v6ops WG O. Troan Internet-Draft Cisco Obsoletes: 3068 (if approved) B. Carpenter, Ed. Intended status: Best Current Practice Univ. of Auckland Expires: May 14, 2015 November 10, 2014 Deprecating Connection of IPv6 Domains via IPv4 Clouds (6to4) draft-ietf-v6ops-6to4-to-historic-07.txt Abstract Experience with the "Connection of IPv6 Domains via IPv4 Clouds (6to4)" IPv6 transition mechanism has shown that the mechanism is unsuitable for widespread deployment and use in the Internet, especially in its anycast mode. This document requests that RFC 3068, "An Anycast Prefix for 6to4 Relay Routers", be made obsolete and moved to historic status. It also recommends that future products should not support 6to4 anycast and that existing deployments should be reviewed. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on May 14, 2015. Copyright Notice Copyright (c) 2014 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect Troan & Carpenter Expires May 14, 2015 [Page 1] Internet-Draft Deprecating 6to4 November 2014 to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. 1. Introduction There would appear to be no evidence of any substantial deployment of the variant of 6to4 described in [RFC3056]. Its extension specified in "An Anycast Prefix for 6to4 Relay Routers" [RFC3068] has been shown to have severe practical problems when used in the Internet. This document requests that RFC 3068 be moved to Historic status as defined in section 4.2.4 of [RFC2026]. 6to4 was designed to help transition the Internet from IPv4 to IPv6. It has been a good mechanism for experimenting with IPv6, but because of the high failure rates seen with anycast 6to4 [HUSTON], end users may end up disabling IPv6 on hosts as a result, and some content providers have been reluctant to make content available over IPv6. [RFC6343] analyses the known operational issues in detail and describes a set of suggestions to improve 6to4 reliability, given the widespread presence of hosts and customer premises equipment that support it. However, experience shows that operational failures have continued despite this advice being available. Fortunately the advice to disable 6to4 by default has been widely adopted in recent operating systems, and the failure modes have been largely hidden from users by many browsers adopting the "happy eyeballs" approach [RFC6555]. Nevertheless, operational problems caused by 6to4 still occur. IPv6 Rapid Deployment on IPv4 Infrastructures (6rd) [RFC5969] utilizes the same encapsulation and base mechanism as 6to4, and could be viewed as a superset of 6to4 (6to4 could be achieved by setting the 6rd prefix to 2002::/16). However, the deployment model is such that 6rd can avoid the problems described here. In this sense, 6rd can be viewed as superseding 6to4 as described in section 4.2.4 of [RFC2026] Given that native IPv6 support and reliable transition mechanisms such as 6rd are now becoming common, the IETF sees no evolutionary future for the 6to4 mechanism. 2. Conventions The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and Troan & Carpenter Expires May 14, 2015 [Page 2] Internet-Draft Deprecating 6to4 November 2014 "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119]. 3. 6to4 operational problems 6to4 is a mechanism designed to allow isolated IPv6 islands to reach each other using IPv6 over IPv4 automatic tunneling. To reach the native IPv6 Internet the mechanism uses relay routers both in the forward and reverse direction. The mechanism is supported in many IPv6 implementations. With the increased deployment of IPv6, the mechanism has been shown to have a number of fundamental shortcomings. 