""IPv6 Global Unicast Address Format"">RFC3587</a>] as Used in ILNPv6,
Showing How Subnets Can Be Identified
Note that the subnet ID forms part of the Locator value. Note also
that [<a href="./rfc6177" title=""IPv6 Address Assignment to End Sites"">RFC6177</a>] allows the global routing prefix to be more than 45
bits, and for the subnet ID to be smaller, but still preserving the
64-bit size of the Locator.
<span class="grey">Atkinson & Bhatti Experimental [Page 18]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-19" ></span>
<span class="grey"><a href="./rfc6741">RFC 6741</a> ILNP Engineering November 2012</span>
<span class="h3"><a class="selflink" id="section-7.2" href="#section-7.2">7.2</a>. Subnetting for ILNPv4</span>
For ILNPv4, the L_pp value is an IPv4 routing prefix as used today,
which is typically less than 32 bits. However, the ILNPv4 Locator
value is carried in the 32-bit IP Address space, so the bits not used
for the routing prefix could be used for L_ss, e.g., for a /24 IPv4
prefix, the situation would be as shown in Figure 7.2.
24 bits 8 bits
+------------------------+----------+
| Locator (L32) |
+------------------------+----------+
+<------- L_pp --------->+<- L_ss ->+
L_pp = Locator prefix part (assigned IPv4 prefix)
L_ss = Locator subnet selector (locally managed subnet ID)
Figure 7.2: IPv4 Address Format for /24 IPv4 Prefix, as Used in
ILNPv4, Showing How Subnets Can Be Identified
Note that the L_ss occupies bits that in an IPv4 address would
normally be the host part of the address, which the site network
could use for subnetting in any case.
<span class="h3"><a class="selflink" id="section-7.3" href="#section-7.3">7.3</a>. Subnetting for Router-Router Links in IPv6/ILNPv6</span>
There is a special case of /127 prefixes used in router-router,
point-to-point links for IPv6 [<a href="./rfc6164" title=""Using 127-Bit IPv6 Prefixes on Inter-Router Links"">RFC6164</a>]. ILNPv6 does not preclude
such use.
<span class="h2"><a class="selflink" id="section-8" href="#section-8">8</a>. DNS Considerations</span>
ILNP makes use of DNS for name resolution, as does IP. Unlike IP,
ILNP also uses DNS to support features such as mobility and
multihoming. While such usage is appropriate use of the DNS, it is
important to discuss operational and engineering issues that may
impact DNS usage.
<span class="h3"><a class="selflink" id="section-8.1" href="#section-8.1">8.1</a>. Secure Dynamic DNS Update</span>
When a host that expects incoming connections changes one or more of
its Locator values, the host normally uses the IETF Secure Dynamic
DNS Update protocol [<a href="./rfc3007" title=""Secure Domain Name System (DNS) Dynamic Update"">RFC3007</a>] to update the set of currently valid
Locator values associated with its FQDN. This ensures that the
authoritative DNS server for its FQDN will be able to generate an
accurate set of Locator values if the DNS server receives DNS name
resolution request for its FQDN.
<span class="grey">Atkinson & Bhatti Experimental [Page 19]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-20" ></span>
<span class="grey"><a href="./rfc6741">RFC 6741</a> ILNP Engineering November 2012</span>
Liu and Albitz [<a href="#ref-LA06" title=""DNS and Bind"">LA06</a>] report that Secure Dynamic DNS Update has been
supported on the client-side for several years now in widely deployed
operating systems (e.g., MS Windows, Apple Mac OS X, UNIX, and Linux)
and also in DNS server software (e.g., BIND). Publicly available
product data sheets indicate that some other DNS server software
packages, such as that from Nominum, also support this capability.
For example, Microsoft Windows XP (and later versions), the freely
distributable BIND DNS software package (used in Apple Mac OS X and
in most UNIX systems), and the commercial Nominum DNS server all
implement support for Secure Dynamic DNS Update and are known to
interoperate [<a href="#ref-LA06" title=""DNS and Bind"">LA06</a>]. There are credible reports that when a site
deploys Microsoft's Active Directory, the site (silently)
automatically deploys Secure Dynamic DNS Update [<a href="#ref-LA06" title=""DNS and Bind"">LA06</a>]. So, many
sites have already deployed Secure Dynamic DNS Update even though
they are not actively using it (and might not be aware they have
already deployed that protocol) [<a href="#ref-LA06" title=""DNS and Bind"">LA06</a>].
So DNS update via Secure Dynamic DNS Update is not only standards-
based, but also readily available in widely deployed systems today.
<span class="h3"><a class="selflink" id="section-8.2" href="#section-8.2">8.2</a>. New DNS RR Types</span>
As part of this proposal, additional DNS resource records have been
proposed in a separate document [<a href="./rfc6742" title=""DNS Resource Records for the Identifier-Locator Network Protocol (ILNP)"">RFC6742</a>]. These new records are
summarised in Table 6.1.
new DNS RR type | Purpose
-----------------+------------------------------------------------
NID | store the value of a Node Identifier
L32 | store the value of a 32-bit Locator for ILNPv4
L64 | store the value of a 64-bit Locator for ILNPv6
LP | points to a (several) L32 and/or L64 record(s)
-----------------+------------------------------------------------
Table 6.1. Summary of new DNS RR Types for ILNP
With this proposal, mobile or multihomed nodes and sites are expected
to use the existing "Secure Dynamic DNS Update" protocol to keep
their Node Identifier (NID) and Locator (L32 and/or L43) records
correct in their authoritative DNS server(s) [<a href="./rfc3007" title=""Secure Domain Name System (DNS) Dynamic Update"">RFC3007</a>] [<a href="./rfc6742" title=""DNS Resource Records for the Identifier-Locator Network Protocol (ILNP)"">RFC6742</a>].
Reverse DNS lookups, to find a node's FQDN from the combination of a
Locator and related Identifier value, can be performed as at present.
<span class="grey">Atkinson & Bhatti Experimental [Page 20]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-21" ></span>
<span class="grey"><a href="./rfc6741">RFC 6741</a> ILNP Engineering November 2012</span>
<span class="h3"><a class="selflink" id="section-8.3" href="#section-8.3">8.3</a>. DNS TTL Values for ILNP RRS Types</span>
Existing DNS specifications require that DNS clients and DNS
resolvers honour the TTL values provided by the DNS servers. In the
context of this proposal, short DNS TTL values are assigned to
particular DNS records to ensure that the ubiquitous DNS caching
resolvers do not cache volatile values (e.g., Locator records of a
mobile node) and consequently return stale information to new
requestors.
