354:(SCTP). Taking into consideration that multiple separate endpoints could be behind the same NAT or that the public endpoint receives a new IP address, there is a need to identify the endpoint that certain packets are coming from and endpoints need to be able to change e.g. source addresses of the transporting protocol on the fly while still being identifiable as the same endpoint. AYIYA is independent of the transport and payload's protocol. An example is IPv6-in-UDP-in-IPv4, which is a typical setup that can be used by IPv6
477:
For IPv6 over IPv4-UDP operation, as in the most common use scenario, the identity is the IPv6 Address of the endpoint (16 bytes) and the signature is an SHA1 hash (20 bytes). The header has a total of 8 + 16 + 20 = 44 bytes. Encapsulated in UDP and IPv4 the tunnel overhead is 44 + 8 + 20 = 72 bytes.
366:
AYIYA may be used to provision mobile hosts by tunneling traffic from the home address to the home agent over an underlying network. Any remote host that the mobile host communicates with does not need AYIYA support. When the remote host does support AYIYA, it could also directly set up a tunnel with
338:
tunneled in IPv4 per either RFC 4213 or RFC 3056) unless they manually reconfigure their NAT setup. In some cases, this is impossible as the NAT cannot be configured to forward protocol 41 to a specific host. Cases, where multiple endpoints are behind the same NAT, when multiple NATs are used, or
339:
when the user has no control at all over the NAT setup, are also problematic. This situation limits the deployment of IPv6, which was meant to solve the problem of the disruption in end-to-end communications caused by NATs, which were created because of limited address space in the first place.
378:+-------------+ +------------+ ,--------. +-------------+ | Mobile Host | <--AYIYA--> | Home Agent | <----> { Internet } <----> | Remote Host | +-------------+ +------------+ '--------' +-------------+
233:
381:
Using AYIYA to provide IPv6 for a host already provides mobility for that endpoint as it can use its IPv6 address regardless of geographic location.
226:
644:
351:
219:
347:
639:
331:
327:
308:
270:
103:
323:
207:
202:
150:
98:
88:
69:
282:
155:
35:
313:
The endpoint of at least one of the two tunnel endpoints should be able to change to provide mobility features.
124:
372:
343:
119:
74:
604:
552:
368:
254:
54:
258:
367:
the mobile host. The remote host can determine whether a host supports AYIYA by querying for
594:
542:
186:
93:
508:
145:
633:
355:
160:
140:
607:
584:
555:
532:
274:
304:
is provided by preventing tunneled packets from being spoofable or replayable
301:
599:
569:
547:
342:
This problem can be solved by tunneling the IPv6 packets over either
165:
64:
17:
583:
R. Graveman; M. Parthasarathy; P. Savola; H. Tschofenig (May 2007).
487:
181:
84:
590:
538:
516:
335:
278:
266:
262:
79:
59:
49:
297:
Tunneling of networking protocols within another IP protocol
624:
253:) is a computer networking protocol for managing IP
478:Over Ethernet this allows an MTU of 1428 bytes.
227:
8:
273:masquerades a private network with a single
486:The AYIYA protocol has been implemented in
261:networks. It is most often used to provide
586:Using IPsec to Secure IPv6-in-IPv4 Tunnels
322:Many consumer networks are provisioned by
234:
220:
31:
598:
546:
293:The protocol has the following features:
388:
499:
194:
173:
132:
111:
41:
34:
277:that may change frequently because of
7:
352:Stream Control Transmission Protocol
330:(NAT) which precludes the usage of
25:
534:Architectural Implications of NAT
570:"Anything In Anything (AYIYA)"
1:
509:"AYIYA: Anything In Anything"
375:to authenticate the packets.
348:Transmission Control Protocol
645:IPv6 transition technologies
462:
450:
442:
416:
390:
27:Computer networking protocol
328:network address translation
309:network address translation
271:network address translation
661:
466:
454:
446:
324:Internet service providers
283:Internet service providers
36:IPv6 transition mechanisms
531:T. Hain (November 2000).
