draft-ietf-babel-v4viav6-03.txt   draft-ietf-babel-v4viav6-04.txt 
Network Working Group J. Chroboczek Network Working Group J. Chroboczek
Internet-Draft IRIF, University of Paris Internet-Draft IRIF, University of Paris
Updates: 8966 (if approved) 21 April 2021 Updates: 8966 (if approved) 8 June 2021
Intended status: Standards Track Intended status: Standards Track
Expires: 23 October 2021 Expires: 10 December 2021
IPv4 routes with an IPv6 next-hop in the Babel routing protocol IPv4 routes with an IPv6 next-hop in the Babel routing protocol
draft-ietf-babel-v4viav6-03 draft-ietf-babel-v4viav6-04
Abstract Abstract
This document defines an extension to the Babel routing protocol that This document defines an extension to the Babel routing protocol that
allows annoncing routes to an IPv4 prefix with an IPv6 next-hop, allows annoncing routes to an IPv4 prefix with an IPv6 next-hop,
which makes it possible for IPv4 traffic to flow through interfaces which makes it possible for IPv4 traffic to flow through interfaces
that have not been assigned an IPv4 address. that have not been assigned an IPv4 address.
Status of This Memo Status of This Memo
skipping to change at page 1, line 34 skipping to change at page 1, line 34
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on 23 October 2021. This Internet-Draft will expire on 10 December 2021.
Copyright Notice Copyright Notice
Copyright (c) 2021 IETF Trust and the persons identified as the Copyright (c) 2021 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/ Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document. license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights Please review these documents carefully, as they describe your rights
and restrictions with respect to this document. Code Components and restrictions with respect to this document. Code Components
extracted from this document must include Simplified BSD License text extracted from this document must include Simplified BSD License text
as described in Section 4.e of the Trust Legal Provisions and are as described in Section 4.e of the Trust Legal Provisions and are
provided without warranty as described in the Simplified BSD License. provided without warranty as described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
1.1. Specification of Requirements . . . . . . . . . . . . . . 3 1.1. Specification of Requirements . . . . . . . . . . . . . . 3
2. Protocol operation . . . . . . . . . . . . . . . . . . . . . 3 2. Protocol operation . . . . . . . . . . . . . . . . . . . . . 3
2.1. Announcing v4-via-v6 routes . . . . . . . . . . . . . . . 3 2.1. Announcing v4-via-v6 routes . . . . . . . . . . . . . . . 4
2.2. Receiving v4-via-v6 routes . . . . . . . . . . . . . . . 4 2.2. Receiving v4-via-v6 routes . . . . . . . . . . . . . . . 4
2.3. Prefix and seqno requests . . . . . . . . . . . . . . . . 4 2.3. Prefix and seqno requests . . . . . . . . . . . . . . . . 5
2.4. Other TLVs . . . . . . . . . . . . . . . . . . . . . . . 5 2.4. Other TLVs . . . . . . . . . . . . . . . . . . . . . . . 5
3. ICMPv4 and PMTU discovery . . . . . . . . . . . . . . . . . . 5 3. ICMPv4 and PMTU discovery . . . . . . . . . . . . . . . . . . 5
4. Protocol encoding . . . . . . . . . . . . . . . . . . . . . . 6 4. Protocol encoding . . . . . . . . . . . . . . . . . . . . . . 6
4.1. Prefix encoding . . . . . . . . . . . . . . . . . . . . . 6 4.1. Prefix encoding . . . . . . . . . . . . . . . . . . . . . 6
4.2. Changes to existing TLVs . . . . . . . . . . . . . . . . 6 4.2. Changes to existing TLVs . . . . . . . . . . . . . . . . 7
5. Backwards compatibility . . . . . . . . . . . . . . . . . . . 7 5. Backwards compatibility . . . . . . . . . . . . . . . . . . . 7
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8
7. Security Considerations . . . . . . . . . . . . . . . . . . . 8 7. Security Considerations . . . . . . . . . . . . . . . . . . . 8
8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 8 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 9
9. References . . . . . . . . . . . . . . . . . . . . . . . . . 8 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 9
9.1. Normative References . . . . . . . . . . . . . . . . . . 8 9.1. Normative References . . . . . . . . . . . . . . . . . . 9
9.2. Informative References . . . . . . . . . . . . . . . . . 9 9.2. Informative References . . . . . . . . . . . . . . . . . 9
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 9 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 10
1. Introduction 1. Introduction
Traditionally, a routing table maps a network prefix of a given The role of a routing protocol is to build a routing table, a data
address family to a next-hop address in the same address family. The structure that maps network prefixes in a given family (IPv4 or IPv6)
sole purpose of this next-hop address is to serve as an input to a to next hops, pairs of an outgoing interface and a neighbour's
protocol that will map it to a link-layer address, Neighbour network address, for example:
Discovery (ND) [RFC4861] in the case of IPv6, Address Resolution
(ARP) [RFC0826] in the case of IPv4. Therefore, there is no reason destination next hop
why the address family of the next hop address should match that of 2001:db8:0:1::/64 eth0, fe80::1234:5678
the prefix being announced: an IPv6 next-hop yields a link-layer 203.0.113.0/24 eth0, 192.0.2.1
address that is suitable for forwarding both IPv6 or IPv4 traffic.
