Network Working Group                                         F. Templin
Internet-Draft                                                     Nokia
Expires: April 14, July 20, 2004                                        T. Gleeson
                                                      Cisco Systems K.K.
                                                               M. Talwar
                                                               D. Thaler
                                                   Microsoft Corporation
                                                        October 15, 2003
                                                        January 20, 2004

        Intra-Site Automatic Tunnel Addressing Protocol (ISATAP)
                    draft-ietf-ngtrans-isatap-16.txt
                    draft-ietf-ngtrans-isatap-17.txt

Status of this Memo

   This document is an Internet-Draft and is in full conformance with
   all provisions of Section 10 of RFC2026.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups. Note that other
   groups may also distribute working documents as Internet-Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time. It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at http://
   www.ietf.org/ietf/1id-abstracts.txt.

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html.

   This Internet-Draft will expire on April 14, July 20, 2004.

Copyright Notice

   Copyright (C) The Internet Society (2003). (2004). All Rights Reserved.

Abstract

   This document specifies an

   The Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) that connects
   IPv6 hosts and routers within neighbors/routers over IPv4
   sites. networks. ISATAP treats views the site's IPv4 unicast infrastructure
   network as a Non-Broadcast, Multiple Access (NBMA) link layer for
   IPv6 with no
   requirement for IPv4 multicast. and views other nodes on the network as potential IPv6
   neighbors/routers. ISATAP enables interfaces support automatic IPv6-in-IPv4 tunneling
   whether globally assigned or private IPv4 addresses are used. ISATAP
   supports an abstraction for tunnel interface management similar to
   the ATM Permanent/Switched Virtual Circuit (PVC/SVC) model.

Table of Contents

   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  3
   2.  Requirements . . . . . . . . . . . . . . . . . . . . . . . . .  3
   3.  Terminology  . . . . . . . . . . . . . . . . . . . . . . . . .  3
   4.  Basic IPv6  Model of Operation . . . . . . . . . . . . . . . . . . . . . .  4
   5.  Automatic Tunneling  Node Requirements  . . . . . . . . . . . . . . . . . . . . .  6 .  4
   6.  Neighbor Discovery  Addressing Requirements  . . . . . . . . . . . . . . . . . . .  4
   7.  Configuration and Management Requirements  . . . . . . . . . .  6
   8.  Automatic Tunneling  . . .  8
   7.  Address Autoconfiguration . . . . . . . . . . . . . . . . . . 12
   8.
   9.  Neighbor Discovery . . . . . . . . . . . . . . . . . . . . . . 17
   10. Other Requirements for Control Plane Signalling  . . . . . . . 19
   11. IANA Considerations  . . . . . . . . . . . . . . . . . . . . . 12
   9. 20
   12. Security considerations  . . . . . . . . . . . . . . . . . . . 12
   10. 20
   13. Acknowledgments  . . . . . . . . . . . . . . . . . . . . . . . 12 20
       Normative References . . . . . . . . . . . . . . . . . . . . . 13 21
       Informative References . . . . . . . . . . . . . . . . . . . . 14 22
       Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 15 24
   A.  Major Changes  . . . . . . . . . . . . . . . . . . . . . . . . 15 25
   B.  Interface Identifier Construction  . . . . . . . . . . . . . . 16 26
       Intellectual Property and Copyright Statements . . . . . . . . 18 28

1. Introduction

   This document specifies a simple mechanism called the Intra-Site
   Automatic Tunnel Addressing Protocol (ISATAP) that enables
   incremental deployment of connects IPv6
   [RFC2460] within neighbors/routers over IPv4 [RFC0791] sites. networks. ISATAP
   allows dual-stack (IPv6/IPv4) nodes that do not share a link with an IPv6
   router to automatically tunnel packets
   to the IPv6 next-hop address through IPv4, i.e., ISATAP sees the site's IPv4 infrastructure is treated
   network as a link layer for IPv6. IPv6 and views other nodes on the network
   as potential IPv6 neighbors/routers. ISATAP supports an abstraction
   for tunnel interface management similar to the Non-Broadcast,
   Multiple Access (NBMA) [RFC2491] and ATM Permanent/Switched Virtual
   Circuit (PVC/SVC) [RFC2492] paradigms.

   The main objectives of this document are to: 1) specify describe the
   operational
   details model for ISATAP, 2) specify addressing requirements, 3)
   discuss configuration and management requirements, 4) specify
   automatic tunneling of IPv6 over IPv4 using ISATAP, 2) 5) specify the format operational aspects of
   IPv6 interface identifiers using an embedded
   IPv4 address, 3) specify the operation of Neighbor Discovery and
   Address Autoconfiguration, Discovery, and 4) 6) discuss security IANA; Security
   considerations.

   The specification in this document is very similar to [RFC2529], with
   the primary distinction that ISATAP does not require IPv4 multicast
   support within the site.

2. Requirements

   The keywords MUST, MUST NOT, REQUIRED, SHALL, SHALL NOT, SHOULD,
   SHOULD NOT, RECOMMENDED, MAY, and OPTIONAL, when they appear in this
   document, are to be interpreted as described in [RFC2119].

   This document also makes use

3. Terminology

   The terminology of internal conceptual variables to
   describe protocol behavior and external variables that an
   implementation must allow system administrators to change. The
   specific variable names, how their values change, and how their
   settings influence protocol behavior are provided to demonstrate
   protocol behavior. An implementation is not required to have them in
   the exact form described here, so long as its external behavior is
   consistent with that described in this document.

3. Terminology

   The terminology of [RFC2460][RFC2461][RFC2462] applies [RFC1122][RFC2460][RFC2461][RFC3582] applies to
   this document. The following additional terms are defined:

   site:
      same as defined in [RFC3582], which is intended to be equivalent
      to "enterprise" as defined in [RFC1918].

   ISATAP interface: node:
      a dual-stack (IPv6/IPv4) node that implements this specification.

   ISATAP driver:
      an interface used ISATAP node's network driver module that provides an engine for automatic IPv6-in-IPv4 tunneling
      encapsulation, decapsulation and
      configured over one or more IPv4 addresses assigned to one or more forwarding of packets between
      tunnel interfaces and the node's IPv4 interfaces stack; it also implements an API
      for tunnel interface management.

   ISATAP server daemon:
      an ISATAP node's process that belong to sends/receives tunnel configuration
      control plane messages, and configures/manages tunnel interfaces
      via the ISATAP driver API; often will be the same site.

   advertising server daemon
      used for IPv6 neighbor/router discovery.

   ISATAP interface:
      same meaning as advertising
      an ISATAP node's point-to-multipoint IPv6 interface used for
      IPv6-in-IPv4 tunneling of control plane traffic; may also be used
      to carry data plane traffic in some deployments scenarios, e.g.,
      certain enterprise networks.

   ISATAP interface identifier:
      an IPv6 interface identifier with an embedded IPv4 address
      constructed as specified in ([RFC2461], section
      6.2.2). Section 6.1.

   ISATAP address:
      an IPv6 unicast address with an on-link prefix assigned on to an ISATAP interface
      and with an
      on-link prefix and an ISATAP interface identifier constructed as specified in
      Section 4.1. identifier.

4. Basic IPv6 Model of Operation

   ISATAP interfaces automatically tunnel IPv6 packets in IPv4 using the
   site's IPv4 infrastructure as provide a link layer, i.e., IPv6 treats the
   site's IPv4 infrastructure point-to-multipoint abstraction for
   IPv6-in-IPv4 tunneling. They are commonly used as a Non-Broadcast, Multiple Access (NBMA)
   link layer with properties similar to [RFC2491]. The following
   sections specify details nexus for basic
   automatic configuration of point-to-point tunnels via tunnel
   configuration control plane messages (e.g., IPv6 operation on ISATAP
   interfaces:

4.1 Interface Identifiers Neighbor Discovery
   and Unicast Addresses

   Interface identifiers for other ICMPv6 messages). For each tunneled packet received, the
   node's ISATAP are constructed in Modified EUI-64
   format as specified in ([ADDR-ARCH], section 2.5.1). They are formed
   by appending driver examines a local forwarding table to determine
   the correct interface to receive the packet after decapsulation. It
   forwards tunnel configuration control plane messages via an ISATAP
   interface to the node's ISATAP server daemon, and forwards data
   messages to applications via configured tunnel interfaces based on a
   specific match for the encapsulating IPv4 source address.

