rfc1933.txt

著名的RFC文档,其中有一些文档是已经翻译成中文的的.

   hostnames into addresses.  A new resource record type named "AAAA"
   has been defined for IPv6 addresses [6].  Since IPv6/IPv4 nodes must
   be able to interoperate directly with both IPv4 and IPv6 nodes, they
   must provide resolver libraries capable of dealing with IPv4 "A"
   records as well as IPv6 "AAAA" records.

3.2.1.  Handling Records for IPv4-Compatible Addresses

   When an IPv4-compatible IPv6 addresses is assigned to an IPv6/IPv4
   host that supports automatic tunneling, both A and AAAA records are
   listed in the DNS.  The AAAA record holds the full IPv4-compatible
   IPv6 address, while the A record holds the low-order 32-bits of that
   address.  The AAAA record is needed so that queries by IPv6 hosts can
   be satisfied.  The A record is needed so that queries by IPv4-only
   hosts, whose resolver libraries only support the A record type, will
   locate the host.

   DNS resolver libraries on IPv6/IPv4 nodes must be capable of handling
   both AAAA and A records.  However, when a query locates an AAAA
   record holding an IPv4-compatible IPv6 address, and an A record
   holding the corresponding IPv4 address, the resolver library need not
   necessarily return both addresses.  It has three options:






Gilligan & Nordmark         Standards Track                     [Page 6]

RFC 1933               IPv6 Transition Mechanisms             April 1996


   -    Return only the IPv6 address to the application.

   -    Return only the IPv4 address to the application.

   -    Return both addresses to the application.

   The selection of which address type to return in this case, or, if
   both addresses are returned, in which order they are listed, can
   affect what type of IP traffic is generated.  If the IPv6 address is
   returned, the node will communicate with that destination using IPv6
   packets (in most cases encapsulated in IPv4); If the IPv4 address is
   returned, the communication will use IPv4 packets.

   The way that DNS resolver implementations handle redundant records
   for IPv4-compatible addresses may depend on whether that
   implementation supports automatic tunneling, or whether it is
   enabled.  For example, an implementation that does not support
   automatic tunneling would not return IPv4-compatible IPv6 addresses
   to applications because those destinations are generally only
   reachable via tunneling.  On the other hand, those implementations in
   which automatic tunneling is supported and enabled may elect to
   return only the IPv4-compatible IPv6 address and not the IPv4
   address.

4. IPv6-over-IPv4 Tunneling

   In most deployment scenarios, the IPv6 routing infrastructure will be
   built up over time.  While the IPv6 infrastructure is being deployed,
   the existing IPv4 routing infrastructure can remain functional, and
   can be used to carry IPv6 traffic.  Tunneling provides a way to
   utilize an existing IPv4 routing infrastructure to carry IPv6
   traffic.

   IPv6/IPv4 hosts and routers can tunnel IPv6 datagrams over regions of
   IPv4 routing topology by encapsulating them within IPv4 packets.
   Tunneling can be used in a variety of ways:

   -    Router-to-Router.  IPv6/IPv4 routers interconnected by an IPv4
        infrastructure can tunnel IPv6 packets between themselves.  In
        this case, the tunnel spans one segment of the end-to-end path
        that the IPv6 packet takes.

   -    Host-to-Router.  IPv6/IPv4 hosts can tunnel IPv6 packets to an
        intermediary IPv6/IPv4 router that is reachable via an IPv4
        infrastructure.  This type of tunnel spans the first segment
        of the packet's end-to-end path.





Gilligan & Nordmark         Standards Track                     [Page 7]

RFC 1933               IPv6 Transition Mechanisms             April 1996


   -    Host-to-Host.  IPv6/IPv4 hosts that are interconnected by an
        IPv4 infrastructure can tunnel IPv6 packets between
        themselves.  In this case, the tunnel spans the entire
        end-to-end path that the packet takes.

   -    Router-to-Host. IPv6/IPv4 routers can tunnel IPv6 packets to
        their final destination IPv6/IPv4 host.  This tunnel spans
        only the last segment of the end-to-end path.