When a packet is routed according to a given routing table entry, the
forwarding plane uses a neighbour discovery protocol (the Neighbour
Discovery protocol (ND) [RFC4861] in the case of IPv6, the Address
Resolution Protocol (ARP) [RFC0826] in the case of IPv4) to map the
next hop address to a link-layer address (a "MAC address"), which is
then used to construct the link-layer frames that encapsulate
forwarded packets.
It is apparent from the description above that there is no
fundamental reason why the destination prefix and the next-hop
address should be in the same address family: there is nothing
preventing an IPv6 packet from being routed through a next hop with
an IPv4 address (in which case the next hop's MAC address will be
obtained using ARP), or, conversely, an IPv4 packet from being routed
through a next hop with an IPv6 address. (In fact, it is even
possible to store link-layer addresses directly in the next hop entry
of the routing table, which is commonly done in networks using the
OSI protocol suite).
The case of routing IPv4 packets through an IPv6 next hop is
particularly interesting, since it makes it possible to build
networks that have no IPv4 addresses except at the edges and still
provide IPv4 connectivity to edge hosts. In addition, since an IPv6
next-hop can use a link-local address that is autonomously
configured, the use of such routes enables a mode of operation where
the network core has no statically assigned IP addresses of either
family, which significantly reduces the amount of manual
configuration required.
We call a route towards an IPv4 prefix that uses an IPv6 next hop a We call a route towards an IPv4 prefix that uses an IPv6 next hop a
"v4-via-v6" route. Since an IPv6 next-hop can use a link-local "v4-via-v6" route. This document describes an extension that allows
address that is autonomously configured, the use of v4-via-v6 routes the Babel routing protocol [RFC8966] to announce v4-via-v6 routes
enables a mode of operation where the network core has no statically across interfaces that have no IPv4 addresses assigned. Section 3
assigned IP addresses of either family, thus significantly reducing describes procedures that ensure that all routers can originate
the amount of manual configuration. ICMPv4 packets, even if they have not been assigned any IPv4
addresses.
This document describes an extension that allows the Babel routing The extension described in this document is inspired by a previously
protocol [RFC8966] to announce routes towards IPv6 prefixes with IPv4 defined extension to the BGP protocol [RFC5549].
next hops. The extension is inspired by a previously defined
extension to the BGP protocol [RFC5549].
1.1. Specification of Requirements 1.1. Specification of Requirements
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP "OPTIONAL" in this document are to be interpreted as described in BCP
14 [RFC2119] [RFC8174] when, and only when, they appear in all 14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here. capitals, as shown here.
2. Protocol operation 2. Protocol operation
The Babel protocol fully supports double-stack operation: all data The Babel protocol fully supports double-stack operation: all data
that represent a neighbour address or a network prefix are tagged by that represent a neighbour address or a network prefix are tagged by
an Address Encoding (AE), a small integer that identifies the address an Address Encoding (AE), a small integer that identifies the address
family (IPv4 or IPv6) of the address of prefix, and describes how it family (IPv4 or IPv6) of the address of prefix, and describes how it
is encoded. This extension defines a new AE, called v4-via-v6, which is encoded. This extension defines a new AE, called v4-via-v6, which
has the same format as the existing AE for IPv4 addresses. This new has the same format as the existing AE for IPv4 addresses. This new
AE is only allowed in TLVs that carry network prefixes: TLVs that AE is only allowed in TLVs that carry network prefixes: TLVs that
carry a neighbour address use the normal encodings for IPv6 carry a neighbour address use one of the normal encodings for IPv6
addresses. addresses.