463:
451:
443:
438:
435:
432:
429:
426:
423:
420:
417:
412:
409:
406:
403:
400:
397:
394:
391:
257:in use between separated
307:Transparent handling of
373:public-key cryptography
433:Authentication Method
344:User Datagram Protocol
247:Anything In Anything
640:Tunneling protocols
255:tunneling protocols
369:Domain Name System
269:network link when
55:Lightweight 4over6
475:
474:
427:Signature Length
259:Internet Protocol
244:
243:
16:(Redirected from
652:
612:
611:
602:
600:10.17487/RFC4891
580:
574:
573:
566:
560:
559:
550:
548:10.17487/RFC2993
528:
522:
521:(Internet draft)
520:
513:Ietf Datatracker
504:
421:Identity Length
389:
371:records and use
281:provisioning by
265:transit over an
236:
229:
222:
32:
21:
660:
659:
655:
654:
653:
651:
650:
649:
630:
629:
621:
616:
615:
582:
581:
577:
568:
567:
563:
530:
529:
525:
506:
505:
501:
496:
484:
482:Implementations
470:
468:
458:
456:
436:Operation Code
387:
379:
364:
320:
291:
240:
42:Standards Track
28:
23:
22:
15:
12:
11:
5:
658:
656:
648:
647:
642:
632:
631:
628:
627:
620:
619:External links
617:
614:
613:
575:
561:
523:
498:
497:
495:
492:
483:
480:
473:
472:
465:
461:
460:
453:
449:
448:
445:
441:
440:
437:
434:
431:
428:
425:
424:Identity Type
422:
419:
415:
414:
411:
408:
405:
402:
399:
396:
393:
386:
383:
377:
363:
360:
356:tunnel brokers
332:IP protocol 41
319:
318:Tunnel brokers
316:
315:
314:
311:
305:
298:
290:
287:
242:
241:
239:
238:
231:
224:
216:
213:
212:
211:
210:
205:
197:
196:
192:
191:
190:
189:
184:
176:
175:
171:
170:
169:
168:
163:
158:
153:
148:
143:
135:
134:
130:
129:
128:
127:
122:
114:
113:
109:
108:
107:
106:
101:
96:
91:
82:
77:
72:
67:
62:
57:
52:
44:
43:
39:
38:
26:
24:
14:
13:
10:
9:
6:
4:
3:
2:
657:
646:
643:
641:
638:
637:
635:
626:
623:
622:
618:
609:
606:
601:
596:
592:
588:
587:
579:
576:
571:
565:
562:
557:
554:
549:
544:
540:
536:
535:
527:
524:
518:
514:
510:
503:
500:
493:
491:
489:
481:
479:
385:Packet format
384:
382:
376:
374:
370:
361:
359:
357:
353:
350:(TCP) or the
349:
345:
340:
337:
333:
329:
325:
317:
312:
310:
306:
303:
299:
296:
295:
294:
288:
286:
284:
280:
276:
272:
268:
264:
260:
256:
252:
248:
237:
232:
230:
225:
223:
218:
217:
215:
214:
209:
206:
204:
201:
200:
199:
198:
193:
188:
185:
183:
180:
179:
178:
177:
172:
167:
164:
162:
161:Public 4over6
159:
157:
154:
152:
149:
147:
144:
142:
141:Tunnel broker
139:
138:
137:
136:
133:Informational
131:
126:
123:
121:
118:
117:
116:
115:
110:
105:
102:
100:
97:
95:
92:
90:
86:
83:
81:
78:
76:
73:
71:
68:
66:
63:
61:
58:
56:
53:
51:
48:
47:
46:
45:
40:
37:
33:
30:
19:
585:
578:
564:
533:
526:
512:
502:
485:
476:
439:Next Header
430:Hash Method
380:
365:
341:
321:
292:
250:
246:
245:
112:Experimental
29:
507:Massar, J.
447:Epoch Time
395:Bits 0 - 3
634:Categories
494:References
275:IP address
195:Deprecated
469:Signature
334:tunnels (
572:. SixXS.
457:Identity
413:24 - 31
410:20 - 23
407:16 - 19
404:12 - 15
362:Mobility
302:security
300:Network
289:Features
471:
464:
459:
452:
401:8 - 11
392:
346:(UDP),
208:NAPT-PT
156:464XLAT
70:DS-Lite
467:
455:
398:4 - 7
326:using
203:NAT-PT
174:Drafts
166:ISATAP
94:Teredo
65:6over4
625:SixXS
488:AICCU
251:AYIYA
182:AYIYA
89:DNS64
85:NAT64
18:AYIYA
608:4891
591:IETF
556:2993
539:IETF
517:IETF
336:IPv6
279:DHCP
267:IPv4
263:IPv6
187:dIVI
99:SIIT
80:6to4
60:6in4
50:4in6
605:RFC
595:doi
553:RFC
543:doi
444:32
151:TRT
146:IVI
125:4rd
120:TSP
104:MAP
75:6rd
636::
603:.
593:.
589:.
551:.
541:.
537:.
515:.
511:.
490:.
418:0
358:.
285:.
87:/
610:.
597::
558:.
545::
519:.
249:(
235:e
228:t
221:v
20:)
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.