ISATAP
   HOME

TheInfoList



OR:

ISATAP (Intra-Site Automatic Tunnel Addressing Protocol) is an IPv6 transition mechanism meant to transmit IPv6
packet Packet may refer to: * A small container or pouch ** Packet (container), a small single use container ** Cigarette packet ** Sugar packet * Network packet, a formatted unit of data carried by a packet-mode computer network * Packet radio, a form ...
s between
dual-stack Internet Protocol version 6 (IPv6) is the most recent version of the Internet Protocol (IP), the communications protocol that provides an identification and location system for computers on networks and routes traffic across the Internet. IPv ...
nodes on top of an
IPv4 Internet Protocol version 4 (IPv4) is the fourth version of the Internet Protocol (IP). It is one of the core protocols of standards-based internetworking methods in the Internet and other packet-switched networks. IPv4 was the first version d ...
network. It is defined in the informational RFC 5214. Unlike
6over4 6over4 is an IPv6 transition mechanism meant to transmit IPv6 packets between dual-stack nodes on top of a multicast-enabled IPv4 network. IPv4 is used as a virtual data link layer (''virtual Ethernet'') on which IPv6 can be run. How 6over4 ...
(an older similar protocol using IPv4 multicast), ISATAP uses IPv4 as a virtual nonbroadcast multiple-access network (NBMA)
data link layer The data link layer, or layer 2, is the second layer of the seven-layer OSI model of computer networking. This layer is the protocol layer that transfers data between nodes on a network segment across the physical layer. The data link layer ...
, so that it does not require the underlying IPv4 network infrastructure to support
multicast In computer networking, multicast is group communication where data transmission is addressed to a group of destination computers simultaneously. Multicast can be one-to-many or many-to-many distribution. Multicast should not be confused wit ...
.


How ISATAP works

ISATAP defines a method for generating a link-local IPv6 address from an IPv4 address, and a mechanism to perform
Neighbor Discovery The Neighbor Discovery Protocol (NDP), or simply Neighbor Discovery (ND), is a protocol of the Internet protocol suite used with Internet Protocol Version 6 (IPv6). It operates at the link layer of the Internet model, and is responsible for ga ...
on top of IPv4.


Link-local address generation

Any host wishing to participate in ISATAP over a given IPv4 network can set up a virtual IPv6 network interface. The link-local address is determined by prepending fe80 ::0200:5efe:… for globally unique addresses, or fe80::0000:5efe:… for private addresses, in front of the 32 bits of the host's IPv4 address. For example, the global IPv4 address 192.0.2.143 would use fe80::0200:5efe:192.0.2.143 as its link-local IPv6 address. The shortened notation would be fe80::0200:5efe:c000:028f (where c0 00 02 8f is 192.0.2.143 in hexadecimal notation).


Neighbor Discovery

Because ISATAP uses IPv4 as a non multicast/broadcast-capable (unlike
Ethernet Ethernet () is a family of wired computer networking technologies commonly used in local area networks (LAN), metropolitan area networks (MAN) and wide area networks (WAN). It was commercially introduced in 1980 and first standardized in ...
) link layer, ICMPv6 Neighbor Discovery cannot be done in the usual manner. That is why ISATAP is a bit more complex than 6over4. From the viewpoint of the IPv6 packet, the link layer is the IPv4 packet. As the link layer address, the IPv4 address, is contained in the lower-order 32-bits of the IPv6 address, Neighbor Discovery is not really needed. However, the lack of multicast support prevents the use of automatic Router Discovery. Therefore, ISATAP hosts must be configured with a ''potential routers list'' (PRL). Each of these routers is infrequently probed by an
ICMPv6 Internet Control Message Protocol version 6 (ICMPv6) is the implementation of the Internet Control Message Protocol (ICMP) for Internet Protocol version 6 (IPv6). ICMPv6 is an integral part of IPv6 and performs error reporting and diagnostic fu ...
Router Discovery message, to determine which of them are functioning, and to perform unicast-only autoconfiguration (typically, obtain the list of on-link IPv6 prefixes that can be used). In practice, implementations build their PRL by querying the
DNS The Domain Name System (DNS) is a hierarchical and distributed naming system for computers, services, and other resources in the Internet or other Internet Protocol (IP) networks. It associates various information with domain names assigned to ...
, e.g. by looking up isatap.example.com if the local domain is example.com. The local domain is typically obtained via
DHCP The Dynamic Host Configuration Protocol (DHCP) is a network management protocol used on Internet Protocol (IP) networks for automatically assigning IP addresses and other communication parameters to devices connected to the network using a cli ...
(over IPv4) or statically configured.


Criticisms of ISATAP

ISATAP typically builds its PRL by consulting the DNS; hence, in the
OSI model The Open Systems Interconnection model (OSI model) is a conceptual model that 'provides a common basis for the coordination of SOstandards development for the purpose of systems interconnection'. In the OSI reference model, the communications ...
it is a lower-layer protocol that relies on a higher layer. A circularity is avoided by relying on an IPv4 DNS server, which does not rely on IPv6 routing being established; however, some network specialists claim that these violations lead to insufficient protocol robustness. ISATAP carries the same security risks as 6over4: the IPv4 virtual link must be delimited carefully at the network edge, so that external IPv4 hosts cannot pretend to be part of the ISATAP link. That is normally done by ensuring that ''proto-41'' (
6in4 6in4 is an IPv6 transition mechanism for migrating from Internet Protocol version 4 (IPv4) to IPv6. It is a tunneling protocol that encapsulates IPv6 packets on specially configured IPv4 links according to the specifications of . The IP protocol ...
) cannot pass through the
firewall Firewall may refer to: * Firewall (computing), a technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts * Firewall (construction), a barrier inside a building, designed to limit the spre ...
.