2.1. Announcing v4-via-v6 routes 2.1. Announcing v4-via-v6 routes
A Babel node that needs to announce an IPv4 route over an interface A Babel node that needs to announce an IPv4 route over an interface
that has no assigned IPv4 address MAY make a v4-via-v6 announcement. that has no assigned IPv4 address MAY make a v4-via-v6 announcement.
In order to do so, it first establishes an IPv6 next-hop address in In order to do so, it first establishes an IPv6 next-hop address in
the usual manner (either by sending the Babel packet over IPv6, or by the usual manner (either by sending the Babel packet over IPv6, or by
including a Next Hop TLV containing an IPv6 address); it then sends including a Next Hop TLV containing an IPv6 address and using AE 2 or
an Update with AE equal to TBD containing the IPv4 prefix being 3); it then sends an Update, with AE equal to 4 (v4-via-v6)
announced. containing the IPv4 prefix being announced.
If the outgoing interface has been assigned an IPv4 address, then, in If the outgoing interface has been assigned an IPv4 address, then, in
the interest of maximising compatibility with existing routers, the the interest of maximising compatibility with existing routers, the
sender SHOULD prefer an ordinary IPv4 announcement; even in that sender SHOULD prefer an ordinary IPv4 announcement; even in that
case, however, it MAY use a v4-via-v6 announcement. A node SHOULD case, however, it MAY send a v4-via-v6 announcement. A node SHOULD
NOT send both ordinary IPv4 and v4-via-v6 annoucements for the same NOT send both ordinary IPv4 and v4-via-v6 annoucements for the same
prefix over a single interface (if the update is sent to a multicast prefix over a single interface (if the update is sent to a multicast
address) or to a single neighbour (if sent to a unicast address), address) or to a single neighbour (if sent to a unicast address),
since doing that doubles the amount of routing traffic while since doing that provides no benefit while doubling the amount of
providing no benefit. routing traffic.
Updates with infinite metric are retractions: they indicate that a
previously announced route is no longer available. Retractions do
not require a next hop, and there is therefore no difference between
v4-via-v6 retractions and ordinary retractions. A node MAY send IPv4
retractions only, or it MAY send v4-via-v6 retractions on interfaces
that have not been assigned an IPv4 address.
2.2. Receiving v4-via-v6 routes 2.2. Receiving v4-via-v6 routes
Upon reception of an Update TLV with a v4-via-v6 AE and finite Upon reception of an Update TLV with AE equal to 4 (v4-via-v6) and
metric, a Babel node computes the IPv6 next-hop, as described in finite metric, a Babel node computes the IPv6 next-hop, as described
Section 4.6.9 of [RFC8966]. If no IPv6 next-hop exists, then the in Section 4.6.9 of [RFC8966]. If no IPv6 next-hop exists, then the
Update MUST be silently ignored. If an IPv6 next-hop exists, then Update MUST be silently ignored. If an IPv6 next-hop exists, then
the node MAY acquire the route being announced, as described in the node MAY acquire the route being announced, as described in
Section 3.5.3 of [RFC8966]; the parameters of the route are as Section 3.5.3 of [RFC8966]; the parameters of the route are as
follows: follows:
* the prefix, plen, router-id, seqno, metric MUST be computed as for * the prefix, plen, router-id, seqno, metric MUST be computed as for
an IPv4 route, as described in Section 4.6.9 of [RFC8966]; an IPv4 route, as described in Section 4.6.9 of [RFC8966];
* the next-hop MUST be computed as for an IPv6 route, as described * the next-hop MUST be computed as for an IPv6 route, as described
in Section 4.6.9 of [RFC8966]: it is taken from the last preceding in Section 4.6.9 of [RFC8966]: it is taken from the last preceding
skipping to change at page 4, line 42 skipping to change at page 5, line 22
routes, eg., due to hardware or software limitations, then routes to routes, eg., due to hardware or software limitations, then routes to
an IPv4 prefix with an IPv6 next-hop MUST NOT be selected, as an IPv4 prefix with an IPv6 next-hop MUST NOT be selected, as
described in Section 3.5.3 of [RFC8966]. described in Section 3.5.3 of [RFC8966].