The TTL values for L32 and L64 records may have to be relatively low
(perhaps a few seconds) in order to support mobility and multihoming.
Low TTL values may be of concern to administrators who might think
that this would reduce efficacy of DNS caching increase DNS load
significantly.
Previous research by others indicates that DNS caching is largely
ineffective, with the exception of NS records and the addresses of
DNS servers referred to by NS records [<a href="#ref-SBK02" title=""Reconsidering Internet Mobility"">SBK02</a>]. This means DNS
caching performance and DNS load will not be adversely affected by
assigning very short TTL values (down to zero) to the Locator records
of typical nodes for an edge site [<a href="#ref-BA11" title=""Reducing DNS Caching"">BA11</a>]. It also means that it is
preferable to deploy the DNS server function on nodes that have
longer DNS TTL values, rather than on nodes that have shorter DNS TTL
values.
LP records normally are stable and will have relatively long TTL
values, even if the L32 or L64 records they point to have values that
have relatively low TTL values.
Identifier values might be very long-lived (e.g., days) when they
have been generated from an IEEE MAC address on the system.
Identifier values might have a shorter lifetime (e.g., hours or
minutes) if they have been cryptographically generated [<a href="./rfc3972" title=""Cryptographically Generated Addresses (CGA)"">RFC3972</a>],
have been created by the IPv6 Privacy Extensions [<a href="./rfc4941" title=""Privacy Extensions for Stateless Address Autoconfiguration in IPv6"">RFC4941</a>], or
otherwise have the EUI-64 scope bit set to "local-scope". Note that
when ILNP is used, the cryptographic generation method described in
<a href="./rfc3972">RFC 3972</a> is used only for the Identifier, omitting the Locator,
thereby preserving roaming capability. Note that a given ILNP
session normally will use a single Identifier value for the lifetime
of that ILNP session.
<span class="h3"><a class="selflink" id="section-8.4" href="#section-8.4">8.4</a>. IP/ILNP Dual Operation and Transition</span>
During a long transition period, a node that is ILNP-capable SHOULD
have not only NID and L32/L64 (or NID and LP) records present in its
authoritative DNS server but also SHOULD have A/AAAA records in the
DNS for the benefit of non-upgraded nodes. Then, when any CN
<span class="grey">Atkinson & Bhatti Experimental [Page 21]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-22" ></span>
<span class="grey"><a href="./rfc6741">RFC 6741</a> ILNP Engineering November 2012</span>
performs an FQDN lookup for that node, it will receive the A/AAAA
with the appropriate NID, L32/L64 records, and/or LP records as
"additional data".
Existing DNS specifications require that a DNS resolver or DNS client
ignore unrecognised DNS record types. So, gratuitously appending NID
and Locator (i.e., L32, L64, or LP) records as "additional data" in
DNS responses to A/AAAA queries ought not to create any operational
issues. So, IP only nodes would use the A/AAAA RRs, but ILNP-capable
nodes would be able to use the NID, L32/L64 and/or LP records are
required.
There is nothing to prevent this capability being implemented
strictly inside a DNS server, whereby the DNS server synthesises a
set of A/AAAA records to advertise from the NID and Locator (i.e.,
L32, L64, or LP) values that the node has kept updated in that DNS
server. Indeed, such a capability may be desirable, reducing the
amount of manual configuration required for a site, and reducing the
potential for errors as the A/AAAA records would be automatically
generated.
<span class="h2"><a class="selflink" id="section-9" href="#section-9">9</a>. IP Security for ILNP</span>
The primary conceptual difference from ordinary IP security (IPsec)
is that ILNP IP Security omits all use of, and all reference to,
Locator values. This leads to several small, but important, changes
to IPsec when it is used with ILNP sessions.
<span class="h3"><a class="selflink" id="section-9.1" href="#section-9.1">9.1</a>. IPsec Security Association Enhancements for ILNP</span>
IPsec Security Associations for ILNP only include the Identifier
values for the endpoints, and omit the Locator values. As an
implementation detail, ILNP implementations MUST be able to
distinguish between different Security Associations with ILNP
correspondents (at different locations, with different ILNP Nonce
values in use) that happen to use the same Identifier values (e.g.,
due to an inadvertent Identifier collision when using identifier
values generated by using the IPv6 Privacy Addressing extension).
One possible way to distinguish between such different ILNP sessions
is to maintain a mapping between the IPsec Security Association
Database (SAD) entry and the corresponding ILCC entry.
Consistent with this enhancement to the definition of an IPsec
Security Association, when processing received IPsec packets
associated with an ILNP session, ILNP implementations ignore the
Locator bits of the received packet and only consider the Identifier
bits. This means, for example, that if an ILNP correspondent node
<span class="grey">Atkinson & Bhatti Experimental [Page 22]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-23" ></span>
<span class="grey"><a href="./rfc6741">RFC 6741</a> ILNP Engineering November 2012</span>
moves to a different subnetwork, and thus is using a different Source
Locator in the header of its ILNP IPsec packets, the ILNP session
will continue to work and will continue to be secure.
Since implementations of ILNP are also required to support IP,
implementers need to ensure that ILNP IPsec Security Associations can
be distinguished from ordinary IPsec Security Associations. The
details of this are left to the implementer. As an example, one
possible implementation strategy would be to retain a single IPsec
Security Association Database (SAD), but add an internal flag bit to
each entry of that IPsec SAD to indicate whether ILNP is in use for
that particular IPsec Security Association.
<span class="h3"><a class="selflink" id="section-9.2" href="#section-9.2">9.2</a>. IP Authentication Header Enhancements for ILNP</span>
Similarly, for an ILNP session using IPsec, the IPsec Authentication
Header (AH) only includes the Identifier values for the endpoints in
its authentication calculations, and it omits the Source Locator and
Destination Locator fields from its authentication calculations.
This enables IPsec AH to work well even when used with ILNP localised
numbering [<a href="./rfc6748" title=""Optional Advanced Deployment Scenarios for the Identifier-Locator Network Protocol (ILNP)"">RFC6748</a>] or other situations where a Locator value might
change while the packet travels from origin to destination.
<span class="h3"><a class="selflink" id="section-9.3" href="#section-9.3">9.3</a>. Key Management Considerations</span>
In order to distinguish at the network-layer between multiple ILNP
nodes that happen to be using the same Node Identifier values (e.g.,
because the identifier values were generated using the IPv6 Privacy
Addressing method), key management packets being used to set up an
ILNP IPsec session MUST include the ILNP Nonce Option.