   Tunneling techniques are usually classified according to the
   mechanism by which the encapsulating node determines the address of
   the node at the end of the tunnel.  In the first two tunneling
   methods listed above -- router-to-router and host-to-router -- the
   IPv6 packet is being tunneled to a router.  The endpoint of this type
   of tunnel is an intermediary router which must decapsulate the IPv6
   packet and forward it on to its final destination.  When tunneling to
   a router, the endpoint of the tunnel is different from the
   destination of the packet being tunneled.  So the addresses in the
   IPv6 packet being tunneled do not provide the IPv4 address of the
   tunnel endpoint.  Instead, the tunnel endpoint address must be
   determined from configuration information on the node performing the
   tunneling.  We use the term "configured tunneling" to describe the
   type of tunneling where the endpoint is explicitly configured.

   In the last two tunneling methods -- host-to-host and router-to-host
   -- the IPv6 packet is tunneled all the way to its final destination.

   The tunnel endpoint is the node to which the IPv6 packet is
   addressed.  Since the endpoint of the tunnel is the destination of
   the IPv6 packet, the tunnel endpoint can be determined from the
   destination IPv6 address of that packet: If that address is an IPv4-
   compatible address, then the low-order 32-bits hold the IPv4 address
   of the destination node, and that can be used as the tunnel endpoint
   address.  This technique avoids the need to explicitly configure the
   tunnel endpoint address.  Deriving the tunnel endpoint address from
   the embedded IPv4 address of the packet's IPv6 address is termed
   "automatic tunneling".

   The two tunneling techniques -- automatic and configured -- differ
   primarily in how they determine the tunnel endpoint address.  Most of
   the underlying mechanisms are the same:

   -    The entry node of the tunnel (the encapsulating node) creates an
        encapsulating IPv4 header and transmits the encapsulated packet.

   -    The exit node of the tunnel (the decapsulating node) receives
        the encapsulated packet, removes the IPv4 header, updates the
        IPv6 header, and processes the received IPv6 packet.



Gilligan & Nordmark         Standards Track                     [Page 8]

RFC 1933               IPv6 Transition Mechanisms             April 1996


   -    The encapsulating node may need to maintain soft state
        information for each tunnel recording such parameters as the MTU
        of the tunnel in order to process IPv6 packets forwarded into
        the tunnel.  Since the number of tunnels that any one host or
        router may be using may grow to be quite large, this state
        information can be cached and discarded when not in use.

   The next section discusses the common mechanisms that apply to both
   types of tunneling.  Subsequent sections discuss how the tunnel
   endpoint address is determined for automatic and configured
   tunneling.

4.1. Common Tunneling Mechanisms

   The encapsulation of an IPv6 datagram in IPv4 is shown below:

                                        +-------------+
                                        |    IPv4     |
                                        |   Header    |
        +-------------+                 +-------------+
        |    IPv6     |                 |    IPv6     |
        |   Header    |                 |   Header    |
        +-------------+                 +-------------+
        |  Transport  |                 |  Transport  |
        |   Layer     |      ===>       |   Layer     |
        |   Header    |                 |   Header    |
        +-------------+                 +-------------+
        |             |                 |             |
        ~    Data     ~                 ~    Data     ~
        |             |                 |             |
        +-------------+                 +-------------+

                      Encapsulating IPv6 in IPv4

   In addition to adding an IPv4 header, the encapsulating node also has
   to handle some more complex issues:

  -     Determine when to fragment and when to report an ICMP "packet
        too big" error back to the source.

  -     How to reflect IPv4 ICMP errors from routers along the tunnel
        path back to the source as IPv6 ICMP errors.

   Those issues are discussed in the following sections.







Gilligan & Nordmark         Standards Track                     [Page 9]

RFC 1933               IPv6 Transition Mechanisms             April 1996


4.1.1.  Tunnel MTU and Fragmentation

   The encapsulating node could view encapsulation as IPv6 using IPv4 as
   a link layer with a very large MTU (65535-20 bytes to be exact; 20
   bytes "extra" are needed for the encapsulating IPv4 header).  The
   encapsulating node would need only to report IPv6 ICMP "packet too
   big" errors back to the source for packets that exceed this MTU.
   However, such a scheme would be inefficient for two reasons:

  1)    It would result in more fragmentation than needed. IPv4 layer
        fragmentation should be avoided due to the performance problems
        caused by the loss unit being smaller than the retransmission
        unit [11].

