ASAMAP Update

1,099 views

Published on

2012年12月20日にあった JANOG Softwire WG Interim Meeting での発表資料です。

0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,099
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
10
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

ASAMAP Update

  1. 1. ASAMAP Update 浅間 正和 @ 有限会社 銀座堂
  2. 2. Maximum IPv6 packet size • Encapsulation/Translation 後の IPv6 packet の maximum size が 1280 byte 固定でしたが以下の command で変 更できるようになりました •# set  interfaces map map0 ipv6-fragment-size 1500 • 未設定時の default 値は 1280 です
  3. 3. Fragment inner IPv4 packet • Encapsulation の時 IPv6 stack で fragment する方法しか 利用できませんでしたが以下の command で IPv4 stack で fragment するか IPv6 stack で fragment するか を選択できるようになりました •# set  interfaces map map0 ipv4-fragment-inner true • true を指定すると IPv4 stack で fragment します • false を指定すると IPv6 stack で fragment します • 未設定時の default 値は true です
  4. 4. IPv4 Header IPv4 Header Fragment inner IPv4 packet 20 byte 20 byte (offset 1472) (offset 0) 8 byte UDP Header DATA 1500 byte 528 byte (1473 2000) DATA 1472 byte (1 1472) 40 byte IPv6 Header 40 byte IPv6 Header 40 byte IPv6 Header 40 byte IPv6 Header 40 byte IPv6 Header IPv4 Header IPv4 Header IPv4 Header IPv4 Header IPv4 Header 20 byte 20 byte 20 byte 20 byte 20 byte (offset 1432) (offset 0) (offset 1472) (offset 1432) (offset 0) DATA 1460 byte 1460 byte DATA 8 byte UDP Header DATA 40 byte 8 byte UDP Header568 byte 528 byte (1433 1472) (1433 2000) (1473 2000) DATA DATA 1432 byte 1432 byte (1 1432) (1 1432) 40 byte IPv6 Header 40 byte IPv6 Header 40 byte IPv6 Header 40 byte IPv6 Header 40 byte IPv6 Header IPv6 Frag Hdr IPv6 Frag Hdr IPv4 Header IPv6 Frag Hdr IPv6 Frag Hdr 8 byte 8 byte 20 byte 8 byte 8 byte (offset 1232) (offset 0) (offset 1472) (offset 1232) (offset 0) IPv4 Header IPv4 Header 1280 byte 1280 byte DATA 20 byte DATA DATA 20 byte796 byte (offset 0) 528 byte 268 byte (offset 0) (1205 2000) (1473 2000) (1205 1472) 8 byte UDP Header 8 byte UDP Header 1204 byte DATA (1 1204) ←これにしてます。 1204 byte DATA (1 1204)
  5. 5. IPv4 Header IPv4 Header Fragment inner IPv4 packet 20 byte 20 byte (offset 1472) (offset 0) 8 byte UDP Header DATA 1500 byte 528 byte (1473 2000) DATA 1472 byte (1 1472) 40 byte IPv6 Header 40 byte IPv6 Header 40 byte IPv6 Header 40 byte IPv6 Header 40 byte IPv6 Header IPv4 Header IPv4 Header IPv4 Header IPv4 Header IPv4 Header 20 byte 20 byte 20 byte 20 byte 20 byte (offset 1432) (offset 0) (offset 1472) (offset 1432) (offset 0) DATA 1460 byte 1460 byte DATA 8 byte UDP Header DATA 40 byte 8 byte UDP Header568 byte 528 byte (1433 1472) (1433 2000) (1473 2000) DATA DATA 1432 byte 1432 byte (1 1432) (1 1432) 40 byte IPv6 Header 40 byte IPv6 Header 40 byte IPv6 Header 40 byte IPv6 Header 40 byte IPv6 Header IPv6 Frag Hdr IPv6 Frag Hdr IPv4 Header IPv6 Frag Hdr IPv6 Frag Hdr 8 byte 8 byte 20 byte 8 byte 8 byte (offset 1232) (offset 0) (offset 1472) (offset 1232) (offset 0) IPv4 Header IPv4 Header 1280 byte 1280 byte DATA 20 byte DATA DATA 20 byte796 byte (offset 0) 528 byte 268 byte (offset 0) (1205 2000) (1473 2000) (1205 1472) 8 byte UDP Header 8 byte UDP Header 1204 byte DATA ←この中から 1204 byte DATA  選べます。 (1 1204) (1 1204)
