Research on IPv6 technology supported by broadband access networks (1)

1 Introduction

The IPv4 address is about to run out, so we need to move it to the IPv6 discussion, which has not been interrupted for the past few years. IPv4 and IPv6 are significantly different in terms of packet structure, packet field meaning, and address configuration, which brings great difficulties to the operation of the Internet during the transition from IPv4 to IPv6. At present, almost all applications in the access network technology are built on IPv4. To fully convert them to IPv6 is not an overnight task, but a long-term gradual process. Considering that the demand for supporting IPv6 services and supporting existing IPv4 services will coexist for a long time, the access network will also support both IPv4 and IPv6 services for a long period of time. It is worth discussing how to easily and effectively transition the access network from IPv4 to IPv6.

2 broadband access network supports IPv6 Implementation Technology

In order to cope with IPv4 migration to IPv6, many research institutions and technical standardization organizations, such as IETF, BBF proposed a variety of solutions, such as double stack, tunneling, and translation. Through the combination and derivation of the three basic methods, a variety of different IPv4-to-IPv6 network evolution solutions are generated, such as DS-Lite and 6RD.

2.1 double stack Mode

The dual-stack mode requires that node devices on the network support both IPv4 and IPv6 protocol stacks. The two protocol stacks process IPv4 and IPv6 packets respectively. The dual-stack solution does not save IPv4 addresses, but only reduces the consumption of IPv4 public addresses for newly-developed services. The device supports dual-stack, allowing the operator to enable IPv6 services at any time according to the situation. Therefore, we consider protecting the operator's existing investment and reducing the impact of user experience perception, the dual-stack approach is undoubtedly the best solution for early IPv6 network migration.

In the dual-stack mode, similar to the IPv4 service supported by the access network, there are two basic methods for directly carrying the IPv6 protocol through the data link layer protocol in the access network: PPP and IPoE. The PPP method conforms to the operator's habits and can reduce the network upgrade pressure.

There are two ways to connect to an IPv6 network through PPP:

1) uses an RG device that supports IPv6 PPP dialing. The RG device connects to the business network through PPPv6, And the RG provides the connectivity for the devices in the broadband customer network through routing. See figure 1 ).

Figure 1 RG initiates a PPPv6 session

2) each terminal/host device initiates a PPPv6 dial-up connection to the business network. In this case, the network terminal works in the bridging mode, and the terminals/hosts in the same broadband customer network are independent of each other, making it difficult to communicate with each other. See figure 2 ).

Figure 2 host-initiated PPPv6 session

From figure 1 and figure 2, we can see that the main task of connecting to an IPv6 network through PPP is that one end of the PPP link is RG or the other end is BNG, the connected node devices and L2 aggregation devices in the middle are completely passthrough.

When an access network device supports the IPv6 protocol in IPoE mode, it must obtain the address of the RG device and automatically configure it. The layer-3 Protocol sensing function of the Access Node device includes the IPv6 protocol in some regions, ICMPv6 Protocol packet processing, security features for IPv6 services, etc ).

2.2 tunnel mode

Tunneling is a way to transmit data between networks by using an interconnected network infrastructure. Tunnel transmission data or load) can be data frames or packets of different protocols. The tunnel protocol re-encapsulates data frames or packages of other protocols and sends them through tunnels. The new frame header provides routing information to transmit encapsulated load data over the Internet.

IPv4/IPv6 Tunneling can be divided into IPv6 over IPv4 Tunnel and IPv4 over Pv6 tunnel.

1) IPv6 over IPv4 Tunnel

Before an IPv6 network completely replaces an IPv4 network, the first access device with an IPv6 protocol stack, including RG and Access Node devices, becomes an IPv6 "island" in the IPv4 ocean ". The IPv6 over IPv4 Tunnel Technology aims to use existing IPv4 facilities to serve IPv6 hosts, so that scattered IPv6 "islands" can communicate with each other across IPv4 networks. When an IPv6 packet passes through an IPv4 network, no matter which tunnel mechanism requires "packet-Unpacking", that is, the tunnel endpoint at the sending end encapsulates the IPv6 packet in an IPv4 packet, the IPv6 packet is regarded as IPv4 load data, and the protocol field of the IPv4 packet header is set to 41 to indicate that the load of the IPv4 packet is an IPv6 encapsulation package, the package is then transmitted on the IPv4 network. When an IPv4 packet whose protocol field is 41 reaches the tunnel endpoint at the receiving end, the IPv4 packet header of the package is removed and the IPv6 packet is taken out for further processing.