6to4 depends on relays both in the forward and reverse direction to enable connectivity with the native IPv6 Internet. A 6to4 node will send IPv4 encapsulated IPv6 traffic to a 6to4 relay, that is connected both to the 6to4 cloud and to native IPv6. In the reverse direction a 2002::/16 route is injected into the native IPv6 routing domain to attract traffic from native IPv6 nodes to a 6to4 relay router. It is expected that traffic will use different relays in the forward and reverse direction. RFC 3068 adds an extension that allows the use of a well known IPv4 anycast address to reach the nearest 6to4 relay in the forward direction. One model of 6to4 deployment, described in section 5.2 of RFC 3056, suggests that a 6to4 router should have a set of managed connections (via BGP connections) to a set of 6to4 relay routers. While this makes the forward path more controlled, it does not guarantee a functional reverse path. In any case this model has the same operational burden as manually configured tunnels and has seen no deployment in the public Internet. List of some of the known issues with 6to4: o Use of relays. 6to4 depends on an unknown third party to operate the relays between the 6to4 cloud and the native IPv6 Internet. o The placement of the relay can lead to increased latency, and in the case the relay is overloaded, packet loss. o There is generally no customer relationship between the end-user and the relay operator, or even a way for the end-user to know who the relay operator is, so no support is possible. o A 6to4 relay for the reverse path and an anycast 6to4 relay used for the forward path, are openly accessible, limited only by the scope of routing. 6to4 relays can be used to anonymize traffic and inject attacks into IPv6 that are very difficult to trace. o 6to4 may silently discard traffic in the case where protocol (41) is blocked in intermediate firewalls. Even if a firewall sent an ICMP message unreachable back, an IPv4 ICMP message rarely Troan & Carpenter Expires May 14, 2015 [Page 3] Internet-Draft Deprecating 6to4 November 2014 contains enough of the original IPv6 packet so that it can be relayed back to the IPv6 sender. That makes this problem hard to detect and react upon by the sender of the packet. o As 6to4 tunnels across the Internet, the IPv4 addresses used must be globally reachable. RFC 3056 states that a private address [RFC1918] MUST NOT be used. 6to4 will not work in networks that employ other addresses with limited topological span. In particular it will predictably fail in the case of double network address translation (NAT444). For further analysis, see [RFC6343]. Peer-to-peer usage of the 6to4 mechanism, not depending on the anycast mechanism, might exist in the Internet, largely unknown to operators. This is harmless to third parties and the current document is not intended to prevent such traffic continuing. 4. Deprecation This document formally deprecates the anycast 6to4 transition mechanism defined in [RFC3068] and the associated anycast IPv4 address 192.88.99.1. It is NOT RECOMMENDED to include this mechanism in new implementations. It is no longer considered to be a useful service of last resort. The prefix 192.88.99.0/24 MUST NOT be reassigned for other use except by a future IETF standards action. The basic unicast 6to4 mechanism defined in [RFC3056] and the associated 6to4 IPv6 prefix 2002::/16 are not deprecated. The default address selection rules specified in [RFC6724] are not modified. However, if included in implementations, unicast 6to4 MUST be disabled by default. Implementations capable of acting as 6to4 routers MUST NOT enable 6to4 without explicit user configuration. In particular, enabling IPv6 forwarding on a device MUST NOT automatically enable 6to4. Current operators of an anycast 6to4 relay with the IPv4 address 192.88.99.1 SHOULD review the information in [RFC6343] and the present document, and then consider carefully when the anycast relay can be discontinued as traffic diminishes. Internet service providers SHOULD filter out routes to 192.88.99.1. Operators of a 6to4 return relay announcing the IPv6 prefix 2002::/16 SHOULD review the information in [RFC6343] and the present document, and then consider carefully when the return relay can be discontinued as traffic diminishes. As discussed in Section 4.5 of RFC 6343, Troan & Carpenter Expires