rfc2766.Network Address Translation - Protocol Tra

NetworkWorkingGroupG.TsirtsisRequestforComments:2766BTCategory:StandardsTrackP.SrisureshCampioCommunicationsFebruary2000NetworkAddressTranslation-ProtocolTranslation(NAT-PT)StatusofthisMemoThisdocumentspecifiesanInternetstandardstrackprotocolfortheInternetcommunity,andrequestsdiscussionandsuggestionsforimprovements.PleaserefertothecurrenteditionoftheInternetOfficialProtocolStandards(STD1)forthestandardizationstateandstatusofthisprotocol.Distributionofthismemoisunlimited.CopyrightNoticeCopyright(C)TheInternetSociety(2000).AllRightsReserved.AbstractThisdocumentspecifiesanIPv4-to-IPv6transitionmechanism,inadditiontothosealreadyspecifiedin[TRANS].Thissolutionattemptstoprovidetransparentrouting,asdefinedin[NAT-TERM],toend-nodesinV6realmtryingtocommunicatewithend-nodesinV4realmandviceversa.ThisisachievedusingacombinationofNetworkAddressTranslationandProtocolTranslation.Theschemedescribeddoesnotmandatedual-stacks(i.e.,IPv4aswellasV6protocolsupport)orspecialpurposeroutingrequirements(suchasrequiringtunnelingsupport)onendnodes.Thisschemeisbasedonacombinationofaddresstranslationthemeasdescribedin[NAT-TERM]andV6/V4protocoltranslationthemeasdescribedin[SIIT].AcknowledgementsSpecialthankstoPedroMarquesforreviewinganearlierversionofthismemo.Also,manythankstoAlanO’NeillandMartinTatham,asthemechanismdescribedinthisdocumentwasinitiallydevelopedthroughdiscussionswiththem.Tsirtsis&SrisureshStandardsTrack[Page1]RFC2766NAT-PTFebruary2000TableofContents1.Introduction..................................................22.Terminology...................................................32.1NetworkAddressTranslation(NAT).........................42.2NAT-PTflavors............................................42.2.1Traditional-NAT-PT...................................42.2.2Bi-directional-NAT-PT................................52.3ProtocolTranslation(PT).................................52.4ApplicationLevelGateway(ALG)...........................52.5Requirements..............................................53.Traditional-NAT-PToperation(V6toV4).......................63.1NAT-PTOutgoingSessions..................................63.2NAPT-PTOutgoingSessions.................................74.UseofDNS-ALGforAddressassignment.........................84.1V4AddressAssignmentforIncomingConnections(V4toV6).94.2V4AddressAssignmentforOutgoingConnections(V6toV4).115.ProtocolTranslationDetails..................................125.1TranslatingIPv4HeaderstoIPv6Headers..................135.2TranslatingIPv6HeaderstoIPv4Headers..................135.3TCP/UDP/ICMPChecksumUpdate..............................136.FTPApplicationLevelGateway(FTP-ALG)Support...............146.1PayloadmodificationsforV4originatedFTPsessions......156.2PayloadmodificationsforV6originatedFTPsessions......166.3HeaderupdatesforFTPcontrolpackets....................167.NAT-PTLimitationsandFutureWork............................177.1TopologyLimitations......................................177.2ProtocolTranslationLimitations..........................177.3ImpactofAddressTranslation.............................187.4LackofEnd-to-EndSecurity...............................187.5DNSTranslationandDNSSEC................................188.ApplicabilityStatement.......................................189.SecurityConsiderations.......................................1910.References...................................................19Authors’Addresses...............................................20FullCopyrightStatement.........................................211.IntroductionIPv6isanewversionoftheIPprotocoldesignedtomodernizeIPv4whichwasdesignedinthe1970s.IPv6hasanumberofadvantagesoverIPv4thatwillallowforfutureInternetgrowthandwillsimplifyIPconfigurationandadministration.IPv6hasalargeraddressspacethanIPv4,anaddressingmodelthatpromotesaggressiverouteaggregationandapowerfulautoconfigurationmechanism.Intime,itisexpectedthatInternetgrowthandaneedforaplug-and-playsolutionwillresultinwidespreadadoptionofIPv6.Tsirtsis&SrisureshStandardsTrack[Page2]RFC2766NAT-PTFebruary2000ThereisexpectedtobealongtransitionperiodduringwhichitwillbenecessaryforIPv4andIPv6nodestocoexistandcommunicate.Astrong,flexiblesetofIPv4-to-IPv6transitionandcoexistencemechanismswillberequiredduringthistransitionperiod.TheSIITproposal[SIIT]describesaprotocoltranslationmechanismthatallowscommunicationbetweenIPv6-onlyandIPv4-onlynodesviaprotocolindependenttranslationofIPv4andIPv6datagrams,requiringnostateinformationforthesession.TheSIITproposalassumesthatV6nodesareassignedaV4addressforcommunicatingwithV4nodes,anddoesnotspecifyamechanismfortheassignmentoftheseaddresses.NAT-PTusesapoolofV4addressesforassignmenttoV6nodesonadynamicbasisassessionsareinitiatedacrossV4-V6boundaries.TheV4addressesareassumedtobegloballyunique.NAT-PTwithprivateV4addressesisoutsidethescopeofthisdocumentandforfurtherstudy.NAT-PTbindsaddressesinV6networkwithaddressesinV4networkandviceversatoprovidetransparentrouting[NAT-TERM]forthedatagramstraversingbetweenaddressrealms.Thisrequiresn