  6. 6. Fragment inner IPv4 packet • ipv4-fragment-inner false の時の例13:21:41.890828 IP6 2001:db8:100:0:ac:1001:0:8800 > 2001:db8::1: frag (0|1232) IP truncated-ip - 796 bytes missing! 172.16.1.0 > 10.1.1.11: ICMP echo request, id 10382, seq 4, length 200813:21:41.890862 IP6 2001:db8:100:0:ac:1001:0:8800 > 2001:db8::1: frag (1232|796)13:21:41.891638 IP6 2001:db8::1 > 2001:db8:100:0:ac:1001:0:8800: frag (0|1232) IP truncated-ip - 796 bytes missing! 10.1.1.11 > 172.16.1.0: ICMP echo reply, id 10382, seq 4, length 200813:21:41.891658 IP6 2001:db8::1 > 2001:db8:100:0:ac:1001:0:8800: frag (1232|796) • ipv4-fragment-inner true の時の例13:17:58.244688 IP6 2001:db8:100:0:ac:1001:0:8800 > 2001:db8::1: IP 172.16.1.0 > 10.1.1.11: ICMP echo request, id 47244, seq 32, length 121613:17:58.245059 IP6 2001:db8:100:0:ac:1001:0:8800 > 2001:db8::1: IP 172.16.1.0 > 10.1.1.11: icmp13:17:58.247150 IP6 2001:db8::1 > 2001:db8:100:0:ac:1001:0:8800: IP 10.1.1.11 > 172.16.1.0: ICMP echo reply, id 47244, seq 32, length 121613:17:58.247175 IP6 2001:db8::1 > 2001:db8:100:0:ac:1001:0:8800: IP 10.1.1.11 > 172.16.1.0: icmp
  7. 7. Path MTU discovery • ICMPv6 packet too big を受け取った際に埋め込まれ た MTU 値を pMTU として設定するようにしました13:26:07.303972 IP6 2001:db8:100:0:ac:1001:0:8800 > 2001:db8::1: IP 172.16.1.0 > 10.1.1.11: ICMP echo request, id 55433, seq 2, length 144013:26:07.304019 IP6 2001:db8:100:0:ac:1001:0:8800 > 2001:db8::1: IP 172.16.1.0 > 10.1.1.11: icmp13:26:07.304926 IP6 2001:db8:ffff:ffff::1 > 2001:db8:100:0:ac:1001:0:8800: ICMP6, packet too big, mtu 1280, length 124013:26:08.310210 IP6 2001:db8:100:0:ac:1001:0:8800 > 2001:db8::1: IP 172.16.1.0 > 10.1.1.11: ICMP echo request, id 55433, seq 3, length 121613:26:08.310597 IP6 2001:db8:100:0:ac:1001:0:8800 > 2001:db8::1: IP 172.16.1.0 > 10.1.1.11: icmp13:26:08.311739 IP6 2001:db8::1 > 2001:db8:100:0:ac:1001:0:8800: IP 10.1.1.11 > 172.16.1.0: ICMP echo reply, id 55433, seq 3, length 121613:26:08.311758 IP6 2001:db8::1 > 2001:db8:100:0:ac:1001:0:8800: IP 10.1.1.11 > 172.16.1.0: icmp
  8. 8. MAP 1:15.2. Basic mapping rule (BMR) | n bits | o bits | s bits | 128-n-o-s bits | +--------------------+-----------+---------+------------+----------+ | Rule IPv6 prefix | EA bits |subnet ID| interface ID | +--------------------+-----------+---------+-----------------------+ |<--- End-user IPv6 prefix --->| Figure 3: IPv6 address format... snip ... Shared IPv4 address: | r bits | p bits | | q bits | +-------------+---------------------+ +------------+ | Rule IPv4 | IPv4 Address suffix | |Port-Set ID | +-------------+---------------------+ +------------+ | 32 bits | Figure 4: Shared IPv4 address... snip ... The length of r MAY be 32, with no part of the IPv4 address embedded in the EA bits. This results in a mapping with no dependence between the IPv4 address and the IPv6 address. In addition the length of o MAY be zero (no EA bits embedded in the End-User IPv6 prefix), meaning that also the PSID is provisioned using e.g. the DHCP option.
  9. 9. MAP 1:1 Rule IPv6 prefix EA bits Rule IPv4 prefix PSID Rule IPv6 prefix EA bits Rule IPv4 prefix PSID ↑ Rule PSID prefix?