IPv6 over IPv4 tunneling technology includes GRE tunneling technology, manual tunneling technology, automatic tunneling technology using IPv4 compatible addresses, 6over4 technology, 6to4 technology, ISATAP technology, Teredo technology and 6RD technology.

6RDRFC5569) is short for IPv6 Rapid Deployment of IPv6 Rapid Deployment, which is developed based on 6to4RFC3056. 6RD adds 6RD-BR to the existing IPv4 network to provide IPv6 Access to users who are willing to use IPv6. 6in4 tunnel is established between the IPv6 home gateway and 6RD gateway, to provide IPv6 services on IPv4 networks. 6RD network architecture 3.

Figure 3 6RD network architecture and typical application scenarios

The 6RD technology works as follows: 6RD-CE is the upstream IPv6 packet sent by the IPv6 host in the user's home by the 6RD gateway, the Net Load of IPv4 packets is directly encapsulated in its WAN Interface RFC4213 ). The source address of the outer IPv4 packet header is the IPv4 address of the WAN Interface of 6RD-CE, And the destination address is the IPv4 address of the IPv4 internet interface of 6RD-BR. The same routing and addressing method is used for IPv4 packets on the IPv4 internet. After receiving the message, 6RD-BR removes the outer IPv4 packet header and forwards the IPv6 packet sent from the user host to the IPv6 internet. When the 6RD-BR receives an IPv6 packet pointing to the IPv6 host in the 6RD user network, the IPv4 internet interface also encapsulates the IPv6 packet as the net load of the IPv4 packet. The source address of the outer IPv4 packet header is the IPv4 internet interface address of 6RD-BR. the destination address is the IPv4 address of the WAN Interface of 6RD-CE connected to the target user network. According to the above 6RD user host addressing rules, the IPv4 destination address can be obtained directly from the IPv4 address field in the IPv6 Destination Address in the forwarded IPv6 packet header. After receiving the message, 6RD-CE removes the outer IPv4 packet header and forwards the IPv6 packet to the corresponding IPv6 host in the user's network.

2) IPv4 over IPv6 Tunnel

In contrast to IPv6 over IPv4 Tunnel Technology, IPv4 over IPv6 tunnel technology solves the problem that access devices with IPv4 protocol stacks become isolated island communication in IPv6 networks. This problem may occur later in the Development of IPv6 technology.

DS-Lite is a typical IPv4 over IPv6 Tunnel technology, which is "tunneling technology IPv4-in-IPv6 Tunnel" and "improved NAT technology using Tunnel-id/IPv6 address as NAT table index). The working principle of the DS-Lite tunnel technology is: the user-side device encapsulates IPv4 traffic in the IPv6 tunnel, and ends the IPv6 tunnel encapsulation after reaching the "Gateway" device through the operator's IPv6 Access Network, then perform centralized NAT translation and finally forward it to IPv4 Internet.

The DS-Lite solution has two basic functional modules: B4 and AFTR. The data forwarding process of DS-Lite is shown in Figure 4.

Figure 4 DS-Lite data forwarding process

1) The B4Basic Bridging Broad Band Element module can be integrated and deployed on the dual-stack home gateway or through software deployed on the dual-stack host interface function, it is mainly used to encapsulate IPv4 packets into the tunnel and forward them after an IPv6 tunnel is established with the AFTR module.

(2) The AFTRAddress Family Transition Router Element module can be integrated and deployed on BNG/SR on the carrier's network side, or PE routers and other devices. Its main role is after the IPv6 tunnel ends on the network side, the IPv4 packet is translated as the address and port number and forwarded to the IPv4 Internet.