   The ISATAP server daemon sends and receives control plane messages,
   and configures/manages tunnels via the ISATAP driver API. Each such
   configured tunnel provides a nexus for multiplexing one or more
   applications between the remote and local tunnel endpoints using IPv6
   addresses as application identifiers. Each such application
   identifier provides a nexus for multiplexing one or more sessions. In
   summary, each configured tunnel provides a single point-to-point
   connection between peers that can be used to carry multiple
   applications and multiple instances of each application.

5. Node Requirements

   Nodes that use this specification implement the common functionality
   required by [NODEREQ] as well as the additional features specified in
   this document.

6. Addressing Requirements

6.1 ISATAP Interface Identifiers

   ISATAP interface identifiers are constructed in Modified EUI-64
   format as specified in ([ADDR-ARCH], section 2.5.1). They are formed
   by appending a 32-bit IPv4 address to the 32-bit leading token
   '0000:5EFE', then setting the universal/local ("u") bit as follows:

   When the IPv4 address is known to be globally unique (i.e., provider-assigned), unique, the "u" bit is
   set to 1 and the leading token becomes '0200:5EFE'. When the IPv4
   address is from a private allocation [RFC1918], or not otherwise known to be
   globally unique, the "u" bit is set to 0 and the leading token
   remains as '0000:5EFE'.

   Global and link-local See: Appendix B for additional non-normative
   details.

6.2 ISATAP Addresses

   Any IPv6 unicast addresses address ([ADDR-ARCH], sections
   2.5.4, 2.5.6) for section 2.5) that has an
   ISATAP interface identifier and an on-link prefix on an ISATAP
   interface is considered an ISATAP address. ISATAP addresses are
   constructed as follows:

    |           64 bits            |     32 bits   |    32 bits     |
    +------------------------------+---------------+----------------+
    |   global/link-local            prefix            | 000[0/2]:5EFE |  IPv4 Address  |
    +------------------------------+---------------+----------------+

   (Appendix B provides additional non-normative details.)

4.2 ISATAP Interface Management

   The IP Tunnel MIB [MIB] is used, with the following additions for
   ISATAP interfaces:

   o  For each IPv4 address an

6.3 Multicast/Anycast

   ISATAP interface is configured over, interfaces recognize a
      tuple consisting of the IPv4 address and ifIndex for the
      corresponding IPv4 interface ([RFC2863], node's required IPv6 multicast/anycast
   addresses ([ADDR-ARCH], section 3.1.5) is added
      to ifRcvAddressTable ([MIB], 2.8).

   Section 8.2 discusses encapsulation for multicast/anycast packets.

6.4 Source/Target Link Layer Address Options

   Source/Target Link Layer Address Options ([RFC2461], section 3.1.2).

   o  tunnelIfRemoteInetAddress in the tunnelIfEntry object ([MIB],
      section 4) is set to 0.0.0.0 for ISATAP interfaces.

   When an IPv4 address over which an ISATAP interface is configured is
   removed from its IPv4 interface, the corresponding (IPv4 addres,
   ifIndex)-tuple MUST be removed from the ISATAP interface
   ifRcvAddressTable. If the IPv4 address is also used as
   tunnelIfLocalInetAddress ([MIB], section 5) in the ISATAP interface
   tunnelIfEntry, the interface MUST either set tunnelIfLocalInetAddress
   to a different IPv4 address or be disabled.

   When a new IPv4 address is added to an IPv4 interface an ISATAP
   interface is configured over, a new (IPv4 address, ifIndex)-tuple MAY
   be added to ifRcvAddressTable and tunnelIfLocalInetAddress MAY be set
   to the new address.

4.3 Multicast and Anycast

   ISATAP interfaces recognize an IPv6 node's required addresses
   ([ADDR-ARCH], section 2.8). The following multicast mappings are
   defined for packets sent on ISATAP interfaces:

   o  When the IPv6 destination address is the 'All-Routers'
      ([ADDR-ARCH], section 2.7.1) or
      'All_DHCP_Relay_Agents_and_Servers' ([RFC3315], section 1.2)
      multicast address, it is mapped to V4ADDR(i) for one or more
      PRL(i)'s (see: Section 6.1). The manner of selecting PRL(i)'s is
      up to the implementation.

   Other multicast mappings, and mechanisms for general-purpose
   multicast/anycast emulation on ISATAP interfaces are beyond the scope
   of this document.

4.4 Source/Target Link Layer Address Options

   Source/Target Link Layer Address Options ([RFC2461], section 4.6.1)
   for ISATAP have 4.6.1)
   for ISATAP have the following format:

    +-------+-------+-------+-------+-------+-------+-------+--------+
    | Type  |Length |   0   |   0   |        IPv4 Address            |
    +-------+-------+-------+-------+-------+-------+-------+--------+

   Type:
      1 for Source Link-layer address.
      2 for Target Link-layer address.

   Length:
      1 (in units of 8 octets).

   IPv4 Address:
      The
      A 32 bit IPv4 address, in network byte order.

5. Automatic Tunneling order ([RFC2223bis],
      section 3.4).

7. Configuration and Management Requirements

7.1 Network Management

   ISATAP interfaces use the basic transition mechanisms specified in
   [MECH] with nodes MAY support network management; ISATAP nodes that
   support network management SHOULD support the following exceptions:

5.1 Tunnel MTU and Fragmentation MIBs:
   [FTMIB][IPMIB][TUNNELMIB]. The specification in ([MECH], section 3.2) is not used; configuration objects cited throughout
   the
   specification in remainder of this section is used instead.

   The minimum MTU for IPv6 interfaces is 1280 bytes ([RFC2460], Section
   5), but document were selected to match the following operational considerations are noted:

   o  Nearly names of
   MIB objects. ISATAP nodes that do not support network management MAY
   choose their own local representation of these objects.

7.2 ISATAP Driver API

   The ISATAP driver provides an API for tunnel interface configuration
   and management that may be accessed by processes running on the
   ISATAP node, e.g., startup scripts, manual command line entry, kernel
   processes, ISATAP server daemons, etc. Access MUST be restricted to
   privileged users and applications. The API provides the following
   primitives; operational details are given in the subsections that
   follow:

   'TUNNEL_CREATE':
      creates a tunnel interface. Takes as parameters a tunnel
      encapsulation method, parameters for setting read-write objects
      for the tunnel, and a list of receive addresses to initialize a
      forwarding entry in the system's ifRcvAddressTable. Returns an
      index for the new tunnel interface, or a failure code.

   'TUNNEL_DELETE':
      deletes an existing tunnel interface. Takes as parameter an
      index of the tunnel interface to be deleted. Returns success
      or a failure code.

   'TUNNEL_MODIFY':
      adds or deletes attributes for an existing tunnel interface, and
      its corresponding forwarding entry in the ifRcvAddressTable. Takes
      the same list of parameters as for TUNNEL_CREATE, plus a flag that
      denotes the operation (i.e., "add" or "delete"). Returns success
      or a failure code.

   'TUNNEL_DUP':
      duplicates an existing tunnel interface. Takes as parameter the
      index of the tunnel interface to be duplicated. Returns an index
      for the newly-created tunnel interface, or a failure code.

   'TUNNEL_GET':
      copies configuration attributes from system table entries
      associated with the specified tunnel interface into a user's
      buffer. Takes as parameter an index of a tunnel interface.
      Returns the number of system table entry data bytes written
      into the application's buffer or a failure code.

7.2.1 TUNNEL_CREATE

   ISATAP drivers implement a 'TUNNEL_CREATE' primitive that provides a
   means for configuring the 'tunnelIfEncapsMethod', all read-write
   objects associated with the 'tunnelIfEntry', and a list of receive
   addresses for the tunnel which consist of an IPv4 address and an
   index for the interface to which the address is assigned (i.e,. an
   IPv4 address-to-interface mapping).

   When a process on the ISATAP node issues 'TUNNEL_CREATE' primitive,
   it includes a parameter for configuring the 'tunnelIfEncapsMethod'
   object, and MAY include parameters for configuring other read-write
   objects in the 'tunnelIfEntry'. It MAY also include one or more
   receive address parameters. (Any required configuration parameters
   not included in the 'TUNNEL_CREATE' primitive are to be issued in a
   subsequent 'TUNNEL_MODIFY' primitive.)
   When the ISATAP driver processes a 'TUNNEL_CREATE' primitive, it
   creates an entry in the 'tunnelInetConfigTable', which results in the
   simultaneous creation of a 'tunnelIfEntry' in the 'tunnelIfTable' and
   an 'ifEntry' in the appropriate 'ifTable'. Next, it sets the
   'tunnelIfEncapsMetod' object to the 'IANAtunnelType' specified by the
   primitive, and sets any other "read-write" objects in the
   'tunnelIfEntry' based on parameters included.