  2)    Any IPv4 fragmentation occurring inside the tunnel would have to
        be reassembled at the tunnel endpoint.  For tunnels that
        terminate at a router, this would require additional memory to
        reassemble the IPv4 fragments into a complete IPv6 packet before
        that packet could be forwarded onward.

   The fragmentation inside the tunnel can be reduced to a minimum by
   having the encapsulating node track the IPv4 Path MTU across the
   tunnel, using the IPv4 Path MTU Discovery Protocol [8] and recording
   the resulting path MTU.  The IPv6 layer in the encapsulating node can
   then view a tunnel as a link layer with an MTU equal to the IPv4 path
   MTU, minus the size of the encapsulating IPv4 header.

   Note that this does not completely eliminate IPv4 fragmentation in
   the case when the IPv4 path MTU would result in an IPv6 MTU less than
   576 bytes. (Any link layer used by IPv6 has to have an MTU of at
   least 576 bytes [4].) In this case the IPv6 layer has to "see" a link
   layer with an MTU of 576 bytes and the encapsulating node has to use
   IPv4 fragmentation in order to forward the 576 byte IPv6 packets.

   The encapsulating node can employ the following algorithm to
   determine when to forward an IPv6 packet that is larger than the
   tunnel's path MTU using IPv4 fragmentation, and when to return an
   IPv6 ICMP "packet too big" message:

        if (IPv4 path MTU - 20) is less than or equal to 576
                if packet is larger than 576 bytes
                        Send IPv6 ICMP "packet too big" with MTU = 576.
                        Drop packet.
                else
                        Encapsulate but do not set the Don't Fragment
                        flag in the IPv4 header. The resulting IPv4
                        packet might be fragmented by the IPv4 layer on
                        the encapsulating node or by some router along



Gilligan & Nordmark         Standards Track                    [Page 10]

RFC 1933               IPv6 Transition Mechanisms             April 1996


                        the IPv4 path.
                endif
        else
                if packet is larger than (IPv4 path MTU - 20)
                        Send IPv6 ICMP "packet too big" with
                        MTU = (IPv4 path MTU - 20).
                        Drop packet.
                else
                        Encapsulate and set the Don't Fragment flag
                        in the IPv4 header.
                endif
        endif

   Encapsulating nodes that have a large number of tunnels might not be
   able to store the IPv4 Path MTU for all tunnels. Such nodes can, at
   the expense of additional fragmentation in the network, avoid using
   the IPv4 Path MTU algorithm across the tunnel and instead use the MTU
   of the link layer (under IPv4) in the above algorithm instead of the
   IPv4 path MTU.

   In this case the Don't Fragment bit must not be set in the
   encapsulating IPv4 header.

4.1.2.  Hop Limit

   IPv6-over-IPv4 tunnels are modeled as "single-hop".  That is, the
   IPv6 hop limit is decremented by 1 when an IPv6 packet traverses the
   tunnel.  The single-hop model serves to hide the existence of a
   tunnel.  The tunnel is opaque to users of the network, and is not
   detectable by network diagnostic tools such as traceroute.

   The single-hop model is implemented by having the encapsulating and
   decapsulating nodes process the IPv6 hop limit field as they would if
   they were forwarding a packet on to any other datalink.  That is,
   they decrement the hop limit by 1 when forwarding an IPv6 packet.
   (The originating node and final destination do not decrement the hop
   limit.)

   The TTL of the encapsulating IPv4 header is selected in an
   implementation dependent manner.  The current suggested value is
   published in the "Assigned Numbers RFC.  Implementations may provide
   a mechanism to allow the administrator to configure the IPv4 TTL.

4.1.3. Handling IPv4 ICMP errors

   In response to encapsulated packets it has sent into the tunnel, the
   encapsulating node may receive IPv4 ICMP error messages from IPv4
   routers inside the tunnel.  These packets are addressed to the



Gilligan & Nordmark         Standards Track                    [Page 11]