  10. 10. MAP 1:1 • Rule IPv4 prefix が /32 の時に限り Rule PSID prefix と して PSID の一部を設定出来るようにしました • その上で EA bits length が 0 の場合は MAP 1:1 として 利用することができます# set interfaces map map0 rule 1 ipv6-prefix 2001:db8:1234::/48# set interfaces map map0 rule 1 ipv4-prefix 192.0.2.18/32# set interfaces map map0 rule 1 psid-prefix 0x34/8# set interfaces map map0 rule 1 ea-length 0# set interfaces map map0 rule 2 ipv6-prefix 2001:db8:5678::/48# set interfaces map map0 rule 2 ipv4-prefix 192.0.2.18/32# set interfaces map map0 rule 2 psid-prefix 0x56/8# set interfaces map map0 rule 2 ea-length 0# set interfaces map map0 rule 3 ...
  11. 11. MAP 1:1struct map_rule *map_rule_find_by_ipv6addr(struct map *m, struct in6_addr *ipv6addr){ struct map_rule *mr = NULL, *tmp; read_lock(&m->rule_lock); list_for_each_entry (tmp, &m->rule_list, list) { if (ipv6_prefix_equal(&tmp->p.ipv6_prefix, ipv6addr, tmp->p.ipv6_prefix_length)) { if (!mr || (tmp->p.ipv6_prefix_length > mr->p.ipv6_prefix_length)) mr = tmp; } } read_unlock(&m->rule_lock); return mr;} n 個の Mapping Rule に対して O(n) の計算量!!!
  12. 12. IPv6 → IPv4 pps 64 byte packet1,200kpps1,000kpps 800kpps 600kpps 400kpps 200kpps 0kpps 1 16 256 4096 Installed Mapping Rules
  13. 13. Radix tree for IPv6 addr. and IPv4 addr. + PSID • IPv6 → IPv4 変換時の探索用に Rule IPv6 prefix から、 IPv4 → IPv6 変換時の探索用に Rule IPv4 prefix と Rule PSID prefix から、それぞれ Radix tree を生成するこ とで Mapping Rule の探索を高速化しました Mapping Rule の数に依らず O(k) の計算量!!!※ IPv6 addr. からの探索の場合:  k = max(Rule IPv6 prefix length) ※ IPv4 addr. + port num. からの探索の場合:  k = max(Rule IPv4 prefix length + Rule PSID prefix length) 
  14. 14. List Tree IPv6 → IPv4 pps 64 byte packet1,200kpps1,000kpps 800kpps 600kpps 400kpps 200kpps 0kpps 1 16 256 4096 Installed Mapping Rules
  15. 15. List Tree IPv6 → IPv4 pps 64 byte packet1,200kpps1,000kpps 800kpps 600kpps 400kpps 200kpps 0kpps 1 16 256 4096 Installed Mapping Rules
  16. 16. List Tree IPv4 → IPv6 pps 64 byte packet1,200kpps1,000kpps 800kpps 600kpps 400kpps 200kpps 0kpps 1 16 256 4096 Installed Mapping Rules
  17. 17. List Tree IPv6 → IPv4 bps 1478 byte packet10,000Mbps 9,000Mbps 8,000Mbps 7,000Mbps 6,000Mbps 5,000Mbps 4,000Mbps 3,000Mbps 2,000Mbps 1,000Mbps 0Mbps 1 16 256 4096 Installed Mapping Rules
  18. 18. List Tree IPv4 → IPv6 bps 1478 byte packet10,000Mbps 9,000Mbps 8,000Mbps 7,000Mbps 6,000Mbps 5,000Mbps 4,000Mbps 3,000Mbps 2,000Mbps 1,000Mbps 0Mbps 1 16 256 4096 Installed Mapping Rules
  19. 19. PSID et cetera • こんなときどうする?# set interfaces map map0 rule 1 ea-length 0# set interfaces map map0 rule 1 ipv4-prefix 192.0.2.18/32# set interfaces map map0 rule 1 ipv6-prefix 2001:db8:100::/64# set interfaces map map0 rule 1 psid 0x23# set interfaces map map0 rule 1 psid-length 8# set interfaces map map0 rule 1 psid-offset 4# set interfaces map map0 rule 2 ea-length 0# set interfaces map map0 rule 2 ipv4-prefix 192.0.2.18/32# set interfaces map map0 rule 2 ipv6-prefix 2001:db8:200::/64# set interfaces map map0 rule 2 psid 0x234# set interfaces map map0 rule 2 psid-length 12# set interfaces map map0 rule 2 psid-offset 4 • 現状は psid-length の長いものが採用される • 明らかに miss configuration 状態なので rule 2 を reject すべき?