   After configuring the 'tunnelIfEntry', the driver uses each receive
   address parameter included to locate a preferred 'ipAddressEntry' in
   the system's 'ipAddressTable'. It then creates an entry for the new
   tunnel interface in the 'ifRcvAddressTable' that includes the list of
   selected 'ipAddressEntry's, 'tunnelLocalInetAddress',
   'tunnelRemoteInetAddress', 'tunnelIfEncapsMethod', and the 'ifIndex'
   for the tunnel interface.

   After performing the above actions, the ISATAP driver returns either
   an interface index for the newly-created tunnel interface or a
   failure code.

7.2.2 TUNNEL_DELETE

   ISATAP drivers implement a 'TUNNEL_DELETE' primitive that provides a
   means for deleting all table entries associated with a tunnel
   interface.

   When an ISATAP node's process issues a 'TUNNEL_DELETE' primitive, it
   includes an index for the tunnel interface returned via a previous
   'TUNNEL_CREATE' or 'TUNNEL_DUP' primitive.

   When the ISATAP driver processes a 'TUNNEL_DELETE' primitive, it
   locates the 'tunnelInetConfigEntry' for the tunnel interface based on
   the interface index parameter and deletes the entry from the
   'tunnelInetConfigTable'. This has the result of simultaneously
   deleting the 'tunnelIfEntry' and 'ifEntry' from their respective
   tables. The driver also removes the corresponding forwarding table
   entry for the tunnel interface from the 'ifRcvAddressTable'.

   After performing the above actions, the ISATAP driver returns either
   success or a failure code.

7.2.3 TUNNEL_MODIFY

   ISATAP drivers implement a 'TUNNEL_MODIFY' primitive that provides a
   means for modifying all read-write objects associated with the
   'tunnelIfEntry' and for adding or deleting entries from the list of
   receive addresses for the tunnel. The primitive also provides a flag
   for specifying whether the desired operation is "add" or "delete".

   (For vector objects, the "add"/"delete" operations have the meaning
   intended by their names; for scalar objects, the ISATAP driver
   interprets an "add" operation as: "change to new value" and a
   "delete" operation as: "reset to default".)

   When an ISATAP node's process issues a 'TUNNEL_MODIFY' primitive, it
   includes an index for the tunnel interface returned via a previous
   'TUNNEL_CREATE' or 'TUNNEL_DUP' primitive, and also includes a flag
   that specifies "add" or delete". It MAY include one or more parameter
   for configuring read-write objects in the 'tunnelIfEntry' and MAY
   also include one or more receive address (formatted as for
   'TUNNEL_CREATE').

   When the ISATAP driver processes a 'TUNNEL_MODIFY' primitive, it
   locates the correct 'tunnelIfEntry' for the interface index parameter
   and modifies objects for the entry based on any included parameters.
   If one or more receive address parameters are included, the driver
   also adds or deletes receive addresses from the forwarding table
   entry in the 'ifRcvAddressTable' corresponding to the
   'tunnelIfEntry'. If no parameters are included, the result is a
   NO-OP.

   After performing the above actions, the ISATAP driver returns either
   success or a failure code.

7.2.4 TUNNEL_DUP

   ISATAP drivers implement a 'TUNNEL_DUP' primitive that creates a new
   tunnel interface by duplicating a set of system table entries from an
   existing tunnel interface.

   When a user application or a system process issues a 'TUNNEL_MODIFY'
   primitive, it includes an index for the tunnel interface to be
   duplicated from a previous 'TUNNEL_CREATE' or 'TUNNEL_DUP' primitive.

   When the ISATAP driver processes a 'TUNNEL_DUP' primitive, it creates
   a new entry in the 'tunnelInetConfigTable' exactly as for
   'TUNNEL_CREATE' (see: Section 7.2.1). Next, it locates the
   'tunnelIfEntry' and 'ifEntry' for the tunnel interface to be
   duplicated and copies all attributes from those objects into the
   newly-created 'tunnelIfEntry' and 'ifEntry'. The driver also creates
   a duplicate forwarding table entry in the 'ifRcvAddressTable' using
   the existing entry identified by the interface index parameter as a
   prototype, then sets the newly-created forwarding entry's index to
   the 'ifIndex' for the newly-created tunnel interface.

   After performing the above actions, the ISATAP driver returns either
   an interface index for the newly-created tunnel interface or a
   failure code.

7.2.5 TUNNEL_GET

   To aid network administrators, ISATAP drivers SHOULD implement a
   'TUNNEL_GET' primitive that returns the current configuration of all
   tables in the system associated with the specified tunnel interface.

   When a user application issues a 'TUNNEL_GET' primitive, it includes
   an index for a tunnel interface from a previous 'TUNNEL_CREATE' or
   'TUNNEL_DUP' primitive, a pointer to a character buffer to receive
   the configuration information, and an integer indicating the
   available space in the buffer.

   When the ISATAP driver processes a 'TUNNEL_GET' primitive, it
   prepares a character string that includes the concatenation of the
   'tunnelIfEntry' and the 'ifRcvAddressTable' entry for the tunnel
   interface identified by the index parameter. (The 'ifEntry' is not
   concatenated, since its contents may be examined via primitives from
   other APIs.) Next, the driver copies the character string to the
   server daemon's character buffer up to the specified available buffer
   space.

   After performing the above actions, the ISATAP driver returns either
   the number of bytes copied or a failure code (to include a code that
   indicates "operation not supported").

7.3 ISATAP Interface Configuration

   ISATAP interfaces are normally configured by an ISATAP node's system
   startup scripts or via manual configuration, but may also be created
   by a dynamic process. When a node creates (or later modifies) an
   ISATAP interface, it assigns to the interface one or more receive
   address that consists of an IPv4 address and an index for the
   interface to which the address is assigned (i.e,. an IPv4
   address-to-interface mapping). Each receive address assigned MUST
   represent a mapping for the same site (or, MUST represent a mapping
   that is routable on the global Internet), i.e., the receive addresses
   assigned to a single tunnel interface MUST NOT span multiple sites.

   ISATAP nodes issue 'TUNNEL_CREATE' and 'TUNNEL_MODIFY' primitives for
   ISATAP interfaces the same as for any tunnel interface;
   'TUNNEL_CREATE' primitives include a parameter to set
   'tunnelIfEncapsMethod' to an 'IANATunnelType' code for "isatap". A
   'TUNNEL_CREATE' or 'TUNNEL_MODIFY' primitive that includes parameters
   to set 'tunnelIfLocalInetAddress' to an IPv4 address that will be
   used as one of the interface's receive addresses, and
   'tunnelIfRemoteInetAddress' to 0.0.0.0 to denote wildcard match for
   remote tunnel endpoints SHOULD be issued before the IPv6 interface
   associated with the tunnel interface is enabled (see below).

   When an ISATAP interface is created, the ISATAP driver also creates
   an 'ipv6InterfaceEntry' as the companion 'ifEntry' to the
   'tunnelIfEntry'. After setting the required objects in the
   'tunnelIfEntry' (see above), the ISATAP node configures objects in
   the 'ipv6InterfaceEntry' for an ISATAP interface the same as for any
   IPv6 interface. For ISATAP interfaces (and other tunnel interfaces
   that use IPv4 as a link layer for IPv6 ), the node sets the
   'ipv6InterfaceType' object to "tunnel". Next, the node sets the
   'ipv6InterfacePhysicalAddress' object to an IPv4 address that will be
   used as one of the tunnel interface's receive addresses; this object
   MUST be formatted as a 4-octet entity containing an IPv4 address in
   network byte order ([RFC2223bis], section 3.4). The node next sets
   the 'ipv6ScopeZoneIndexLinkLocal' object to a zone index identifier
   that denotes the site for which the tunnel interface's receive
   addresses are valid. Finally, the node configures all other required
   read-write parameters in the 'ipv6InterfaceEntry' as for any IPv6
   interface, and sets 'ipv6InterfaceAdminStatus' to "up".