Similarly, key management protocols used with IPsec are enhanced to
deprecate use of IP Addresses as identifiers and to substitute the
use of the new Node Identifier values for that purpose. This results
in an ILNP IPsec Security Association that is independent of the
Locator values that might be used.
For ILNPv6 implementations, the ILNP Node Identifier (64-bits) is
smaller than the IPv6 Address (128-bits). So support for ILNPv6
IPsec is accomplished by zeroing the upper-64 bits of the IPv6
Address fields in the application-layer key management protocol,
while retaining the Node Identifier value in the lower-64 bits of the
application-layer key management protocol.
<span class="grey">Atkinson & Bhatti Experimental [Page 23]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-24" ></span>
<span class="grey"><a href="./rfc6741">RFC 6741</a> ILNP Engineering November 2012</span>
For ILNPv4 implementations, enhancements to the key management
protocol likely will be needed, because existing key management
protocols rely on 32-bit IPv4 addresses, while ILNP Node Identifiers
are 64-bits. Such enhancements are beyond the scope of this
specification.
<span class="h2"><a class="selflink" id="section-10" href="#section-10">10</a>. Backwards Compatibility and Incremental Deployment</span>
Experience with IPv6 deployment over the past many years has shown
that it is important for any new network protocol to provide
backwards compatibility with the deployed IP base and should be
incrementally deployable, ideally requiring modification of only
those nodes that wish to use ILNP and not requiring the modification
of nodes that do not intend to use ILNP. The two instances of ILNP,
ILNPv4 and ILNPv6, are intended to be, respectively, backwards
compatible with, and incrementally deployable on, the existing IPv4
and IPv6 installed bases. Indeed, ILNPv4 and ILNPv6 can each be
seen, from an engineering viewpoint, as supersets of the IPv4 and
IPv6, respectively.
However, in some cases, ILNP introduces functions that supersede
equivalent functions available in IP. For example, ILNP has a
mobility model, and so it does not need to use the models for Mobile
IPv4 or Mobile IPv6.
As ILNP changes, the use of end-to-end namespaces, for the most part,
it is only end-systems that need to be modified. However, in order
to leverage existing engineering (e.g., existing protocols), in some
cases, there is a compromise, and these are highlighted in this
section.
<span class="h3"><a class="selflink" id="section-10.1" href="#section-10.1">10.1</a>. Priorities in the Design of ILNPv6 and ILNPv4</span>
In the engineering design of ILNPv6 and ILNPv4, we have used the
following priorities. In some ways, this choice is arbitrary, and it
may be equally valid to "invert" these priorities for a different
architectural and engineering design.
1. Infrastructure
As much of the deployed IP network infrastructure should be used
without change. That is, routers and switches should require minimal
or zero modifications in order to run ILNP. As much as possible of
the existing installed base of core protocols should be reused.
<span class="grey">Atkinson & Bhatti Experimental [Page 24]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-25" ></span>
<span class="grey"><a href="./rfc6741">RFC 6741</a> ILNP Engineering November 2012</span>
2. Core protocols
As much of the deployed network control protocols, such as routing,
should be used without change. That is, existing routing protocols
and switch configuration should require minimal or zero modifications
in order to run ILNP.
3. Scope of end-system changes
Any nodes that do not need to run ILNP should not need to be
upgraded. It should be possible to have a site network that has a
mix of IP-only and ILNP-capable nodes without any changes required to
the IP-only nodes.
4. Applications
There should be minimal impact on applications, even though ILNP
requires end-to-end protocols to be upgraded. Indeed, for those
applications that are "well behaved" (e.g., do not use IP Address
values directly for application state or application configuration),
there should be little or no effort required in enabling them to
operate over ILNP.
Each of these items is discussed in its own section below.
<span class="h3"><a class="selflink" id="section-10.2" href="#section-10.2">10.2</a>. Infrastructure</span>
ILNP is designed to be deployed on existing infrastructure. No new
infrastructure is required to run ILNP as it will be implemented as a
software upgrade impacting only end-to-end protocols. Existing
routing protocols can be reused: no new routing protocols are
required. This means that network operators and service providers do
not need to learn about, test, and deploy new protocols, or change
the structure of their network in order for ILNP to be deployed.
Exceptionally, edge routers supporting ILNPv4 hosts will need to
support an enhanced version of ARP.
<span class="h3"><a class="selflink" id="section-10.3" href="#section-10.3">10.3</a>. Core Protocols</span>
Existing routing and other control protocols should not need to
change in devices such as switches and routers. We believe this to
be true for ILNPv6. However, for ILNPv4, we believe that ARP will
need to be enhanced in edge routers (or Layer 3 switches) that
support ILNPv4 hosts. Backbone and transit routers still ought not
require changes for either ILNPv4 or ILNPv6.
<span class="grey">Atkinson & Bhatti Experimental [Page 25]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-26" ></span>
<span class="grey"><a href="./rfc6741">RFC 6741</a> ILNP Engineering November 2012</span>
For both ILNPv4 and ILNPv6, the basic packet format for packets
reuses that format that is seen by routers for IPv4 and IPv6,
respectively. Specifically, as the ILNP Locator value is always a
routing prefix (either IPv4 or IPv6), routing protocols should work
unchanged.
Both ILNPv4 and ILNPv6 introduce new header options (e.g., Nonce
Option messages) and ICMP messages (e.g., Locator Update messages)
that are used to enable end-to-end signalling. For packet
forwarding, depending on the forwarding policies used by some
providers or site border routers, there may need to be modifications
to those policies to allow the new header options and new ICMP
messages to be forwarded. However, as the header options and new
ICMP messages are end-to-end, such modifications are likely to be in
configuration files (or firewall policy on edge routers), as core
routers do NOT need to parse and act upon the information contained
in the header options or ICMP messages.
<span class="h3"><a class="selflink" id="section-10.4" href="#section-10.4">10.4</a>. Scope of End-System Changes</span>
Only end-systems that need to use ILNP need to be updated in order
for ILNP to be used at a site.
