diff --git a/doc/Background.tex b/doc/Background.tex index c0e9eea..c7f4a90 100644 --- a/doc/Background.tex +++ b/doc/Background.tex @@ -137,7 +137,7 @@ protocol, outgoing connections from IPv6 hosts can dynamically mapped to the range of possible tcp ports. After a session is closed, the port can be reused again. \begin{figure}[h] - \includegraphics[scale=0.7]{statefulnat64} + \includegraphics[scale=0.5]{statefulnat64} \centering \caption{Stateful NAT64} \label{fig:statefulnat64} @@ -167,17 +167,63 @@ While protocol dependent translation has the highest amount of information to choose from for translation, complex parsers or even cryptographic methods are required for it. That reduces the opportunities of protocol dependent translation - -% ---------------------------------------------------------------------- -\subsection{\label{background:transition:Port based}Port based - translation} -tcp/udp -icmp: ?? maybe ID field - - % ---------------------------------------------------------------------- \section{\label{background:checksums}Protocol Checksums} +One challenge for translating IPv6-IPv4 are checksums of higher level +protocols like TCP and UDP that incorporate information from the lower +level protocols. The pseudo header for upper layer protocols for +IPv6 is defined in RFC2460 \cite{rfc2460} and shown in figure +\ref{fig:ipv6pseudoheader}, the IPv4 pseudo header for TCP and UDP are +defined in RFC768 and RFC793 and are shown in \ref{fig:ipv4pseudoheader}. +\begin{figure}[h] +\begin{verbatim} + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + | | + + + + | | + + Source Address + + | | + + + + | | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + | | + + + + | | + + Destination Address + + | | + + + + | | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + | Upper-Layer Packet Length | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + | zero | Next Header | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +\end{verbatim} + \centering + \caption{IPv6 Pseudo Header} + \label{fig:ipv6pseudoheader} +\end{figure} +When translating, the checksum fields in the higher protocols need to be +adjusted. The checksums for TCP and UDP is calculated not only over the pseudo +headers, but also contain the payload of the packet. This is +important, because some targets (like the NetPFGA) do not allow to +access the payload. +\begin{figure}[h] +\begin{verbatim} + 0 7 8 15 16 23 24 31 + +--------+--------+--------+--------+ + | source address | + +--------+--------+--------+--------+ + | destination address | + +--------+--------+--------+--------+ + | zero |protocol| UDP length | + +--------+--------+--------+--------+ +\end{verbatim} + \centering + \caption{IPv4 Pseudo Header} + \label{fig:ipv4pseudoheader} +\end{figure} % ---------------------------------------------------------------------- \section{\label{background:networkdesign}Network Designs} \begin{figure}[h] @@ -254,9 +300,10 @@ or translation method, we argue that the added complexity (and thus operational cost) of running dual stack networks can be significant. % ---------------------------------------------------------------------- \subsection{\label{background:networkdesign:v6only}IPv6 only networks} -IPv6 only networks are our opinion the best choice for long term -deployments. The reasons for this are as follows: +IPv6 only networks are in our opinion the best choice for long term +deployments. The reasons for this are as follows: First of all hosts +eventually will need to support IPv6 and secondly IPv6 hosts can address the whole 32 bit IPv4 Internet mapped in a single /96 IPv6 network, whithout the need for address extension or -higher protocol dependent translations\footnote{Lower level protocols +higher protocol dependent translations\footnote{Higher level protocols like TCP, UDP, ICMP6/ICMP.} diff --git a/doc/refs/refs.bib b/doc/refs/refs.bib index 4409bb4..e5f5622 100644 --- a/doc/refs/refs.bib +++ b/doc/refs/refs.bib @@ -81,5 +81,5 @@ @Misc{nginx:_nginx_high_perfor_load_balan, author = {NGINX}, - title = {NGINX | High Performance Load Balancer, Web Server, & Reverse Proxy}, + title = {NGINX | High Performance Load Balancer, Web Server, \& Reverse Proxy}, howpublished = {\url{https://www.nginx.com/}}}