   After configuring the ISATAP interface, the node sets the interface's
   'ipv6InterfaceForwarding' object (and, if necessary, the node's
   'ip6Forwarding' object) to "forwarding". The node also creates an
   'ipv6RouterAdvertEntry' in the 'ipv6RouterAdvertTable' and sets the
   'ipv6RouterAdvertIfIndex' object to the same value as
   'ipv6InterfaceIfIndex'. Objects in the 'ipv6RouterAdvertEntry' for an
   ISATAP interface are configured as for any IPv6 router, however
   'ipv6RouterAdvertLinkMTU' SHOULD NOT be set to a value other than 0
   unless the ISATAP driver will monitor the IPv4 reassembly cache and
   report fragmentation of tunneled packets to the source by sending
   IPv6 Router Advertisements with MTU options (see: Section 8.3).
   Configuration of objects relating to IPv6 forwarding is normally
   managed by the ISATAP server daemon.

7.4 Dynamic Creation of Configured Tunnels

   Configured tunnels are normally created through ISATAP driver API
   calls issued by an ISATAP server daemon in dynamic response to a
   tunnel creation request. Configured tunnel interfaces are created as
   for ISATAP interfaces (see: Section 7.3), except that the
   'tunnelIfRemoteInetAddress' for the new entry is normally set to a
   specific IPv4 address for a remote node at the far end of the tunnel,
   i.e., configured tunnels are normally configured as point-to-point.
   As for ISATAP interfaces, configured tunnels MUST NOT select a list
   of receive address mappings that span multiple sites.

   Processes that create configured tunnels may find the 'TUNNEL_DUP'
   primitive useful (and, in some cases essential) for reducing
   administrative complexity. An ISATAP interface may be used as the
   prototype for the 'TUNNEL_DUP' primitive; the configured tunnel
   interface inherits the attributes of the ISATAP interface, including
   the forwarding table entry in the system's 'ifRecvAddressTable'.
   After creating a configured tunnel via the 'TUNNEL_DUP' primitive,
   the process uses the 'TUNNEL_MODIFY' primitive to modify specific
   attributes.

7.5 Reconfigurations Due to IPv4 Address Changes

   When an 'ipAddressEntry' becomes deprecated (e.g., when an IPv4
   address is removed from an IPv4 interface) the 'ipAddressEntry' MUST
   be removed from all forwarding entries in the 'ifRcvAddressTable'
   that referenced it. Also, all 'tunnelIfEntry's that used
   'ipAddressAddr' as 'tunnelIfLocalInetAddress' and
   'ipv6InterfaceEntry's that used 'ipAddressAddr' as
   'ipv6InterfacePhysicalAddress' MUST select a different IPv4 address
   for those objects from their remaining list of receive addresses.
   Methods for triggering the mandatory changes are implementor's
   choice.

   When a new IPv4 address is added to an IPv4 interface, the node MAY
   add the new 'ipAddressEntry' to the list of receive addresses for
   forwarding entries in 'ifRcvAddressTable', and MAY set
   'tunnelIfLocalInetAddress' and/or 'ipv6InterfacePhysicalAddress' for
   interfaces referenced by the updated forwarding entries to the new
   address.

8. Automatic Tunneling

   ISATAP nodes use the basic tunneling mechanisms specified in [MECH].
   The following additional specifications are used for ISATAP:

8.1 Encapsulation

   The ISATAP driver is responsible for inserting the outermost IPv4
   encapsulating header for all tunneled packets. Tunnel interfaces that
   use various encapsulation methods (e.g., 6over4 [RFC2529], 6to4
   [RFC3056], teredo, IP encapsulation within IP [RFC2003], minimal
   encapsulation within IP [RFC2004], basic IPv6-in-IPv4 encapsulation
   [MECH], ISATAP encapsulation itself, etc.) can all be configured as
   encapsulation clients of the ISATAP driver.

   The ISATAP driver performs AH [RFC2402] and ESP [RFC2406] processing
   for tunnels that use IPsec, and may also perform header compression
   prior to encapsulation.

8.2 Multicast/Anycast

   ISATAP interfaces tunnel only those packets with IPv6 multicast/
   anycast destinations to include a node's required multicast/anycast
   addresses, the 'All_DHCP_Relay_Agents_and_Servers' and
   'All_DHCP_Servers' multicast addresses [RFC3315] and multicast
   addresses discovered via MLD [RFC2710]. Packets with unrecognized
   IPv6 multicast/anycast destinations are silently dropped.

   ISATAP interfaces automatically tunnel IPv6 multicast packets with
   the 'All_DHCP_Relay_Agents_and_Servers' and 'All_DHCP_Servers' using
   the IPv4 'all hosts' broadcast address (i.e., 0xffffffff broadcast
   address) as the destination address in the encapsulating IPv4 header
   under the assumption that DHCPv6 servers will be co-located with
   DHCPv4 servers.

   For other IPv6 multicast destinations, ISATAP interfaces
   automatically tunnel packets using a mapped Organization-Local Scope
   IPv4 multicast address ([RFC2529], section 6) as the destination
   address in the encapsulating IPv4 header. ISATAP nodes join the
   Organization-Local Scope IPv4 multicast groups required to support
   IPv6 Neighbor Discovery ([RFC2529], Appendix A) on interfaces that
   may receive IPv4 packets to be forwarded to an ISATAP interface.

   NOTE: When the ISATAP node enables one or more 6over4 interfaces
   [RFC2529], the 6over4 interfaces MAY be used (i.e., instead of ISATAP
   interfaces) for sending and receiving multicast packets.

8.3 Tunnel MTU and Fragmentation

   The specification in ([MECH], section 3.2) is not used; the
   specification in this section is used instead:

   ISATAP interfaces set a static MTU of 1280 bytes, i.e., the minimum
   MTU for IPv6 interfaces ([RFC2460], section 5) and do not set the
   Don't Fragment bit in the encapsulating IPv4 headers of tunneled
   packets. ISATAP interfaces MAY provide a configuration knob for
   setting a larger MTU, but larger MTUs MUST NOT be configured other
   than for certain constrained deployments, e.g., in some enterprise
   networks). Interfaces that may receive IPv4 nodes connect packets to physical links with MTUs be forwarded
   to an ISATAP interface SHOULD configure an Effective MTU to Receive
   (EMTU_R) [RFC1122], section 3.3.2) of at least 1500 bytes, i.e., they
   SHOULD be able to reassemble IPv4 packets of 1500 bytes or larger (e.g., Ethernet)

   o  Sub-IPv4 larger.

   1280 bytes was chosen as the IPv6 interface minimum MTU [DEERING97]
   to allow extra room for link layer encapsulations (e.g., VPN) may occur on some paths

   o  Commonly-deployed VPN interfaces use an without exceeding
   the Ethernet MTU of 1400 bytes

   To maximize efficiency and minimize IPv4 fragmentation 1500 bytes, i.e., the practical physical cell
   size of the Internet. The 1280 byte MTU provides a fixed upper bound
   for the
   predominant deployment case, LinkMTU size of IPv6 packets/fragments with a maximum
   store-and-forward delay budget of ~1 second assuming worst-case link
   speeds of ~10Kbps [RFC3150], thus allowing a convenient value for ISATAP interfaces SHOULD be
   set use
   in reassembly buffer timer settings. Finally, the 1280 byte MTU
   allows transport connections (e.g., TCP) to configure a large-enough
   maximum segment size for improved performance even if the IPv4
   interface that will send the tunneled packets uses a smaller MTU.

   When the size of the IPv6 destination's receive buffer is known,
   applications MAY send IPv6 packets up to that size using IPv6
   fragmentation (or, fragmentation via an alternate form of
   encapsulation) with a maximum fragment size that is no more larger than 1380 bytes (1400 minus 20 bytes
   the minimum of the MTU of the IPv4 interface used for tunneling and
   1280 bytes. Even so, IPv4
   encapsulation).

   LinkMTU fragmentation MAY be set still occur along some
   paths; in particular, since the minimum IPv4 fragment size is only 8
   bytes ([RFC0791], section 2), middleboxes with unusual
   implementations of IPv4 fragmentation could shatter the tunneled
   packets into as many as 187 IPv4 fragments to larger values when accommodate a dynamic 1500 byte
   IPv4 packet. Such sustained bursts of small packets could result in
   poor performance due to increased loss probability on paths with
   non-negligible packet loss due to, e.g., link layer (IPv4)
   MTU discovery mechanism is used, errors, congested
   router queues, etc.