2.3. Prefix and seqno requests 2.3. Prefix and seqno requests
Prefix and seqno requests are used to request an update for a given Prefix and seqno requests are used to request an update for a given
prefix. Since they are not related to a specific Next-Hop, there is prefix. Since they are not related to a specific Next-Hop, there is
no semantic difference between IPv4 and v4-via-v6 requests. no semantic difference between IPv4 and v4-via-v6 requests.
Therefore, a node SHOULD NOT send requests of either kind with the AE Therefore, a node SHOULD NOT send requests of either kind with the AE
field being set to TBD (v4-via-v6); instead, it SHOULD request IPv4 field being set to 4 (v4-via-v6); instead, it SHOULD request IPv4
updates using requests with the AE field being set to 1 (IPv4). updates by sending requests with the AE field being set to 1 (IPv4).
When receiving requests, AEs 1 (IPv4) and TBD (v4-via-v6) MUST be When receiving requests, AEs 1 (IPv4) and 4 (v4-via-v6) MUST be
treated in the same manner: the receiver processes the request as treated in the same manner: the receiver processes the request as
described in Section 3.8 of [RFC8966]. If an Update is sent, then it described in Section 3.8 of [RFC8966]. If an Update is sent, then it
MAY be sent with AE 1 or TBD, as described in Section 2.1 above, MAY be sent with AE 1 or 4, as described in Section 2.1 above,
irrespective of which AE was used in the request. irrespective of which AE was used in the request.
When receiving a request with AE 0 (wildcard), the receiver SHOULD When receiving a request with AE 0 (wildcard), the receiver SHOULD
send a full route dump, as described in Section 3.8.1.1 of [RFC8966]. send a full route dump, as described in Section 3.8.1.1 of [RFC8966].
Any IPv4 routes contained in the route dump MAY use either AE 1 or AE Any IPv4 routes contained in the route dump MAY use either AE 1
TBD, as described in Section 2.1 above. (IPv4) or AE 4 (v4-via-v6), as described in Section 2.1 above.
2.4. Other TLVs 2.4. Other TLVs
The only other TLVs defined by [RFC8966] that carry an AE field are The only other TLVs defined by [RFC8966] that carry an AE field are
Next-Hop and TLV. Next-Hop and IHU TLVs MUST NOT carry the AE TBD Next-Hop and TLV. Next-Hop and IHU TLVs MUST NOT carry the AE 4 (v4-
(v4-via-v6). via-v6).
3. ICMPv4 and PMTU discovery 3. ICMPv4 and PMTU discovery
The Internet Control Message Protocol (ICMPv4, or simply ICMP) The Internet Control Message Protocol (ICMPv4, or simply ICMP)
[RFC792] is a protocol related to IPv4 that is primarily used to [RFC792] is a protocol related to IPv4 that is primarily used to
carry diagnostic and debugging information. ICMPv4 packets may be carry diagnostic and debugging information. ICMPv4 packets may be
originated by end hosts (e.g., the "destination unreachable, port originated by end hosts (e.g., the "destination unreachable, port
unreachable" ICMPv4 packet), but they may also be originated by unreachable" ICMPv4 packet), but they may also be originated by
intermediate routers (e.g., most other kinds of "destination intermediate routers (e.g., most other kinds of "destination
unreachable" packets). unreachable" packets).
skipping to change at page 6, line 11 skipping to change at page 6, line 39
available, a router may choose a source address from a prefix known available, a router may choose a source address from a prefix known
to be unused, for example from a suitably chosen private address to be unused, for example from a suitably chosen private address
range [RFC1918]. If no more suitable address is available, then a range [RFC1918]. If no more suitable address is available, then a
router MAY use the IPv4 dummy address 192.0.0.8 as the source address router MAY use the IPv4 dummy address 192.0.0.8 as the source address
of the IMCPv4 packets that it sends. Note however that using the of the IMCPv4 packets that it sends. Note however that using the
same address on multiple routers may hamper debugging and fault same address on multiple routers may hamper debugging and fault
isolation, e.g., when using the "traceroute" utility. isolation, e.g., when using the "traceroute" utility.