There are three exceptions to this statement as follows:
a) ILNPv4 ARP: as the Identifier value for IPv4 cannot fit into the
normal 20-byte IPv4 packet header (a header extension is used),
ARP must be modified. This only impacts end-systems that use
ILNPv4 and those switches or site border routers that are the
first hop from an ILNPv4 node. For ILNPv6, as the I and L values
fit into the existing basic IPv6 packet, IPv6 Neighbour Discovery
can operate without modification.
b) Use of IP NAT: Where IP NAT or NAPT is in use for a site, existing
NAT/NAPT device will rewrite address fields in ILNPv4 packets or
ILNPv6 packets. To avoid this, the NAT should either (i) be
configured to allow the pass-through of packets originating from
ILNP-capable nodes (e.g., by filtering on source address fields in
the IP header); or (ii) should be enhanced to recognise ILNPv4 or
ILNPv6 packets (e.g., by looking for the ILNP Nonce Option).
c) Site Border Routers (SBRs) in ILNP Advanced Deployment scenarios:
There are options to use an ILNP-capable Site Border Router (SBR)
as described in another document [<a href="./rfc6748" title=""Optional Advanced Deployment Scenarios for the Identifier-Locator Network Protocol (ILNP)"">RFC6748</a>]. In such scenarios,
the SBR(s) need to be ILNP-capable.
<span class="grey">Atkinson & Bhatti Experimental [Page 26]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-27" ></span>
<span class="grey"><a href="./rfc6741">RFC 6741</a> ILNP Engineering November 2012</span>
Other than these exceptions, it is entirely possible to have a site
that uses a mix of IP and ILNP nodes and requires no changes to nodes
other than the nodes that wish to use ILNP. For example, if a user
on a site wishes to have his laptop use ILNPv6, only that laptop
would need to have an upgraded stack: no other devices (end-systems,
Layer 2 switches or routers) at that site would need to be upgraded.
<span class="h3"><a class="selflink" id="section-10.5" href="#section-10.5">10.5</a>. Applications</span>
As noted, in the Architecture Description [<a href="./rfc6740" title=""Identifier-Locator Network Protocol (ILNP) Architectural Description"">RFC6740</a>], those
applications that do not use IP Address values in application state
or configuration data are considered to be "well behaved".
Applications that work today through a NAT or Network Address Port
Translation (NAPT) device without application-specific support are
also considered "well behaved". Such applications might use DNS
FQDNs or application-specific name spaces. (Note Well: application-
specific name spaces should not be derived from IP Address values.)
For well-behaved applications, replacing IP with ILNP should have no
impact. That is, well-behaved applications should work unmodified
over ILNP.
Those applications that directly use IP Address values in application
state or configuration will need to be modified for operation over
ILNP. Examples of such applications include the following:
- FTP: which uses IP Address values in the application-layer
protocol. In practice, use of Secure Copy (SCP) is growing, while
use of FTP is either flat or declining, in part due to the improved
security provided by SCP.
- SNMP: which uses IP Address values in MIB definitions, and values
derived from IP Address values in SNMP object names.
Further experimentation in this area is planned to validate these
details.
<span class="h3"><a class="selflink" id="section-10.6" href="#section-10.6">10.6</a>. Interworking between IP and ILNP</span>
A related topic is interworking: for example, how would an IPv6 node
communicate with an ILNPv6 node? Currently, we make the assumption
that ILNP nodes "drop down" to using IP when communicating with a
non-ILNP capable node, i.e., there is no interworking as such. In
the future, it may be beneficial to define interworking scenarios
that do not rely on having ILNP nodes fall back to IP, for example,
by the use of suitable protocol translation gateways or middleboxes.
<span class="grey">Atkinson & Bhatti Experimental [Page 27]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-28" ></span>
<span class="grey"><a href="./rfc6741">RFC 6741</a> ILNP Engineering November 2012</span>
For now, a simplified summary of the process for interaction between
ILNP hosts and non-ILNP hosts is as follows:
a) For a host initiating communication using DNS, the resolution of
the FQDN for the remote host will return at least one NID record
and at least one of an L32 record (for ILNPv4) or an L64 record
(for ILNPv6). Then, the host knows that the remote host supports
ILNP.
b) When a host has I and L values for a remote host, the initial
packet to initiate communication MUST contain a Nonce Header
[<a href="./rfc6746" title=""IPv4 Options for the Identifier-Locator Network Protocol (ILNP)"">RFC6746</a>] [<a href="./rfc6744" title=""IPv6 Nonce Destination Option for the Identifier-Locator Network Protocol for IPv6 (ILNPv6)"">RFC6744</a>] that indicates to the remote host that this
packet is attempting to set up an ILNP session.
c) When a receiving host sees a Nonce Header, if it DOES support ILNP
it will proceed to set up an ILNP session.
d) When a receiving host sees a Nonce Header, if it DOES NOT support
ILNP, it will reject the packet and this will be indicated to the
sender through an ICMP message [<a href="./rfc6743" title=""ICMPv6 Locator Update Message"">RFC6743</a>] [<a href="./rfc6745" title=""ICMP Locator Update Message for the Identifier-Locator Network Protocol for IPv4 (ILNPv4)"">RFC6745</a>]. Upon
receiving the ICMP messages, the sender will re-initiate
communication using standard IPv4 or IPv6.
Many observers in the community expect IPv4 to remain in place for a
long time even though IPv6 has been available for over a decade.
With a similar anticipation, it is likely that in the future there
will be a mixed environment of both IP and ILNP hosts. Until there
is a better understanding of the deployment and usage scenarios that
will develop, it is not clear what interworking scenarios would be
useful to define and focus on between IP and ILNP.
<span class="h2"><a class="selflink" id="section-11" href="#section-11">11</a>. Security Considerations</span>
There are numerous security considerations for ILNP from an
engineering viewpoint. Overall, ILNP and its capabilities are no
less secure than IP and equivalent IP capabilities. In some cases,
ILNP has the potential to be more secure, or offer security
capability in a more harmonised manner, for example, with ILNP's use
of IPsec in conjunction with multihoming and mobility. [<a href="./rfc6740" title=""Identifier-Locator Network Protocol (ILNP) Architectural Description"">RFC6740</a>]
describes several security considerations that apply to ILNP and is
included here by reference.
ILNP offers an enhanced version of IP security (IPsec). The details
of IP Security for ILNP were described separately above. All ILNP
implementations MUST support the use of the IP Authentication Header
(AH) for ILNP and also the IP Encapsulating Security Payload (ESP)
for ILNP, but deployment and use of IPsec for ILNP remains a matter
for local operational security policy.
<span class="grey">Atkinson & Bhatti Experimental [Page 28]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-29" ></span>
<span class="grey"><a href="./rfc6741">RFC 6741</a> ILNP Engineering November 2012</span>
<span class="h3"><a class="selflink" id="section-11.1" href="#section-11.1">11.1</a>. Authenticating ICMP Messages</span>
Separate documents propose a new IPv4 Option [<a href="./rfc6746" title=""IPv4 Options for the Identifier-Locator Network Protocol (ILNP)"">RFC6746</a>] and a new IPv6
Destination Option [<a href="./rfc6744" title=""IPv6 Nonce Destination Option for the Identifier-Locator Network Protocol for IPv6 (ILNPv6)"">RFC6744</a>]. Each of these options can be used to
carry an ILNP Nonce value end-to-end between communicating nodes.