   Therefore, ISATAP nodes that anticipate or experience poor
   performance along some paths MAY choose to adaptively vary the
   maximum size for the packets/fragments they send. For example,
   implementations may choose to employ a "fragment size slow start"
   scheme that begins with as little as 8 bytes (i.e., the minimum IPv4
   fragment size) and varies the size of the fragments using, e.g., an
   additive-increase, multiplicative-decrease strategy to determine the
   size that yields the best performance. The process can be made to
   converge more quickly when a static next-hop IPv6 routers are configured to
   send Router Advertisements with MTU assignment options when they experience IPv4
   fragmentation, since the sender is
   used made aware that fragmentation is
   occurring, and the anticipated/measured level MTU option can be used to return the size of fragmentation the
   largest IPv4 fragment observed which may help the sender determine
   the optimal fragment size.

   Since many nodes are expected to implement this specification, an
   overall increase in small packets in the Internet may occur as more
   nodes with tunnel interfaces implement schemes such as the
   site's one
   described above to avoid IPv4 fragmentation-related performance
   issues. For this reason, network is deemed acceptable.

   When a dynamic link layer MTU discovery mechanism is not used, equipment manufacturers and network
   administrators are encouraged to observe the
   Don't Fragment (DF) bit MUST NOT be set Recommendations on Queue
   Management and Congestion Avoidance in the encapsulating Internet [RFC2309]. In
   particular, byte mode queue averaging for RED is encouraged.

   With reference to the above, it is RECOMMENDED that ISATAP nodes use
   adaptive techniques to minimize IPv4
   header fragmentation and use IPv6
   fragmentation/reassembly (or, fragmentation/reassembly via an
   alternate form of encapsulation) to manage the size of packets sent on the tunneled
   packets they send. It is also RECOMMENDED that ISATAP interface. In this case, black
   holes may nodes monitor
   the IPv4 reassembly cache in rare instances occur along some paths even when order to give early indications of IPv4
   network fragmentation by sending Router Advertisements with MTU
   options to the
   tunnel interface uses source of the IPv6 minimum IPv4 fragments. The MTU options should
   include a value to indicate the size of 1280 bytes. (This
   concern is not specific the largest packet that can
   be expected to arrive without incurring IPv4 fragmentation. Finally,
   it is RECOMMENDED that ISATAP interfaces, but applies to all
   tunnels nodes set small timeout values, e.g. 1
   second, for which nested levels IPv4 reassembly of sub link-layer encapsulation may
   occur.)

5.2 tunneled packets.

8.4 Handling IPv4 ICMP Errors

   ISATAP interfaces SHOULD process ARP failures and persistent ICMPv4
   errors SHOULD be processed as link-specific information indicating that a path to a
   neighbor has may have failed ([RFC2461], section 7.3.3).

5.3

8.5 Link-Local Addresses

   The specification in ([MECH], section 3.7) is not used; the
   specification in Section 4.1 6.1 of this document is used instead.

5.4

8.6 Neighbor Discovery over Tunnels

   The specification in ([MECH], section 3.8) is not used; the
   specifications
   specification in Section 6 and Section 7 9 of this document are is used instead.

5.5

8.7 Decapsulation/Filtering

   The specifications in ([MECH], sections 3.6, 3.9 and 4.1) are used.

   In addition,

   ISATAP nodes arrange for the decapsulator MUST determine ISATAP driver to received all tunneled
   packets that use an IPv4 header as the outermost layer of
   encapsulation. Examples include ip-protocol-41 (6to4, 6over4, isatap,
   etc.), ip-protocol-4 (IP encapsulation within IP, minimal
   encapsulation within IP, etc.), UDP port 3544 (teredo, etc.) and
   others. The ISATAP driver determines the correct tunnel interface to
   receive each IPv4 protocol-41 packet via a table lookup
   for in the tuple consisting of 'ifRcvAdddressTable' for the
   packet's IPv4 source and address, destination address, and ifIndex an index for the
   receiving IPv4 interface. (Note that
   ISATAP interfaces match all IPv4 source addresses by default; if a
   tunnel interface with a more-specific match on the IPv4 source
   address exists, it is selected to receive and the packet as for
   longest-prefix-match.) type of encapsulation. Packets for
   which the correct tunnel interface cannot be determined are discarded; in this case, the decapsulator
   MAY also send an ICMPv4 Destination Unreachable message with code 3
   (Port Unreachable) ([RFC1122], section 3.2.2.1) to the IPv4 source
   address in the packet's outer header. silently
   discarded.

   After determining the correct tunnel interface, the decapsulator MUST
   also verify ISATAP driver
   verifies that the packet's link-layer (IPv4) source address is
   correct for the network-layer (IPv6) source address. For configured
   tunnels, the IPv4 and IPv6 source addresses can be checked directly
   against the configured tunnel's addresses. For ISATAP interfaces, the
   packet's link-layer source address is correct if one (or more) of the
   following are true:

   o  the network-layer source address is an ISATAP address that embeds
      the link-layer source address in its interface identifier.

   o  the network-layer source address is an IPv6 neighbor within on an
      interface that has the same site 'ipv6ScopeZoneIndexLinkLocal' as the receiving ISATAP interface,
      receiving ISATAP interface.

   o  the link-layer source address is a member of the Potential Router
      List (see: Section 9.1).

   Packets for which the link-layer source address is incorrect are
   discarded and, if permitted by the current status of ICMPv6 message
   rate limiting parameters [ICMPV6], section 2.4, paragraph f), an
   ICMPv6 Destination Unreachable message SHOULD be generated and sent
   to the IPv6 source in the inner header of the encapsulated packet.
   The error message SHOULD include only enough bytes from the invoking
   packet to convey the IPv6 header information, i.e., it SHOULD NOT
   include up to the minimum IPv6 MTU.

   After determining the correct tunnel interface to receive the packet,
   the ISATAP driver examines the IPv6 and IPv4 source addresses to
   determine whether a rewrite is required. If the IPv6 source address
   is an ISATAP address with the 'u/l' and 'g' bits set to 0 (see:
   Section 6.1), and the IPv4 source address does not match the IPv4
   address encoded in the ISATAP interface identifier, the ISATAP driver
   copies the IPv4 source address over the IPv4 address embedded in the
   IPv6 address and sets the 'u/l' bit to 1. Other forms of rewrites
   (e.g., rewrites for multicast rendezvous points based on the 'u' and
   'g' bit) MAY be specified in other documents.

   Next, the link-layer
      source address matches ISATAP driver discards the link layer address in encapsulating IPv4 header and
   locates any existing host-pair information, e.g., via the neighbor
      cache. IPv6 Flow
   Label [FLOW]. Then:

   o  the link-layer source address  If header compression is indicated, the packet's inner header(s)
      are reconstituted.

   o  If a member of security association is indicated, AH [RFC2402] or ESP
      [RFC2406] processing is applied.

   o  If the Potential Router
      List packet is a fragment, it is placed in a buffer for
      reassembly. The buffer may be, e.g., the site (see: Section 6.1).

   Packets for which IPv6 reassembly cache, an
      application's own data buffer [RFC3542], etc.

   Finally, when a whole packet has been received, it is delivered to
   the link-layer source address correct tunnel interface. If there is incorrect are
   discarded, and clear evidence that
   reassembly of a fragmented packet has stalled, an ICMPv6 Destination Unreachable "packet too
   big" message ([ICMPV6],
   section 3.1) SHOULD be [RFC1981] is sent to the IPv6 packet's source in the inner header of
   the encapsulated packet address
   (subject to rate limiting as in [ICMPV6],
   section 2.4, paragraph f).

6. ICMPv6 rate-limiting) with an MTU value indicating a size
   that is likely to incur successful reassembly.

9. Neighbor Discovery

   ISATAP interfaces nodes use the neighbor discovery mechanisms specified in
   [RFC2461] along with securing mechanisms such as [SEND] to create/
   change neighbor cache entries and to provide control plane signalling
   for automatic tunnel configuration. ISATAP interfaces also implement
   the following exceptions:

6.1 specifications:

9.1 Conceptual Model Of A Host

   To the list of Conceptual Data Structures ([RFC2461], section 5.1),
   ISATAP interfaces add:

   Potential Router List
      A set of entries about potential routers for the site; routers; used to support the
      mechanisms specified in  Section 6.2.3. 9.2.2.1. Each entry ("PRL(i)")
      has an associated timer ("TIMER(i)"), and an IPv4 address
      ("V4ADDR(i)") that represents a router's advertising ISATAP
      interface.