Implementations of ISATAP

ISATAP is implemented in Microsoft
Windows XP Windows XP is a major release of Microsoft's Windows NT operating system. It was release to manufacturing, released to manufacturing on August 24, 2001, and later to retail on October 25, 2001. It is a direct upgrade to its predecessors, Wind ...
,
Windows Vista Windows Vista is a major release of the Windows NT operating system developed by Microsoft. It was the direct successor to Windows XP, which was released five years before, at the time being the longest time span between successive releases of ...
,
Windows 7 Windows 7 is a major release of the Windows NT operating system developed by Microsoft. It was released to manufacturing on July 22, 2009, and became generally available on October 22, 2009. It is the successor to Windows Vista, released nearl ...
,
Windows 8 Windows 8 is a major release of the Windows NT operating system developed by Microsoft. It was released to manufacturing on August 1, 2012; it was subsequently made available for download via MSDN and TechNet on August 15, 2012, and later to ...
,
Windows 10 Windows 10 is a major release of Microsoft's Windows NT operating system. It is the direct successor to Windows 8.1, which was released nearly two years earlier. It was released to manufacturing on July 15, 2015, and later to retail on ...
,
Windows Server 2008 Windows Server 2008 is the fourth release of the Windows Server operating system produced by Microsoft as part of the Windows NT family of the operating systems. It was released to manufacturing on February 4, 2008, and generally to retail on F ...
,
Windows Server 2012 Windows Server 2012, codenamed "Windows Server 8", is the sixth version of the Windows Server operating system by Microsoft, as part of the Windows NT family of operating systems. It is the server version of Windows based on Windows 8 and succ ...
,
Windows Server 2016 Windows Server 2016 is the eighth release of the Windows Server server operating system developed by Microsoft as part of the Windows NT family of operating systems. It was developed concurrently with Windows 10 and is the successor to the Wind ...
,
Windows Server 2019 Windows Server 2019 is the ninth version of the Windows Server operating system by Microsoft, as part of the Windows NT family of operating systems. It is the second version of the server operating system based on the Windows 10 platform, after ...
,
Windows Mobile Windows Mobile is a discontinued family of mobile operating systems developed by Microsoft for smartphones and personal digital assistants. Its origin dated back to Windows CE in 1996, though Windows Mobile itself first appeared in 2000 as Pock ...
,
Linux Linux ( or ) is a family of open-source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically packaged as a Linux distribution, which i ...
, and in
Cisco IOS The Internetworking Operating System (IOS) is a family of proprietary network operating systems used on several router and network switch models manufactured by Cisco Systems. The system is a package of routing, switching, internetworking, an ...
(since IOS 12.2(14)S and IOS XE Release 2.1). Due to a
patent claim In a patent or patent application, the claims define, in technical terms, the extent, i.e. the scope, of the protection conferred by a patent, or the protection sought in a patent application. In other words, the purpose of the claims is to define ...
, early in-
kernel Kernel may refer to: Computing * Kernel (operating system), the central component of most operating systems * Kernel (image processing), a matrix used for image convolution * Compute kernel, in GPGPU programming * Kernel method, in machine lea ...
implementations were withdrawn from both
KAME A kame, or ''knob'', is a glacial landform, an irregularly shaped hill or mound composed of sand, gravel and till that accumulates in a depression on a retreating glacier, and is then deposited on the land surface with further melting of the g ...
(*
BSD The Berkeley Software Distribution or Berkeley Standard Distribution (BSD) is a discontinued operating system based on Research Unix, developed and distributed by the Computer Systems Research Group (CSRG) at the University of California, Be ...
) and
USAGI Usagi may refer to: *Usagi, a Japanese term meaning rabbit *Typhoon Usagi (disambiguation), one of several named tropical storms *Usagi, a Japanese unisex name/unisex given name, used by **Usagi Tsukino or Sailor Moon, the main character in ''Sai ...
(Linux). However the
IETF The Internet Engineering Task Force (IETF) is a standards organization for the Internet and is responsible for the technical standards that make up the Internet protocol suite (TCP/IP). It has no formal membership roster or requirements and ...
IPR disclosure search engine reports that the would-be infringing patent’s holder requires no license from implementers. ISATAP support has been supported in Linux since kernel version 2.6.25, the tool isatapd provides a userspace helper. For prior kernels, the open source project
Miredo Miredo is a Teredo tunneling client designed to allow full IPv6 connectivity to computer systems which are on the IPv4-based Internet but which have no direct native connection to an IPv6 network. Miredo is included in many Linux and BSD distri ...
provided an incomplete userland ISATAP implementation, which was removed in version 1.1.6.


References


External links

* {{DEFAULTSORT:Isatap IPv6 transition technologies