rfc4193.txt

来自「非常好的dns解析软件」· 文本 代码 · 共 900 行 · 第 1/3 页

Network Working Group                                          R. Hinden
Request for Comments: 4193                                         Nokia
Category: Standards Track                                    B. Haberman
                                                                 JHU-APL
                                                            October 2005


                  Unique Local IPv6 Unicast Addresses

Status of This Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2005).

Abstract

   This document defines an IPv6 unicast address format that is globally
   unique and is intended for local communications, usually inside of a
   site.  These addresses are not expected to be routable on the global
   Internet.

Table of Contents

   1. Introduction ....................................................2
   2. Acknowledgements ................................................3
   3. Local IPv6 Unicast Addresses ....................................3
      3.1. Format .....................................................3
           3.1.1. Background ..........................................4
      3.2. Global ID ..................................................4
           3.2.1. Locally Assigned Global IDs .........................5
           3.2.2. Sample Code for Pseudo-Random Global ID Algorithm ...5
           3.2.3. Analysis of the Uniqueness of Global IDs ............6
      3.3. Scope Definition ...........................................6
   4. Operational Guidelines ..........................................7
      4.1. Routing ....................................................7
      4.2. Renumbering and Site Merging ...............................7
      4.3. Site Border Router and Firewall Packet Filtering ...........8
      4.4. DNS Issues .................................................8
      4.5. Application and Higher Level Protocol Issues ...............9
      4.6. Use of Local IPv6 Addresses for Local Communication ........9
      4.7. Use of Local IPv6 Addresses with VPNs .....................10



Hinden & Haberman           Standards Track                     [Page 1]

RFC 4193          Unique Local IPv6 Unicast Addresses       October 2005


   5. Global Routing Considerations ..................................11
      5.1. From the Standpoint of the Internet .......................11
      5.2. From the Standpoint of a Site .............................11
   6. Advantages and Disadvantages ...................................12
      6.1. Advantages ................................................12
      6.2. Disadvantages .............................................13
   7. Security Considerations ........................................13
   8. IANA Considerations ............................................13
   9. References .....................................................13
      9.1. Normative References ......................................13
      9.2. Informative References ....................................14

1.  Introduction

   This document defines an IPv6 unicast address format that is globally
   unique and is intended for local communications [IPV6].  These
   addresses are called Unique Local IPv6 Unicast Addresses and are
   abbreviated in this document as Local IPv6 addresses.  They are not
   expected to be routable on the global Internet.  They are routable
   inside of a more limited area such as a site.  They may also be
   routed between a limited set of sites.

   Local IPv6 unicast addresses have the following characteristics:

      - Globally unique prefix (with high probability of uniqueness).

      - Well-known prefix to allow for easy filtering at site
        boundaries.

      - Allow sites to be combined or privately interconnected without
        creating any address conflicts or requiring renumbering of
        interfaces that use these prefixes.

      - Internet Service Provider independent and can be used for
        communications inside of a site without having any permanent or
        intermittent Internet connectivity.

      - If accidentally leaked outside of a site via routing or DNS,
        there is no conflict with any other addresses.

      - In practice, applications may treat these addresses like global
        scoped addresses.

   This document defines the format of Local IPv6 addresses, how to
   allocate them, and usage considerations including routing, site
   border routers, DNS, application support, VPN usage, and guidelines
   for how to use for local communication inside a site.




Hinden & Haberman           Standards Track                     [Page 2]

RFC 4193          Unique Local IPv6 Unicast Addresses       October 2005


   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in [RFC2119].

2.  Acknowledgements

   The underlying idea of creating Local IPv6 addresses described in
   this document has been proposed a number of times by a variety of
   people.  The authors of this document do not claim exclusive credit.
   Credit goes to Brian Carpenter, Christian Huitema, Aidan Williams,
   Andrew White, Charlie Perkins, and many others.  The authors would
   also like to thank Brian Carpenter, Charlie Perkins, Harald
   Alvestrand, Keith Moore, Margaret Wasserman, Shannon Behrens, Alan
   Beard, Hans Kruse, Geoff Huston, Pekka Savola, Christian Huitema, Tim
   Chown, Steve Bellovin, Alex Zinin, Tony Hain, Bill Fenner, Sam
   Hartman, and Elwyn Davies for their comments and suggestions on this
   document.

3.  Local IPv6 Unicast Addresses

3.1.  Format

   The Local IPv6 addresses are created using a pseudo-randomly
   allocated global ID.  They have the following format:

      | 7 bits |1|  40 bits   |  16 bits  |          64 bits           |
      +--------+-+------------+-----------+----------------------------+
      | Prefix |L| Global ID  | Subnet ID |        Interface ID        |
      +--------+-+------------+-----------+----------------------------+

   Where:

      Prefix            FC00::/7 prefix to identify Local IPv6 unicast
                        addresses.

      L                 Set to 1 if the prefix is locally assigned.
                        Set to 0 may be defined in the future.  See
                        Section 3.2 for additional information.

      Global ID         40-bit global identifier used to create a
                        globally unique prefix.  See Section 3.2 for
                        additional information.