6.2

9.2 Router and Prefix Discovery

6.2.1 Message Validation

6.2.1.1 Validation of Router Solicitation Messages

   To the list of validity checks for Router Soliciation messages
   ([RFC2461], section 6.1.1), ISATAP interfaces add:

   o  If the message includes a Source Link Layer Address Option, the
      message also includes an IP authentication Header.

6.2.1.2 Validation of Router Advertisement Messages

   To the list of validity checks for Router Advertisement messages
   ([RFC2461], section 6.1.1), ISATAP interfaces add:

   o  IP Source Address is an ISATAP link-local address that embeds
      V4ADDR(i) for some PRL(i).

   o  If the message includes a Source Link Layer Address Option, the
      message also includes an IP authentication Header.

6.2.2

9.2.1 Router Specification

   As permitted by ([RFC2461], section 6.2.6), advertising the ISATAP
   interfaces server daemon
   SHOULD send unicast Router Advertisement messages to the soliciting host's
   node's address when the solicitation's source address is not the
   unspecified address.

6.2.3

9.2.2 Host Specification

6.2.3.1

9.2.2.1 Host Variables

   To the list of host variables ([RFC2461], section 6.3.2), ISATAP
   interfaces add:

   PrlRefreshInterval
      Time in seconds between successive refreshments of the PRL after
      initialization. It SHOULD be no less than 3600 seconds. The
      designated value of all 1's (0xffffffff) represents infinity.

      Default: 3600 seconds
   MinRouterSolicitInterval
      Minimum time in seconds between successive solicitations of the
      same advertising ISATAP interface. It SHOULD be no less than 900
      seconds. The designated value of alll 1's (0xffffffff) represents
      infinity.

      Default: 900 seconds

6.2.3.2

9.2.2.2 Interface Initialization

   The host ISATAP node joins the all-nodes multicast address on ISATAP
   interfaces, as for multicast-capable interfaces ([RFC2461], section 6.3.3).
   6.3.3) and MAY also join other multicast groups, e.g., see: Section
   8.2

   Additionally, the host node provisions the ISATAP interface's PRL with
   IPv4 addresses it discovers via manual configuration, a DNS
   fully-qualified domain name (FQDN) [RFC1035], a DHCPv4 option for
   ISATAP [ISDHCP], option, a
   DHCPv4 vendor-specific option, or an unspecified alternate method. (Support for manual configuration is REQUIRED;
   other methods are OPTIONAL.)
   When

   ISATAP nodes establish FQDNs are used, the host establishes the FQDN via manual configuration or an
   unspecified alternate method. (Support for manual
   configuration is REQUIRED; other methods are OPTIONAL.) The host Nodes resolves the FQDN FQDNs into IPv4
   addresses through lookup in a static host file, a site-specific name service, querying the site's DNS
   service, or an unspecified alternate method. When DNS is used, client
   resolvers use the IPv4 transport.

   After the host node provisions the ISATAP interface's PRL with IPv4
   addresses, it sets PrlRefreshIntervalTimer to PrlRefreshInterval
   seconds. The host node re-initializes the PRL (i.e., as specified above)
   when PrlRefreshIntervalTimer expires, or when an asynchronous
   re-initialization event occurs. When the host node re-initializes the PRL,
   it resets PrlRefreshIntervalTimer to PrlRefreshInterval seconds.

6.2.3.3

9.2.2.3 Processing Received Router Advertisements

   The ISATAP server daemon processes Router Advertisements (RAs) are processed
   exactly as specified in ([RFC2461], section 6.3.4) except that, if the 6.3.4). Router
   Advertisement messages received on a point-to-point tunnel interface
   that contain an MTU option is present,
   the option's value SHOULD be stored in with a per-neighbor cache entry for value less than 1280 bytes cause
   the source of interface to reduce its MTU to the RA; it lesser value, but Router
   Advertisements received on an ISATAP interface MUST NOT be copied into LinkMTU for cause the
   ISATAP interface.

   Additionally, hosts interface to reduce its MTU to a value less than 1280 bytes.

   For Router Advertisement messages received on an ISATAP interface
   that include prefix options and/or non-zero values in the Router
   Lifetime, the server daemon reset TIMER(i) to schedule the next
   solicitation event (see: Section 6.2.3.4). 9.2.2.4). Let "MIN_LIFETIME" be the
   minimum value in the Router Lifetime or the lifetime(s) encoded in
   options included in the RA message. Then, TIMER(i) is reset as
   follows:

      TIMER(i) = MAX((0.5 * MIN_LIFETIME), MinRouterSolicitInterval)

6.2.3.4

9.2.2.4 Sending Router Solicitations

   To the list of events after which RSs may be sent ([RFC2461], section
   6.3.2), ISATAP interfaces add:

   o  TIMER(i) for some PRL(i) expires.

   Additionally, hosts the ISATAP server daemon MAY send Router Solicitations
   to an ISATAP link-local address that embeds V4ADDR(i) for some PRL(i)
   instead of the All-Routers multicast address.

6.3

9.3 Address Resolution and Neighbor Unreachability Detection

6.3.1 Message Validation

6.3.1.1 Validation of Neighbor Solicitations

   To the list of validity checks for Neighbor Solicitation (NS)
   messages ([RFC2461], section 7.1.1), ISATAP interfaces add:

   o  If the message includes a Source Link Layer Address Option, the
      message also includes an IP authentication Header.

6.3.1.2 Validation of Neighbor Solicitations

   To the list of validity checks for Neighbor Advertisement (NA)
   messages ([RFC2461], section 7.1.2), ISATAP interfaces add:

   o  If the message includes a Target Link Layer Address Option, the
      message also includes an IP authentication Header.

6.3.2

9.3.1 Address Resolution

   The specification in ([RFC2461], section 7.2) is used. NS and NA
   messages MAY omit the source/target link layer address option when
   the source/target is an ISATAP address. ISATAP
   addresses for which the neighbor's neighbor/router's link-layer address cannot
   otherwise be determined
   (i.e., (e.g., from the a neighbor cache or a link layer address option in a
   received packet) entry) are
   resolved to link-layer addresses by a static computation, i.e., the
   last four octets are treated as an IPv4 address.

   Hosts SHOULD perform an initial reachability confirmation by sending
   NS
   Neighbor Solicitation message(s) and receiving a NA message; NS Neighbor
   Advertisement message (NS messages are sent to the target's unicast address.
   address). Routers MAY perform an this initial reachability confirmation,
   but this might not scale in all environments.

   As specified in ([RFC2461], section 7.2.4), all nodes MUST send
   solicited neighbor advertisements Neighbor Advertisements on ISATAP interfaces.

6.3.3

9.3.2 Neighbor Unreachability Detection

   Hosts SHOULD perform Neighbor Unreachability Detection as specified
   in ([RFC2461],
   section 7.3). Routers MAY perform neighbor
   unreachability detection, but this might not scale in all
   environments.

6.4 Redirect Function

   To the list of validity checks for Redirect messages (([RFC2461],
   section 8.1), ISATAP interfaces add:

   o  If the message includes a Target Link Layer Address Option, the
      message also includes an IP authentication Header.

7. Address Autoconfiguration unreachability detection,
   but this might not scale in all environments.

10. Other Requirements for Control Plane Signalling

10.1 Node Information Queries

   ISATAP interfaces use the address autoconfiguration mechanisms nodes SHOULD implement Node Information Queries as specified
   in [RFC2462] with [NIQUERY].

   Node Information Queries/Responses provide the following exceptions:

7.1 Address Lifetime Expiry

   The specification in ([RFC2462], section 5.5.4) is used, except advantages:

   o  the querier receives unambiguous confirmation that
   an ISATAP address also becomes deprecated when the IPv4 address
   embedded in its interface identifier is removed from an IPv4
   interface over which responder
      supports the ISATAP interface is configured. (This
   deprecation rule applies to all ISATAP addresses, including
   link-local addresses.)

7.2 Stateful Address Autoconfiguration

   When protocol.

   o  the site uses DHCPv6 [RFC3315] as querier receives assurance that responses are coming from the stateful address
   autoconfiguration mechanism,
      correct responder.

   o  the server/relay function MUST querier discovers some subset of the responder's addresses.