That nonce provides protection against off-path attacks on an ILNP
session. These ILNP Nonce Options are used ONLY for ILNP and not for
IP. The nonce values are exchanged in the initial packets of an ILNP
session by including them in those initial/handshake packets.
ALL ICMP Locator Update messages MUST include an ILNP Nonce Option
and MUST include the correct ILNP Nonce value for the claimed sender
and intended recipient of that ICMP Locator Update message. There
are no exceptions to this rule. ICMP Locator Update messages MAY be
protected by IPsec, but they still MUST include an ILNP Nonce Option
and the ILNP Nonce Option still MUST include the correct ILNP Nonce
value.
When a node has an active ILNP session, and that node changes its
Locator set, it SHOULD include the appropriate ILNP Nonce Option in
the first few data packets sent using a new Locator value so that the
recipient can validate the received data packets as valid (despite
having an unexpected Source Locator value).
Any ILNP Locator Update messages received without an ILNP Nonce
Option MUST be discarded as forgeries.
Any ILNP Locator Update messages received with an ILNP Nonce Option,
but that do NOT have the correct ILNP Nonce value inside the ILNP
Nonce Option, MUST be discarded as forgeries.
When the claimed sender of an ICMP message is known to be a current
ILNP correspondent of the recipient (e.g., has a valid, non-expired,
ILCC entry), then any ICMP error messages from that claimed sender
MUST include the ILNP Nonce Option and MUST include the correct ILNP
Nonce value (i.e., correct for that sender recipient pair) in that
ILNP Nonce Option.
When the claimed sender of an ICMP error message is known to be a
current ILNP correspondent of the recipient (e.g., has a valid, non-
expired, ILCC entry), then any ICMP error messages from that claimed
sender that are received without an ILNP Nonce Option MUST be
discarded as forgeries.
When the claimed sender of an ICMP error message is known to be a
current ILNP correspondent of the recipient (e.g., has a valid, non-
expired, ILCC entry), then any ICMP error messages from that claimed
<span class="grey">Atkinson & Bhatti Experimental [Page 29]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-30" ></span>
<span class="grey"><a href="./rfc6741">RFC 6741</a> ILNP Engineering November 2012</span>
sender that contain an ILNP Nonce Option, but that do NOT have the
correct ILNP Nonce value inside the ILNP Nonce Option, MUST be
discarded as forgeries.
ICMP messages (not including ICMP Locator Update messages) with a
claimed sender that is NOT known to be a current ILNP correspondent
of the recipient (e.g., does not have a valid, non-expired, ILCC
entry) MAY include the ILNP Nonce Option, but, in this case, the ILNP
Nonce Option is ignored by the recipient upon receipt, since the
recipient has no way to authenticate the received ILNP Nonce value.
Received ICMP messages (not including ICMP Locator Update messages)
with a claimed sender that is NOT known to be a current ILNP
correspondent of the recipient (e.g., does not have a valid, non-
expired, ILCC entry) do NOT require the ILNP Nonce Option because the
security risks are no different than for deployed IPv4 and IPv6 --
provided that the received ICMP message is not an ICMP Locator Update
message. Such ICMP messages (e.g., Destination Unreachable, Packet
Too Big) might legitimately originate in an intermediate system along
the path of an ILNP session. That intermediate system might not be
ILNP capable. Even if ILNP capable itself, that intermediate system
might not know which of the packets it forwards are part of ILNP
sessions.
When ILNP is in use, IP Security for ILNP also MAY be used to protect
stronger protections for ICMP packets associated with an ILNP
session. Even in this case, the ILNP Nonce Option also MUST be
present and MUST contain the correct ILNP Nonce value. This
simplifies packet processing and enables rapid discard of any forged
packets from an off-path attacker that lack either the ILNP Nonce
Option or the correct ILNP Nonce value -- without requiring
computationally expensive IPsec processing. Received ICMP messages
that are protected by ILNP IP Security, but fail the recipient's
IPsec checks, MUST be dropped as forgeries. If a deployment chooses
to use ILNP IPsec ESP to protect its ICMP messages and is NOT also
using ILNP IPsec AH with those messages, then the ILNP Nonce Option
MUST be placed in the ILNP packet after the ILNP IPsec ESP header,
rather than before the ILNP IPsec ESP header, to ensure that the
Nonce Option is protected in transit.
Receipt of any ICMP message that is dropped or discarded as a forgery
SHOULD cause the details of the received forged ICMP packet (e.g.,
Source and Destination Locators / Source and Destination Identifiers
/ Source and Destination IP Addresses, ICMP message type, receiving
interface, receive date, receive time) to be logged in the receiving
system's security logs. Implementations MAY rate-limit such logging
<span class="grey">Atkinson & Bhatti Experimental [Page 30]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-31" ></span>
<span class="grey"><a href="./rfc6741">RFC 6741</a> ILNP Engineering November 2012</span>
in order to reduce operational risk of denial-of-service attacks on
the system logging functions. The details of system logging are
implementation specific.
<span class="h3"><a class="selflink" id="section-11.2" href="#section-11.2">11.2</a>. Forged Identifier Attacks</span>
The ILNP Communication Cache (ILCC) contains two unidirectional nonce
values (one used in control messages sent by this node, a different
one used to authenticate messages from the other node) for each
active or recent ILNP session. The ILCC also contains the currently
valid set of Locators and set of Identifiers for each correspondent
node.
If a received ILNP packet contains valid Identifier values and a
valid Destination Locator, but contains a Source Locator value that
is not present in the ILCC, the packet MUST be dropped as an invalid
packet and a security event SHOULD be logged, UNLESS the packet also
contains a Nonce Destination Option with the correct value used for
packets from the node with that Source Identifier to this node. This
prevents an off-path attacker from stealing an existing ILNP session.
<span class="h2"><a class="selflink" id="section-12" href="#section-12">12</a>. Privacy Considerations</span>
There are no additional privacy issues created by ILNP compared to
IP. Please see <a href="./rfc6740#section-10">Section 10 of [RFC6740]</a> for more detailed discussion
of Privacy Considerations.
ILNPv6 supports use of the IPv6 Privacy Extensions for Stateless
Address Autoconfiguration in IPv6 [<a href="./rfc4941" title=""Privacy Extensions for Stateless Address Autoconfiguration in IPv6"">RFC4941</a>] to enable identity
privacy (see also <a href="#section-2">Section 2</a>).