      Subnet ID         16-bit Subnet ID is an identifier of a subnet
                        within the site.

      Interface ID      64-bit Interface ID as defined in [ADDARCH].




Hinden & Haberman           Standards Track                     [Page 3]

RFC 4193          Unique Local IPv6 Unicast Addresses       October 2005


3.1.1.  Background

   There were a range of choices available when choosing the size of the
   prefix and Global ID field length.  There is a direct tradeoff
   between having a Global ID field large enough to support foreseeable
   future growth and not using too much of the IPv6 address space
   needlessly.  A reasonable way of evaluating a specific field length
   is to compare it to a projected 2050 world population of 9.3 billion
   [POPUL] and the number of resulting /48 prefixes per person.  A range
   of prefix choices is shown in the following table:

    Prefix  Global ID     Number of          Prefixes    % of IPv6
            Length        /48 Prefixes       per Person  Address Space

    /11       37           137,438,953,472     15         0.049%
    /10       38           274,877,906,944     30         0.098%
    /9        39           549,755,813,888     59         0.195%
    /8        40         1,099,511,627,776    118         0.391%
    /7        41         2,199,023,255,552    236         0.781%
    /6        42         4,398,046,511,104    473         1.563%

   A very high utilization ratio of these allocations can be assumed
   because the Global ID field does not require internal structure, and
   there is no reason to be able to aggregate the prefixes.

   The authors believe that a /7 prefix resulting in a 41-bit Global ID
   space (including the L bit) is a good choice.  It provides for a
   large number of assignments (i.e., 2.2 trillion) and at the same time
   uses less than .8% of the total IPv6 address space.  It is unlikely
   that this space will be exhausted.  If more than this were to be
   needed, then additional IPv6 address space could be allocated for
   this purpose.

3.2.  Global ID

   The allocation of Global IDs is pseudo-random [RANDOM].  They MUST
   NOT be assigned sequentially or with well-known numbers.  This is to
   ensure that there is not any relationship between allocations and to
   help clarify that these prefixes are not intended to be routed
   globally.  Specifically, these prefixes are not designed to
   aggregate.

   This document defines a specific local method to allocate Global IDs,
   indicated by setting the L bit to 1.  Another method, indicated by
   clearing the L bit, may be defined later.  Apart from the allocation
   method, all Local IPv6 addresses behave and are treated identically.





Hinden & Haberman           Standards Track                     [Page 4]

RFC 4193          Unique Local IPv6 Unicast Addresses       October 2005


   The local assignments are self-generated and do not need any central
   coordination or assignment, but have an extremely high probability of
   being unique.

3.2.1.  Locally Assigned Global IDs

   Locally assigned Global IDs MUST be generated with a pseudo-random
   algorithm consistent with [RANDOM].  Section 3.2.2 describes a
   suggested algorithm.  It is important that all sites generating
   Global IDs use a functionally similar algorithm to ensure there is a
   high probability of uniqueness.

   The use of a pseudo-random algorithm to generate Global IDs in the
   locally assigned prefix gives an assurance that any network numbered
   using such a prefix is highly unlikely to have that address space
   clash with any other network that has another locally assigned prefix
   allocated to it.  This is a particularly useful property when
   considering a number of scenarios including networks that merge,
   overlapping VPN address space, or hosts mobile between such networks.

3.2.2.  Sample Code for Pseudo-Random Global ID Algorithm

   The algorithm described below is intended to be used for locally
   assigned Global IDs.  In each case the resulting global ID will be
   used in the appropriate prefix as defined in Section 3.2.

     1) Obtain the current time of day in 64-bit NTP format [NTP].

     2) Obtain an EUI-64 identifier from the system running this
        algorithm.  If an EUI-64 does not exist, one can be created from
        a 48-bit MAC address as specified in [ADDARCH].  If an EUI-64
        cannot be obtained or created, a suitably unique identifier,
        local to the node, should be used (e.g., system serial number).

     3) Concatenate the time of day with the system-specific identifier
        in order to create a key.

     4) Compute an SHA-1 digest on the key as specified in [FIPS, SHA1];
        the resulting value is 160 bits.

     5) Use the least significant 40 bits as the Global ID.

     6) Concatenate FC00::/7, the L bit set to 1, and the 40-bit Global
        ID to create a Local IPv6 address prefix.

   This algorithm will result in a Global ID that is reasonably unique
   and can be used to create a locally assigned Local IPv6 address
   prefix.



Hinden & Haberman           Standards Track                     [Page 5]

RFC 4193          Unique Local IPv6 Unicast Addresses       October 2005


3.2.3.  Analysis of the Uniqueness of Global IDs

   The selection of a pseudo random Global ID is similar to the
   selection of an SSRC identifier in RTP/RTCP defined in Section 8.1 of
   [RTP].  This analysis is adapted from that document.

   Since Global IDs are chosen randomly (and independently), it is
   possible that separate networks have chosen the same Global ID.  For
   any given network, with one or more random Global IDs, that has
   inter-connections to other such networks, having a total of N such
   IDs, the probability that two or more of these IDs will collide can
   be approximated using the formula:

      P = 1 - exp(-N**2 / 2**(L+1))