  20. 20. PSID et cetera • こんなときどうする?# set interfaces map map0 rule 1 ea-length 0# set interfaces map map0 rule 1 ipv4-prefix 192.0.2.18/32# set interfaces map map0 rule 1 ipv6-prefix 2001:db8:100::/64# set interfaces map map0 rule 1 psid 0x12# set interfaces map map0 rule 1 psid-length 8# set interfaces map map0 rule 1 psid-offset 0# set interfaces map map0 rule 2 ea-length 0# set interfaces map map0 rule 2 ipv4-prefix 192.0.2.18/32# set interfaces map map0 rule 2 ipv6-prefix 2001:db8:200::/64# set interfaces map map0 rule 2 psid 0x23# set interfaces map map0 rule 2 psid-length 8# set interfaces map map0 rule 2 psid-offset 4 • 現状は psid-offset の小さいものが採用される • 明らかに miss configuration 状態なので rule 2 を reject すべき?
  21. 21. PSID et cetera PSID offset # of Mapping Rule 192.0.2.18:0x12/40 0 1 1 0 192.0.2.18:0x0/34 : : 4 4 192.0.2.18:0x34/40 : : 16 0 192.0.2.18/32 192.0.2.18:0x89/40 192.0.2.0/24 192.0.2.18:0x8/34 192.0.2.18:0xab/40 192.0.2.137/32 192.0.0.0/16 192.0.137.0/24 Node w/ Mapping Rule Node w/o Mapping Rule
  22. 22. まとめ?• Encapsulation/Translation 後の IPv6 packet の maximum size の変更に対応しました• IPv4 stack での fragment に対応しました• Path MTU discovery に対応しました• MAP 1:1 に対応しました• 質問 ☞ Path MTU discovery は実施すべき? ☞ MAP 1:1 どうします? PSID の重複対策は? ☞ PSID offset って Mapping Rule 毎に必要?
  23. 23. List 1-Rules List 16-Rules List 256-Rules List 4096-Rules Tree 1-Rules Tree 16-Rules Tree 256-Rules Tree 4096-Rules IPv4 → IPv6 bps5,000Mbps4,500Mbps4,000Mbps3,500Mbps3,000Mbps2,500Mbps2,000Mbps1,500Mbps1,000Mbps 500Mbps 0Mbps 64 128 256 512 1024 1280 1472 IPv4 Packet Size [byte]
  24. 24. List 1-Rules List 16-Rules List 256-Rules List 4096-Rules Tree 1-Rules Tree 16-Rules Tree 256-Rules Tree 4096-Rules IPv6 → IPv4 bps10,000Mbps 9,000Mbps 8,000Mbps 7,000Mbps 6,000Mbps 5,000Mbps 4,000Mbps 3,000Mbps 2,000Mbps 1,000Mbps 0Mbps 64 128 256 512 1024 1280 1472 IPv4 Packet Size [byte]
  25. 25. List Tree IPv4 → IPv6 bps 1478 byte packet10,000Mbps 9,000Mbps 8,000Mbps 7,000Mbps 6,000Mbps 5,000Mbps 4,000Mbps 3,000Mbps 2,000Mbps 1,000Mbps 0Mbps 1 16 256 4096 Installed Mapping Rules
  26. 26. List Tree IPv6 → IPv4 bps 1478 byte packet10,000Mbps 9,000Mbps 8,000Mbps 7,000Mbps 6,000Mbps 5,000Mbps 4,000Mbps 3,000Mbps 2,000Mbps 1,000Mbps 0Mbps 1 16 256 4096 Installed Mapping Rules
  27. 27. List 1-Rules List 16-Rules List 256-Rules List 4096-Rules Tree 1-Rules Tree 16-Rules Tree 256-Rules Tree 4096-Rules IPv4 → IPv6 pps400kpps350kpps300kpps250kpps200kpps150kpps100kpps 50kpps 0kpps 64 128 256 512 1024 1280 1472 IPv4 Packet Size [byte]
  28. 28. List 1-Rules List 16-Rules List 256-Rules List 4096-Rules Tree 1-Rules Tree 16-Rules Tree 256-Rules Tree 4096-Rules IPv6 → IPv4 pps1,500kpps1,250kpps1,000kpps 750kpps 500kpps 250kpps 0kpps 64 128 256 512 1024 1280 1472 IPv4 Packet Size [byte]
  29. 29. List Tree IPv4 → IPv6 pps 64 byte packet1,200kpps1,000kpps 800kpps 600kpps 400kpps 200kpps 0kpps 1 16 256 4096 Installed Mapping Rules
  30. 30. List Tree IPv6 → IPv4 pps 64 byte packet1,200kpps1,000kpps 800kpps 600kpps 400kpps 200kpps 0kpps 1 16 256 4096 Installed Mapping Rules

×