Location Privacy can be provided by locator rewriting techniques as
described in <a href="./rfc6748#section-7">Section 7 of [RFC6748]</a>.
A description of various possibilities for obtaining both identity
privacy and location privacy with ILNP can be found in [<a href="#ref-BAK11" title=""Integrating Challenged Networks"">BAK11</a>].
<span class="h2"><a class="selflink" id="section-13" href="#section-13">13</a>. Operational Considerations</span>
This section covers various operational considerations relating to
ILNP, including potential session liveness and reachability
considerations and Key Management considerations. Again, the
situation is similar to IP, but it is useful to explain the issues in
relation to ILNP nevertheless.
<span class="grey">Atkinson & Bhatti Experimental [Page 31]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-32" ></span>
<span class="grey"><a href="./rfc6741">RFC 6741</a> ILNP Engineering November 2012</span>
<span class="h3"><a class="selflink" id="section-13.1" href="#section-13.1">13.1</a>. Session Liveness and Reachability</span>
For bidirectional flows, such as a TCP/ILNP session, each node knows
whether the current path in use is working by the reception of data
packets, acknowledgements, or both. Therefore, as with TCP/IP,
TCP/ILNP does not need special path probes. UDP/ILNP sessions with
acknowledgements work similarly and do not need special path probes.
In the deployed Internet, the sending node for a UDP/IP session
without acknowledgements does not know for certain that all packets
are received by the intended receiving node. Such UDP/ILNP sessions
have the same properties as UDP/IP sessions in this respect. The
receiver(s) of such an UDP/ILNP session SHOULD send a gratuitous IP
packet containing an ILNP Nonce Option to the sender, in order to
enable the receiver to subsequently send ICMP Locator Updates if
appropriate [<a href="./rfc6744" title=""IPv6 Nonce Destination Option for the Identifier-Locator Network Protocol for IPv6 (ILNPv6)"">RFC6744</a>]. In this case, UDP/ILNP sessions fare better
than UDP/IP sessions, still without using network path probes.
A mobile (or multihomed) node may change its connectivity more
quickly than DNS can be updated. This situation is unlikely,
particularly given the widespread use of link-layer mobility
mechanisms (e.g., GSM, IEEE 802 bridging) in combination with
network-layer mobility. However, the situation is equivalent to the
situation where a traditional IP node is moving faster than the
Mobile IPv4 or Mobile IPv6 agents/servers can be updated with the
mobile node's new location. So the issue is not new in any way to
ILNP. In all cases, Mobile IPv4 and Mobile IPv6 and ILNP, a node
moving that quickly might be temporarily unreachable until it remains
at a given network-layer location (e.g., IP subnetwork, ILNP Locator
value) long enough for the location update mechanisms (for Mobile
IPv4, for Mobile IPv6, or ILNP) to catch up.
Another potential issue for IP is what is sometimes called "Path
Liveness" or, in the case of ILNP, "Locator Liveness". This refers
to the question of whether an IP packet with a particular destination
Locator value will be able to reach the intended destination network
or not, given that some otherwise valid paths might be unusable by
the sending node (e.g., due to security policy or other
administrative choice). In fact, this issue has existed in the IPv4
Internet for decades.
For example, an IPv4 server might have multiple valid IP Addresses,
each advertised to the world via a DNS A record. However, at a given
moment in time, it is possible that a given sending node might not be
able to use a given (otherwise valid) destination IPv4 address in an
IP packet to reach that IPv4 server.
<span class="grey">Atkinson & Bhatti Experimental [Page 32]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-33" ></span>
<span class="grey"><a href="./rfc6741">RFC 6741</a> ILNP Engineering November 2012</span>
Indeed, for ILNPv6, as the ILNP packet reuses the IPv6 packet header
and uses IPv6 routing prefixes as Locator values, such liveness
considerations are no worse than they are for IPv6 today. For
example, for IPv6, if a host, H, performs a DNS lookup for an FQDN
for remote host F, and receives a AAAA RR with IPv6 address F_A, this
does not mean necessarily that H can reach F on its F_A using its
current connectivity, i.e., an IPv6 path may not be available from H
to F at that point in time.
So we see that using an Identifier/Locator Split architecture does
not create this issue, nor does it make this issue worse than it is
with the deployed IPv4 Internet.
In ILNP, the same conceptual approach described in [<a href="./rfc5534" title=""Failure Detection and Locator Pair Exploration Protocol for IPv6 Multihoming"">RFC5534</a>] (Locator
Pair Exploration for SHIM6) can be reused. Alternatively, an ILNP
node can reuse the existing IPv4 methods for determining whether a
given path to the target destination is currently usable, for which
existing methods leverage transport-layer session state information
that the communicating end systems are already keeping for transport-
layer protocol reasons.
Lastly, it is important to note that the ICMP Locator Update
mechanism described in [<a href="./rfc6743" title=""ICMPv6 Locator Update Message"">RFC6743</a>] [<a href="./rfc6745" title=""ICMP Locator Update Message for the Identifier-Locator Network Protocol for IPv4 (ILNPv4)"">RFC6745</a>] is a performance
optimisation, significantly shortening the network-layer handoff time
if/when a correspondent changes location. Architecturally, using
ICMP is no different from using UDP, of course.
<span class="h3"><a class="selflink" id="section-13.2" href="#section-13.2">13.2</a>. Key Management Considerations</span>
ILNP potentially has advantages over either form of Mobile IP with
respect to key management, given that ILNP is using Secure Dynamic
DNS Update -- which capability is much more widely available today in
deployed desktop and server environments (e.g., Microsoft Windows,
Mac OS X, Linux, other UNIX), as well as being widely available today
in deployed DNS server software (e.g., Microsoft and the freely
available BIND) and appliances [<a href="#ref-LA06" title=""DNS and Bind"">LA06</a>], than the security enhancements
needed by either Mobile IPv4 or Mobile IPv6.
In the IESG, there is work in progress that addresses use of DNS to
support key management for entities having DNS Fully Qualified Domain
Names.
<span class="h3"><a class="selflink" id="section-13.3" href="#section-13.3">13.3</a>. Point-to-Point Router Links</span>
As a special case, for the operational reasons described in
[<a href="./rfc6164" title=""Using 127-Bit IPv6 Prefixes on Inter-Router Links"">RFC6164</a>], ILNPv6 deployments MAY continue to use classic IPv6 with a
/127 routing prefix on router to router point-to-point links (e.g.,
SONET/SDH). Because an ILNPv6 packet and an IPv6 packet are
<span class="grey">Atkinson & Bhatti Experimental [Page 33]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-34" ></span>
<span class="grey"><a href="./rfc6741">RFC 6741</a> ILNP Engineering November 2012</span>
indistinguishable for forwarding purposes to a transit router, this
should not create any operational difficulty for ILNPv6 traffic
travelling over such links.