4. Protocol encoding 4. Protocol encoding
This extension defines the v4-via-v6 AE, whose value is TBD. This AE This extension defines the v4-via-v6 AE, whose value is 4. This AE
is solely used to tag network prefixes, and MUST NOT be used to tag is solely used to tag network prefixes, and MUST NOT be used to tag
peers' addresses, eg. in Next-Hop or IHU TLVs. neighbour addresses, eg. in Next-Hop or IHU TLVs.
This extension defines no new TLVs or sub-TLVs. This extension defines no new TLVs or sub-TLVs.
4.1. Prefix encoding 4.1. Prefix encoding
Network prefixes tagged with AE TBD MUST be encoded and decoded just Network prefixes tagged with AE 4 (v4-via-v6) MUST be encoded and
like prefixes tagged with AE 1 (IPv4), as described in Section 4.3.1 decoded just like prefixes tagged with AE 1 (IPv4), as described in
of [RFC8966]. Section 4.3.1 of [RFC8966].
A new compression state for AE TBD (v4-via-v6) distinct from that of A new compression state for AE 4 (v4-via-v6) distinct from that of AE
AE 1 (IPv4) is introduced, and MUST be used for address compression 1 (IPv4) is introduced, and MUST be used for address compression of
of prefixes tagged with AE TBD, as described in Section 4.6.9 of prefixes tagged with AE 4, as described in Section 4.6.9 of [RFC8966]
[RFC8966]
4.2. Changes to existing TLVs 4.2. Changes to existing TLVs
The following TLVs MAY be tagged with AE TBD: The following TLVs MAY be tagged with AE 4 (v4-via-v6):
* Update (Type = 8) * Update (Type = 8)
* Route Request (Type = 9) * Route Request (Type = 9)
* Seqno Request (Type = 10) * Seqno Request (Type = 10)
As AE TBD is suitable only for network prefixes, IHU (Type = 5) and As AE 4 (v4-via-v6) is suitable only for network prefixes, IHU
Next-Hop (Type = 7) TLVs MUST NOT be tagged with AE TBD. Such (Type = 5) and Next-Hop (Type = 7) TLVs MUST NOT be tagged with AE 4.
(incorrect) TLVs MUST be ignored upon reception. Such (incorrect) TLVs MUST be ignored upon reception.
4.2.1. Update 4.2.1. Update
An Update (Type = 8) TLV with AE = TBD is constructed as described in An Update (Type = 8) TLV with AE 4 is constructed as described in
Section 4.6.9 of [RFC8966] for AE 1 (IPv4), with the following Section 4.6.9 of [RFC8966] for AE 1 (IPv4), with the following
specificities: specificities:
* Prefix. The Prefix field is constructed according to Section 4.1 * Prefix. The Prefix field is constructed according to Section 4.1
above. above.
* Next hop. The next hop is determined as described in Section 2.2 * Next hop. The next hop is determined as described in Section 2.2
above. above.
4.2.2. Other TLVs 4.2.2. Other TLVs
When tagged with the AE TBD, Route Request and Seqno Request updates When tagged with the AE 4, Route Request and Seqno Request updates
MUST be constructed and decoded as described in Section 4.6 of MUST be constructed and decoded as described in Section 4.6 of
[RFC8966], and the network prefixes contained within them decoded as [RFC8966], and the network prefixes contained within them decoded as
described in Section 4.1 above. described in Section 4.1 above.
5. Backwards compatibility 5. Backwards compatibility
This protocol extension adds no new TLVs or sub-TLVs. This protocol extension adds no new TLVs or sub-TLVs.
This protocol extension uses a new AE. As discussed in Appendix D of This protocol extension uses a new AE. As discussed in Appendix D of
[RFC8966] and specified in the same document, implementations that do [RFC8966] and specified in the same document, implementations that do
not understand the present extension will silently ignore the various not understand the present extension will silently ignore the various
TLVs that use this new AE. As a result, incompatible versions will TLVs that use this new AE. As a result, incompatible versions will
ignore v4-via-v6 routes. They will also ignore requests with AE TBD, ignore v4-via-v6 routes. They will also ignore requests with AE 4,
which, as stated in Section 2.3, are NOT RECOMMENDED. which, as stated in Section 2.3, are NOT RECOMMENDED.
