Site Multihoming by IPv6 Intermediation
From Wikipedia, the free encyclopedia
The SHIM6 protocol is a layer 3 shim for providing locator agility below the transport protocols, so that multihoming can be provided for IPv6 with failover and load sharing properties, without assuming that a multihomed site will have a provider independent IPv6 address prefix which is announced in the global IPv6 routing table. The hosts in a site which has multiple provider allocated IPv6 address prefixes, will use the SHIM6 protocol to setup state with peer hosts, so that the state can later be used to failover to a different locator pair, should the original one stop working.
[edit] About the shim6 architecture
The approach used by "Level 3 Shim for IPv6" (SHIM6) is based on the modification of the IPv6 stack element, i.e. the network-layer functionality of the stack, within the protocol stack of the host. The modification is in the form of an additional functionality block.
Above the SHIM6 protocol element the protocol stack uses constant endpoint identities, i.e. constant IPv6 addresses, to refer to both itself and to the remote peer. This identities, known as identifiers, are used by transport protocols such as TCP or UDP, and applications, to identify a communication. The shim layer provides a set of associations between identifiers and the different locator sets that are the IPv6 addresses actually conveyed in the IPv6 packets.
As packets are passed from the IP Endpoint sub-layer to the IP Routing sub-layer, the identifiers are mapped to a current pair of locators. The reverse mapping is applied to incoming packets, where the incoming locator pair is stripped off the packet, and the corresponding pair of identifiers is associated with the packet which is then passed to the IP Endpoint sub-layer that lies above the SHIM6 sublayer. The identifiers are the initial addresses used between the two hosts. The locators are the set of IPv6 addresses that are associated with the endpoint.
The SHIM6 architecture defines SHIM6 Failure Detection and Locator Pair Exploration functions. The first is used to detect outages through the path defined by the current locator pair for a communication. To achieve this, hints provided by upper protocols such as TCP are used, or specific SHIM6 packet probes. The second function is used to determine valid locator pairs that could be used when an outage is detected.
The ability to change locators while a communication is being held introduces security problems, so mechanisms based on applying cryptography to the address generation process (Cryptographically Generated Addresses, CGA), or on bounding the addresses to the prefixes assigned to a host through a hash (Hash Based Addresses, HBA) have been defined. This approaches are not feasible for IPv4 because of the short address length (32 bits).
The intention of the SHIM6 approach is to minimise the amount of change required to support dynamic locator agility in the protocol stack, and support dynamic locator agility as a negotiated endpoint-to-endpoint capability. An application can initiate a session with a remote host by using an entirely conventional lookup of the host's domain name in the DNS, and open up a session with the remote endpoint using one of its addresses as the destination address. The application can continue to exchange packets with this remote host for the duration of the session by continuing to use this destination address. If the local host subsequently opens up a new session with the same remote host, the same destination address may be used, or if the local host passes a reference to a third party as a referral, the same destination address may be used. In terms of semantics and functionality this represents no change to the use of addresses an endpoint identifiers in the IPv6 architecture.
SHIM6 currently has IETF draft status.