<span class="h2"><a class="selflink" id="section-14" href="#section-14">14</a>. Referrals and Application Programming Interfaces</span>
This section is concerned with support for using existing ("legacy")
applications over ILNP, including both referrals and Application
Programming Interfaces (APIs).
ILNP does NOT require that well-behaved applications be modified to
use a new networking API, nor does it require applications be
modified to use extensions to an existing API. Existing well-behaved
IP applications should work over ILNP without modification using
existing networking APIs.
<span class="h3"><a class="selflink" id="section-14.1" href="#section-14.1">14.1</a>. BSD Sockets APIs</span>
The existing BSD Sockets API can continue to be used with ILNP
underneath the API. That API can be implemented in a manner that
hides the underlying protocol changes from the applications. For
example, the combination of a Locator and an Identifier can be used
with the API in the place of an IPv6 address.
So it is believed that existing IP address referrals can continue to
work properly in most cases. For a rapidly moving target node,
referrals might break in at least some cases. The potential for
referral breakage is necessarily dependent upon the specific
application and implementation being considered.
It is suggested, however, that a new, optional, more abstract, C
language API be created so that new applications may avoid delving
into low-level details of the underlying network protocols. Such an
API would be useful today, even with the existing IPv4 and IPv6
Internet, whether or not ILNP were ever widely deployed.
<span class="h3"><a class="selflink" id="section-14.2" href="#section-14.2">14.2</a>. Java (and Other) APIs</span>
Most existing Java APIs already use abstracted network programming
interfaces, for example, in the java.Net.URL class. Because these
APIs already hide the low-level network-protocol details from the
applications, the applications using these APIs (and the APIs
themselves) don't need any modification to work equally well with
IPv4, IPv6, ILNP, and probably also HIP.
Other programming languages, such as C++, python and ruby, also
provide higher-level APIs that abstract away from sockets, even
though sockets may be used beneath those APIs.
<span class="grey">Atkinson & Bhatti Experimental [Page 34]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-35" ></span>
<span class="grey"><a href="./rfc6741">RFC 6741</a> ILNP Engineering November 2012</span>
<span class="h3"><a class="selflink" id="section-14.3" href="#section-14.3">14.3</a>. Referrals in the Future</span>
The approach proposed in [<a href="#ref-REFERRAL" title=""A Generic Referral Object for Internet Entities"">REFERRAL</a>] appears to be very suitable for
use with ILNP, in addition to being suitable for use with the
deployed Internet. Protocols using that approach would not need
modification to have their referrals work well with IPv4, IPv6, ILNP,
and probably also other network protocols (e.g., HIP).
A sensible approach to referrals is to use FQDNs, as is commonly done
today with web URLs. This approach is highly portable across
different network protocols, even with both the IPv4 Internet or the
IPv6 Internet.
<span class="h2"><a class="selflink" id="section-15" href="#section-15">15</a>. References</span>
<span class="h3"><a class="selflink" id="section-15.1" href="#section-15.1">15.1</a>. Normative References</span>
[<a id="ref-IEEE-EUI">IEEE-EUI</a>] IEEE, "Guidelines for 64-bit Global Identifier (EUI-64)
Registration Authority", <<a href="http://standards.ieee.org/regauth/oui/tutorials/EUI64.html">http://standards.ieee.org/</a>
<a href="http://standards.ieee.org/regauth/oui/tutorials/EUI64.html">regauth/oui/tutorials/EUI64.html</a>>, IEEE, Piscataway, NJ,
USA, March 1997.
[<a id="ref-RFC2119">RFC2119</a>] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", <a href="https://www.rfc-editor.org/bcp/bcp14">BCP 14</a>, <a href="./rfc2119">RFC 2119</a>, March 1997.
[<a id="ref-RFC3007">RFC3007</a>] Wellington, B., "Secure Domain Name System (DNS) Dynamic
Update", <a href="./rfc3007">RFC 3007</a>, November 2000.
[<a id="ref-RFC3177">RFC3177</a>] IAB and IESG, "IAB/IESG Recommendations on IPv6 Address
Allocations to Sites", <a href="./rfc3177">RFC 3177</a>, September 2001.
[<a id="ref-RFC3587">RFC3587</a>] Hinden, R., Deering, S., and E. Nordmark, "IPv6 Global
Unicast Address Format", <a href="./rfc3587">RFC 3587</a>, August 2003.
[<a id="ref-RFC4862">RFC4862</a>] Thomson, S., Narten, T., and T. Jinmei, "IPv6 Stateless
Address Autoconfiguration", <a href="./rfc4862">RFC 4862</a>, September 2007.
[<a id="ref-RFC4984">RFC4984</a>] Meyer, D., Ed., Zhang, L., Ed., and K. Fall, Ed.,
"Report from the IAB Workshop on Routing and
Addressing", <a href="./rfc4984">RFC 4984</a>, September 2007.
[<a id="ref-RFC6177">RFC6177</a>] Narten, T., Huston, G., and L. Roberts, "IPv6 Address
Assignment to End Sites", <a href="https://www.rfc-editor.org/bcp/bcp157">BCP 157</a>, <a href="./rfc6177">RFC 6177</a>, March 2011.
[<a id="ref-RFC6740">RFC6740</a>] Atkinson, R. and S. Bhatti, "Identifier-Locator Network
Protocol (ILNP) Architectural Description", <a href="./rfc6740">RFC 6740</a>,
November 2012.
<span class="grey">Atkinson & Bhatti Experimental [Page 35]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-36" ></span>
<span class="grey"><a href="./rfc6741">RFC 6741</a> ILNP Engineering November 2012</span>
[<a id="ref-RFC6742">RFC6742</a>] Atkinson, R., Bhatti, S. and S. Rose, "DNS Resource
Records for the Identifier-Locator Network Protocol
(ILNP)", <a href="./rfc6742">RFC 6742</a>, November 2012.
[<a id="ref-RFC6743">RFC6743</a>] Atkinson, R. and S. Bhatti, "ICMPv6 Locator Update
Message", <a href="./rfc6743">RFC 6743</a>, November 2012.