10.2 Linklocal Multicast Name Resolution (LLMNR)

   ISATAP nodes SHOULD implement Link Local Multicast Name Resolution
   [LLMNR], since they will commonly be deployed equally on each router that is in environments (e.g.,
   home networks, ad-hoc networks, etc.) with no access to a member of the PRL.

8. Domain Name
   System (DNS) server.

11. IANA Considerations

   The IANA is advised to specify construction rules for IEEE EUI-64
   addresses formed from the Organizationally Unique Identifier (OUI)
   "00-00-5E" in the IANA "ethernet-numbers" registry. The non-normative
   text in Appendix B is offered as an example specification.

9.

12. Security considerations

   The security considerations in [RFC2461][RFC2462][MECH] the normative references apply.

   Additionally, site administrators MUST ensure that lists of IPv4 addresses
   representing the advertising ISATAP interfaces of PRL members are
   well maintained.

10.

13. Acknowledgments

   Most of the basic ideas in this document are not original; the
   authors acknowledge the original architects of those ideas. Portions
   of this work were sponsored through SRI International internal
   projects and government contracts. Government sponsors include Monica
   Farah-Stapleton and Russell Langan (U.S. Army CECOM ASEO), and Dr.
   Allen Moshfegh (U.S. Office of Naval Research). SRI International
   sponsors include Dr.  Mike Frankel, J. Peter Marcotullio, Lou
   Rodriguez, and Dr. Ambatipudi Sastry.

   The following are acknowledged for providing peer review input: Jim
   Bound, Rich Draves, Cyndi Jung, Ambatipudi Sastry, Aaron Schrader,
   Ole Troan, Vlad Yasevich.

   The following are acknowledged for their significant contributions:
   Alain Durand, Hannu Flinck, Jason Goldschmidt, Nathan Lutchansky,
   Karen Nielsen, Mohan Parthasarathy, Chirayu Patel, Art Shelest, Pekka
   Savola, Margaret Wasserman, Brian Zill.

   The authors acknowledge the work of Quang Nguyen [VET] under the
   guidance of Dr. Lixia Zhang that proposed very similar ideas to those
   that appear in this document. This work was first brought to the
   authors' attention on September 20, 2002.

   The following individuals are acknowledged for their helpful insights
   on path MTU discovery: Jari Arkko, Iljitsch van Beijnum, Jim Bound,
   Ralph Droms, Alain Durand, Jun-ichiro itojun Hagino, Brian Haberman,
   Bob Hinden, Christian Huitema, Kevin Lahey, Hakgoo Lee, Matt Mathis,
   Jeff Mogul, Erik Nordmark, Soohong Daniel Park, Chirayu Patel,
   Michael Richardson, Pekka Savola, Hesham Soliman, Mark Smith, Dave
   Thaler, Michael Welzl, Lixia Zhang and the members of the Nokia NRC/
   COM Mountain View team.

      "...and I'm one step ahead of the shoe shine,
       Two steps away from the county line,
       Just trying to keep my customers satisfied,
       Satisfi-i-ied!" - Simon and Garfunkel

Normative References

   [ADDR-ARCH]
              Hinden, R. and S. Deering, "IP Version 6 Addressing
              Architecture", draft-ietf-ipv6-addr-arch-v4-00 (work in
              progress), October 2003.

   [ICMPV6]   Conta, A. and S. Deering, "Internet Control Message
              Protocol (ICMPv6) for the Internet Protocol Version 6
              (IPv6) Specification", draft-ietf-ipngwg-icmp-v3 (work in
              progress), November 2001.

   [LLMNR]    Esibov, L., Aboba, B. and D. Thaler, "Linklocal Multicast
              Name Resolution", draft-ietf-dnsext-mdns (work in
              progress), January 2004.

   [MECH]     Gilligan, R. and E. Nordmark, "Basic Transition Mechanisms
              for IPv6 Hosts and Routers", draft-ietf-v6ops-mech-v2-00
              (work in progress), February 2003.

   [MIB]      Thaler, D., "IP Tunnel MIB", draft-thaler-inet-tunnel-mib

   [NIQUERY]  Crawford, M., "IPv6 Node Information Queries",
              draft-ietf-ipngwg-icmp-name-lookups (work in progress), September
              June 2003.

   [NODEREQ]  Loughney, J., "IPv6 Node Requirements",
              draft-ietf-ipv6-node-requirements (work in progress),
              October 2003.

   [RFC0791]  Postel, J., "Internet Protocol", STD 5, RFC 791, September
              1981.

   [RFC1122]  Braden, R., "Requirements for Internet Hosts -
              Communication Layers", STD 3, RFC 1122, October 1989.

   [RFC1981]  McCann, J., Deering, S. and J. Mogul, "Path MTU Discovery
              for IP version 6", RFC 1981, August 1996.

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, March 1997.

   [RFC2434]  Narten, T. and H. Alvestrand, "Guidelines for Writing an
              IANA Considerations Section in RFCs", BCP 26, RFC 2434,
              October 1998.

   [RFC2460]  Deering, S. and R. Hinden, "Internet Protocol, Version 6
              (IPv6) Specification", RFC 2460, December 1998.

   [RFC2461]  Narten, T., Nordmark, E. and W. Simpson, "Neighbor
              Discovery for IP Version 6 (IPv6)", RFC 2461, December
              1998.

   [RFC2462]  Thomson, S.

   [RFC2529]  Carpenter, B. and C. Jung, "Transmission of IPv6 over IPv4
              Domains without Explicit Tunnels", RFC 2529, March 1999.

   [RFC3150]  Dawkins, S., Montenegro, G., Kojo, M. and V. Magret,
              "End-to-end Performance Implications of Slow Links", BCP
              48, RFC 3150, July 2001.

   [RFC3542]  Stevens, W., Thomas, M., Nordmark, E. and T. Narten, "IPv6 Stateless Address
              Autoconfiguration", Jinmei,
              "Advanced Sockets Application Program Interface (API) for
              IPv6", RFC 2462, December 1998. 3542, May 2003.

Informative References

   [ISDHCP]   Templin, F., "Dynamic Host Configuration Protocol (DHCPv4)
              Option

   [DEERING97]
              Deering, S., "http://www.cs-ipv6.lancs.ac.uk/ipv6/
              mail-archive/IPng/1997-12/0052.html", November 1997.

   [FLOW]     Rajahalme, J., Conta, A., Carpenter, B. and S. Deering,
              "IPv6 Flow Label Specification",
              draft-ietf-ipv6-flow-label (work in progress), December
              2003.

   [FTMIB]    Haberman, B. and M. Wasserman, "IP Forwarding Table MIB",
              draft-ietf-ipv6-rfc2096-update (work in progress), August
              2003.

   [IPMIB]    Routhier, S., "Management Information Base for the Intra-Site Automatic Tunnel Addressing
              Internet Protocol (ISATAP)", draft-templin-isatap-dhcp (IP)", draft-ietf-ipv6-rfc2011-update
              (work in progress), October September 2003.

   [RFC1035]  Mockapetris, P., "Domain names - implementation and
              specification", STD 13, RFC 1035, November 1987.

   [RFC1122]  Braden, R., "Requirements for Internet Hosts -
              Communication Layers", STD 3,

   [RFC2003]  Perkins, C., "IP Encapsulation within IP", RFC 1122, 2003,
              October 1989.

   [RFC1918]  Rekhter, Y., Moskowitz, R., Karrenberg, D., Groot, G. 1996.

   [RFC2004]  Perkins, C., "Minimal Encapsulation within IP", RFC 2004,
              October 1996.

   [RFC2223bis]
              Reynolds, J. and
              E. Lear, "Address Allocation R. Braden, "Instructions to Request for Private Internets", BCP
              5,
              Comments (RFC) Authors", draft-rfc-editor-rfc2223bis (work
              in progress), August 2003.

   [RFC2309]  Braden, B., Clark, D., Crowcroft, J., Davie, B., Deering,
              S., Estrin, D., Floyd, S., Jacobson, V., Minshall, G.,
              Partridge, C., Peterson, L., Ramakrishnan, K., Shenker,
              S., Wroclawski, J. and L. Zhang, "Recommendations on Queue
              Management and Congestion Avoidance in the Internet", RFC 1918, February 1996.
              2309, April 1998.

   [RFC2402]  Kent, S. and R. Atkinson, "IP Authentication Header", RFC
              2402, November 1998.

   [RFC2406]  Kent, S. and R. Atkinson, "IP Encapsulating Security
              Payload (ESP)", RFC 2406, November 1998.