Using a new AE introduces a new compression state, used to parse the Using a new AE introduces a new compression state, used to parse the
network prefixes. As this compression state is separate from other network prefixes. As this compression state is separate from other
AEs' states, it will not interfere with the compression state of AEs' states, it will not interfere with the compression state of
unextended nodes. unextended nodes.
This extension reuses the next-hop state from AEs 2 and 3 (IPv6), but This extension reuses the next-hop state from AEs 2 and 3 (IPv6), but
makes no changes to the way it is updated, and therefore causes no makes no changes to the way in which it is updated, and therefore
compatibility issues. causes no compatibility issues.
As mentioned in Section 2.1, ordinary IPv4 announcements are As mentioned in Section 2.1, ordinary IPv4 announcements are
preferred to v4-via-v6 announcements when the outgoing interface has preferred to v4-via-v6 announcements when the outgoing interface has
an assigned IPv4 address; doing otherwise would prevent routers that an assigned IPv4 address; doing otherwise would prevent routers that
do not implement this extension from learning the route being do not implement this extension from learning the route being
announced. announced.
6. IANA Considerations 6. IANA Considerations
IANA is requested to allocate a value (4 suggested) in the "Babel IANA has allocated value 4 in the "Babel Address Encodings" registry
Address Encodings" registry as follows: as follows:
+=====+===========+=================+ +====+===========+=================+
| AE | Name | Reference | | AE | Name | Reference |
+=====+===========+=================+ +====+===========+=================+
| TBD | v4-via-v6 | (this document) | | 4 | v4-via-v6 | (this document) |
+-----+-----------+-----------------+ +----+-----------+-----------------+
Table 1 Table 1
7. Security Considerations 7. Security Considerations
The extension defined in this document does not fundamentally change The extension defined in this document does not fundamentally change
the security properties of the Babel protocol. However, by allowing the security properties of the Babel protocol. However, by allowing
IPv4 routes to be propagated across routers that have not been IPv4 routes to be propagated across routers that have not been
assigned IPv4 addresses, it might invalidate the assumptions made by assigned IPv4 addresses, it might invalidate the assumptions made by
some network administatoris, which could conceivably lead to security network administrators, which could conceivably lead to security
issues. issues.
For example, if an island of IPv4-only hosts is separated from the For example, if an island of IPv4-only hosts is separated from the
IPv4 Internet by an area of routers that have not been assigned IPv4 IPv4 Internet by routers that have not been assigned IPv4 addresses,
addresses, a network administrator might reasonably assume that the a network administrator might reasonably assume that the IPv4-only
IPv4-only hosts are unreachable from the IPv4 Internet. This hosts are unreachable from the IPv4 Internet. This assumption is
assumption is broken if the intermediary routers implement the broken if the intermediary routers implement the extension described
extension described in this document, which might expose the in this document, which might expose the IPv4-only hosts to traffic
IPv4-only hosts to traffic from the IPv4 Internet. If this is from the IPv4 Internet. If this is undesirable, the flow of IPv4
undesirable, the flow of IPv4 traffic must be restricted by the use traffic must be restricted by the use of suitable filtering rules
of suitable filtering rules (Appendix C of [RFC8966]) together with (Appendix C of [RFC8966]) together with matching packet filters in
matching packet filters in the data plane. the data plane.
8. Acknowledgments 8. Acknowledgments
This protocol extension was originally designed, described and This protocol extension was originally designed, described and
implemented in collaboration with Theophile Bastian. Margaret Cullen implemented in collaboration with Theophile Bastian. Margaret Cullen
pointed out the issues with ICMP and helped coin the phrase "v4-via- pointed out the issues with ICMP and helped coin the phrase "v4-via-
v6". The author is also indebted to Donald Eastlake, Toke Hoiland- v6". The author is also indebted to Donald Eastlake, Toke Hoiland-
Jorgensen, and David Schinazi. Jorgensen, and David Schinazi.
9. References 9. References
 End of changes. 38 change blocks. 
84 lines changed or deleted 117 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/