[<a id="ref-RFC6744">RFC6744</a>] Atkinson, R. and S. Bhatti, "IPv6 Nonce Destination
Option for the Identifier-Locator Network Protocol for
IPv6 (ILNPv6)", <a href="./rfc6744">RFC 6744</a>, November 2012.
[<a id="ref-RFC6745">RFC6745</a>] Atkinson, R. and S. Bhatti, "ICMP Locator Update
Message for the Identifier-Locator Network Protocol for
IPv4 (ILNPv4)", <a href="./rfc6745">RFC 6745</a>, November 2012.
[<a id="ref-RFC6746">RFC6746</a>] Atkinson, R. and S.Bhatti, "IPv4 Options for the
Identifier-Locator Network Protocol (ILNP)", <a href="./rfc6746">RFC 6746</a>,
November 2012.
[<a id="ref-RFC6747">RFC6747</a>] Atkinson, R. and S. Bhatti, "Address Resolution Protocol
(ARP) Extension for the Identifier-Locator Network
Protocol for IPv4 (ILNPv4)", <a href="./rfc6747">RFC 6747</a>, November 2012.
<span class="h3"><a class="selflink" id="section-15.2" href="#section-15.2">15.2</a>. Informative References</span>
[<a id="ref-BA11">BA11</a>] Bhatti, S. and R. Atkinson, "Reducing DNS Caching",
Proceedings of IEEE Global Internet Symposium (GI2011),
Shanghai, P.R. China, 15 April 2011.
[<a id="ref-BAK11">BAK11</a>] Bhatti, S.N., Atkinson, R., and J. Klemets, "Integrating
Challenged Networks", Proceedings of IEEE Military
Communications Conference (MILCOM), IEEE, Baltimore, MD,
USA, Nov 2011.
[<a id="ref-LA06">LA06</a>] Liu, C. and P. Albitz, "DNS and Bind", 5th Edition,
O'Reilly & Associates, Sebastopol, CA, USA, 2006. ISBN
0-596-10057-4.
[<a id="ref-PHG02">PHG02</a>] Pappas, A., Hailes, S. and R. Giaffreda, "Mobile Host
Location Tracking through DNS", Proceedings of IEEE
London Communications Symposium, IEEE, September 2002,
London, England, UK.
[<a id="ref-SBK02">SBK02</a>] Snoeren, A., Balakrishnan, H. and M. Frans Kaashoek,
"Reconsidering Internet Mobility", Proceedings of 8th
Workshop on Hot Topics in Operating Systems, IEEE,
Elmau, Germany, May 2001.
<span class="grey">Atkinson & Bhatti Experimental [Page 36]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-37" ></span>
<span class="grey"><a href="./rfc6741">RFC 6741</a> ILNP Engineering November 2012</span>
[<a id="ref-REFERRAL">REFERRAL</a>] Carpenter, B., Boucadair, M., Halpern, J., Jiang, S.,
and K. Moore, "A Generic Referral Object for Internet
Entities", Work in Progress, October 2009.
[<a id="ref-RFC826">RFC826</a>] Plummer, D., "Ethernet Address Resolution Protocol: Or
Converting Network Protocol Addresses to 48.bit Ethernet
Address for Transmission on Ethernet Hardware", STD 37,
<a href="./rfc826">RFC 826</a>, November 1982.
[<a id="ref-RFC3972">RFC3972</a>] Aura, T., "Cryptographically Generated Addresses (CGA)",
<a href="./rfc3972">RFC 3972</a>, March 2005.
[<a id="ref-RFC4291">RFC4291</a>] Hinden, R. and S. Deering, "IP Version 6 Addressing
Architecture", <a href="./rfc4291">RFC 4291</a>, February 2006.
[<a id="ref-RFC4581">RFC4581</a>] Bagnulo, M. and J. Arkko, "Cryptographically Generated
Addresses (CGA) Extension Field Format", <a href="./rfc4581">RFC 4581</a>,
October 2006.
[<a id="ref-RFC4941">RFC4941</a>] Narten, T., Draves, R., and S. Krishnan, "Privacy
Extensions for Stateless Address Autoconfiguration in
IPv6", <a href="./rfc4941">RFC 4941</a>, September 2007.
[<a id="ref-RFC4982">RFC4982</a>] Bagnulo, M. and J. Arkko, "Support for Multiple Hash
Algorithms in Cryptographically Generated Addresses
(CGAs)", <a href="./rfc4982">RFC 4982</a>, July 2007.
[<a id="ref-RFC5534">RFC5534</a>] Arkko, J. and I. van Beijnum, "Failure Detection and
Locator Pair Exploration Protocol for IPv6 Multihoming",
<a href="./rfc5534">RFC 5534</a>, June 2009.
[<a id="ref-RFC6164">RFC6164</a>] Kohno, M., Nitzan, B., Bush, R., Matsuzaki, Y., Colitti,
L., and T. Narten, "Using 127-Bit IPv6 Prefixes on
Inter-Router Links", <a href="./rfc6164">RFC 6164</a>, April 2011.
[<a id="ref-RFC6748">RFC6748</a>] Atkinson, R. and S. Bhatti, "Optional Advanced
Deployment Scenarios for the Identifier-Locator Network
Protocol (ILNP)", <a href="./rfc6748">RFC 6748</a>, November 2012.
<span class="grey">Atkinson & Bhatti Experimental [Page 37]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-38" ></span>
<span class="grey"><a href="./rfc6741">RFC 6741</a> ILNP Engineering November 2012</span>
<span class="h2"><a class="selflink" id="section-16" href="#section-16">16</a>. Acknowledgements</span>
Steve Blake, Stephane Bortzmeyer, Mohamed Boucadair, Noel Chiappa,
Wes George, Steve Hailes, Joel Halpern, Mark Handley, Volker Hilt,
Paul Jakma, Dae-Young Kim, Tony Li, Yakov Rehkter, Bruce Simpson,
Robin Whittle and John Wroclawski (in alphabetical order) provided
review and feedback on earlier versions of this document. Steve
Blake provided an especially thorough review of an early version of
the entire ILNP document set, which was extremely helpful. We also
wish to thank the anonymous reviewers of the various ILNP papers for
their feedback.
Roy Arends provided expert guidance on technical and procedural
aspects of DNS issues.
Authors' Addresses
RJ Atkinson
Consultant
San Jose, CA 95125
USA
EMail: rja.lists@gmail.com
SN Bhatti
School of Computer Science
University of St Andrews
North Haugh, St Andrews
Fife KY16 9SX
Scotland, UK
EMail: saleem@cs.st-andrews.ac.uk
Atkinson & Bhatti Experimental [Page 38]
</pre>
|