May 14, 2015 [Page 4] Internet-Draft Deprecating 6to4 November 2014 content providers might choose to continue operating such a relay for the benefit of their own residual 6to4 clients. Internet service providers SHOULD announce the IPv6 prefix 2002::/16 if and only if it leads to a correctly operating return relay as described in RFC 6343. The references to the 6to4 relay anycast prefix (192.88.99.0/24) should be removed as soon as practical from the revision of the Special Use IPv4 addresses [RFC6890]. Incidental references to 6to4 should be reviewed and possibly removed from other IETF documents if and when they are updated. These documents include RFC3162, RFC3178, RFC3790, RFC4191, RFC4213, RFC4389, RFC4779, RFC4852, RFC4891, RFC4903, RFC5157, RFC5245, RFC5375, RFC5971, and RFC6071. 5. IANA Considerations IANA is requested to mark the 192.88.99.0/24 prefix [RFC3068] as "deprecated", pointing to this document. Redelegation of this prefix for any usage requires justification via an IETF Standards Action [RFC5226]. 6. Security Considerations There are no new security considerations pertaining to this document. General security issues with tunnels are listed in [RFC6169] and more specifically to 6to4 in [RFC3964] and [RFC6324]. 7. Acknowledgements The authors would like to acknowledge Tore Anderson, Dmitry Anipko, Jack Bates, Cameron Byrne, Ben Campbell, Gert Doering, Ray Hunter, Joel Jaeggli, Kurt Erik Lindqvist, Jason Livingood, Keith Moore, Tom Petch, Daniel Roesen and Mark Townsley, James Woodyatt, for their contributions and discussions on this topic. Special thanks go to Fred Baker, Geoff Huston, and Wes George for their significant contributions. Many thanks to Gunter Van de Velde for documenting the harm caused by non-managed tunnels and to stimulate the creation of this document. 8. References Troan & Carpenter Expires May 14, 2015 [Page 5] Internet-Draft Deprecating 6to4 November 2014 8.1. Normative References [RFC2026] Bradner, S., "The Internet Standards Process -- Revision 3", BCP 9, RFC 2026, October 1996. [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC3056] Carpenter, B. and K. Moore, "Connection of IPv6 Domains via IPv4 Clouds", RFC 3056, February 2001. [RFC3068] Huitema, C., "An Anycast Prefix for 6to4 Relay Routers", RFC 3068, June 2001. [RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an IANA Considerations Section in RFCs", BCP 26, RFC 5226, May 2008. [RFC6724] Thaler, D., Draves, R., Matsumoto, A., and T. Chown, "Default Address Selection for Internet Protocol Version 6 (IPv6)", RFC 6724, September 2012. [RFC6890] Cotton, M., Vegoda, L., Bonica, R., and B. Haberman, "Special-Purpose IP Address Registries", BCP 153, RFC 6890, April 2013. 8.2. Informative References [HUSTON] Huston, , "Flailing IPv6", December 2010, . [RFC1918] Rekhter, Y., Moskowitz, R., Karrenberg, D., Groot, G., and E. Lear, "Address Allocation for Private Internets", BCP 5, RFC 1918, February 1996. [RFC3964] Savola, P. and C. Patel, "Security Considerations for 6to4", RFC 3964, December 2004. [RFC5969] Townsley, W. and O. Troan, "IPv6 Rapid Deployment on IPv4 Infrastructures (6rd) -- Protocol Specification", RFC 5969, August 2010. [RFC6169] Krishnan, S., Thaler, D., and J. Hoagland, "Security Concerns with IP Tunneling", RFC 6169, April 2011. [RFC6324] Nakibly, G. and F. Templin, "Routing Loop Attack Using IPv6 Automatic Tunnels: Problem Statement and Proposed Mitigations", RFC 6324, August 2011. Troan & Carpenter Expires May 14, 2015 [Page 6] Internet-Draft Deprecating 6to4 November 2014 [RFC6343] Carpenter, B., "Advisory Guidelines for 6to4 Deployment", RFC 6343, August 2011. [RFC6555] Wing, D. and A. Yourtchenko, "Happy Eyeballs: Success with Dual-Stack Hosts", RFC 6555, April 2012. Authors' Addresses Ole Troan Cisco Oslo Norway Email: ot@cisco.com Brian Carpenter (editor) Department of Computer Science University of Auckland PB 92019 Auckland 1142 New Zealand Email: brian.e.carpenter@gmail.com Troan & Carpenter Expires May 14, 2015 [Page 7]