   [RFC2486]  Aboba, B. and M. Beadles, "The Network Access Identifier",
              RFC 2486, January 1999.

   [RFC2491]  Armitage, G., Schulter, P., Jork, M. and G. Harter, "IPv6
              over Non-Broadcast Multiple Access (NBMA) networks", RFC
              2491, January 1999.

   [RFC2529]  Carpenter, B.

   [RFC2492]  Armitage, G., Schulter, P. and C. Jung, "Transmission of IPv6 M. Jork, "IPv6 over IPv4
              Domains without Explicit Tunnels", ATM
              Networks", RFC 2529, March 2492, January 1999.

   [RFC2827]  Ferguson, P. and D. Senie, "Network Ingress Filtering:
              Defeating Denial of Service Attacks which employ IP Source
              Address Spoofing", BCP 38, RFC 2827, May 2000.

   [RFC2863]  McCloghrie, K. and F. Kastenholz, "The Interfaces Group
              MIB", RFC 2863, June 2000.

   [RFC3041]  Narten, T.

   [RFC2710]  Deering, S., Fenner, W. and R. Draves, "Privacy Extensions B. Haberman, "Multicast
              Listener Discovery (MLD) for
              Stateless Address Autoconfiguration in IPv6", RFC 3041,
              January 2710, October
              1999.

   [RFC3056]  Carpenter, B. and K. Moore, "Connection of IPv6 Domains
              via IPv4 Clouds", RFC 3056, February 2001.

   [RFC3315]  Droms, R., Bound, J., Volz, B., Lemon, T., Perkins, C. and
              M. Carney, "Dynamic Host Configuration Protocol for IPv6
              (DHCPv6)", RFC 3315, July 2003.

   [RFC3582]  Abley, J., Black, B. and V. Gill, "Goals for IPv6
              Site-Multihoming Architectures", RFC 3582, August 2003.

   [SEND]     Arkko, J., Kempf, J., Sommerfield, B., Zill, B. and P.
              Nikander, "Secure Neighbor Discovery (SEND)",
              draft-ietf-send-ndopt (work in progress), October 2003.

   [TUNNELMIB]
              Thaler, D., "IP Tunnel MIB",
              draft-ietf-ipv6-inet-tunnel-mib (work in progress),
              January 2004.

   [VET]      Nguyen, Q., "http://irl.cs.ucla.edu/vet/report.ps", spring
              1998.

Authors' Addresses

   Fred L. Templin
   Nokia
   313 Fairchild Drive
   Mountain View, CA  94110
   US

   Phone: +1 650 625 2331
   EMail: ftemplin@iprg.nokia.com

   Tim Gleeson
   Cisco Systems K.K.
   Shinjuku Mitsu Building
   2-1-1 Nishishinjuku, Shinjuku-ku
   Tokyo  163-0409
   Japan

   EMail: tgleeson@cisco.com
   Mohit Talwar
   Microsoft Corporation
   One Microsoft Way
   Redmond, WA>  98052-6399
   US

   Phone: +1 425 705 3131
   EMail: mohitt@microsoft.com

   Dave Thaler
   Microsoft Corporation
   One Microsoft Way
   Redmond, WA  98052-6399
   US

   Phone: +1 425 703 8835
   EMail: dthaler@microsoft.com

Appendix A. Major Changes

   Major changes from earlier versions to version 16: 17:

   o  dropped "underlying link" from terminology.  added tunnel driver API

   o  expanded section on MTU and fragmentation

   o  expanded sections on encapsulation/decapsulation

   o  specified relation to IPv6 Node Requirements

   o  specified use of additional control plane signalling

   o  specified multicast mappings.

   o  specified link layer address option format.

   o  specified setting of "u" bit in interface id's.

   o  removed obsoleted appendix sections.

   o  re-organized major sections to match normative references.

   o  revised neighbor discovery, address autoconfiguration, security
      considerations sections. Added new subsections on interface
      management, decapsulation/filtering, address lifetime expiry.

Appendix B. Interface Identifier Construction

   This section provides an example specification for constructing EUI64
   addresses from the Organizationally-Unique Identifier (OUI) owned by
   the Internet Assigned Numbers Authority (IANA). It can be used to
   construct both modified EUI-64 format interface identifiers for IPv6
   unicast addresses ([ADDR-ARCH], section 2.5.1) and "native" EUI64
   addresses for future use:

   |0                      2|2      3|3      3|4                      6|
   |0                      3|4      1|2      9|0                      3|
   +------------------------+--------+--------+------------------------+
   |  OUI ("00-00-5E"+u+g)  |  TYPE  |  TSE   |          TSD           |
   +------------------------+--------+--------+------------------------+

   Where the fields are:

      OUI     IANA's OUI: 00-00-5E with "u" and "g" bits (3 octets)

      TYPE    Type field; specifies use of (TSE, TSD) (1 octet)

      TSE     Type-Specific Extension (1 octet)

      TSD     Type-Specific Data (3 octets)

   And the following interpretations are specified based on TYPE:

      TYPE         (TSE, TSD) Interpretation
      ----         -------------------------
      0x00-0xFD    RESERVED for future IANA use
      0xFE         (TSE, TSD) together contain an IPv4 address
      0xFF         TSD is interpreted based on TSE as follows:

                   TSE          TSD Interpretation
                   ---          ------------------
                   0x00-0xFD    RESERVED for future IANA use
                   0xFE         TSD contains 24-bit EUI-48 intf id
                   0xFF         RESERVED by IEEE/RAC

   Using this example specification, if TYPE=0xFE, then TSE is an
   extension of TSD. If TYPE=0xFF, then TSE is an extension of TYPE.
   (Other values for TYPE, and other interpretations of TSE, TSD are
   reserved for future IANA use.) When TYPE='0xFE' the EUI64 address
   embeds an IPv4 address, encoded in network byte order.

   For Modified EUI64 format interface identifiers in IPv6 unicast
   addresses ([ADDR-ARCH], Appendix A) using IANA's OUI, when TYPE=0xFE
   and the IPv4 address is a globally unique (i.e., provider-assigned)
   unicast address, the "u" bit is set to 1 to indicate universal scope.
   When TYPE=0xFE and the IPv4 address is from a private allocation, the
   "u" bit is set to 0 to indicate local scope. Thus, when the first
   four octets of the interface identifier in an IPv6 unicast address
   are either: '02-00-5E-FE' or: '00-00-5E-FE', the next four octets
   embed an IPv4 address and the interface identifier is said to be in
   "ISATAP format".

Intellectual Property Statement

   The IETF takes no position regarding the validity or scope of any
   intellectual property or other rights that might be claimed to
   pertain to the implementation or use of the technology described in
   this document or the extent to which any license under such rights
   might or might not be available; neither does it represent that it
   has made any effort to identify any such rights. Information on the
   IETF's procedures with respect to rights in standards-track and
   standards-related documentation can be found in BCP-11. Copies of
   claims of rights made available for publication and any assurances of
   licenses to be made available, or the result of an attempt made to
   obtain a general license or permission for the use of such
   proprietary rights by implementors or users of this specification can
   be obtained from the IETF Secretariat.

   The IETF invites any interested party to bring to its attention any
   copyrights, patents or patent applications, or other proprietary
   rights which may cover technology that may be required to practice
   this standard. Please address the information to the IETF Executive
   Director.

   The IETF has been notified of intellectual property rights claimed in
   regard to some or all of the specification contained in this
   document. For more information consult the online list of claimed
   rights.

Full Copyright Statement

   Copyright (C) The Internet Society (2003). (2004). All Rights Reserved.

   This document and translations of it may be copied and furnished to
   others, and derivative works that comment on or otherwise explain it
   or assist in its implementation may be prepared, copied, published
   and distributed, in whole or in part, without restriction of any
   kind, provided that the above copyright notice and this paragraph are
   included on all such copies and derivative works. However, this
   document itself may not be modified in any way, such as by removing
   the copyright notice or references to the Internet Society or other
   Internet organizations, except as needed for the purpose of
   developing Internet standards in which case the procedures for
   copyrights defined in the Internet Standards process must be
   followed, or as required to translate it into languages other than
   English.

   The limited permissions granted above are perpetual and will not be
   revoked by the Internet Society or its successors or assignees.

   This document and the information contained herein is provided on an
   "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
   TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
   BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
   HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
   MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

Acknowledgment

   Funding for the RFC Editor function is currently provided by the
   Internet Society.