Internet DRAFT - draft-singh-capwap-ctp
draft-singh-capwap-ctp
Operations Group
Internet Draft I. Singh
Document: draft-singh-capwap-ctp-02.txt P. Francisco
K. Pakulski
M. Montemurro
Chantry Networks
F. Backes
AutoCell Laboratories
Expires: December 2005 June 2005
CAPWAP Tunneling Protocol (CTP)
Status of this Memo
By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
This Internet-Draft will expire on December 28, 2005.
Copyright Notice
Copyright (C) The Internet Society (2005). All Rights Reserved.
Abstract
With the overwhelming choice of proprietary implementations of
centralized control and management of wireless access points and
access controllers there is a great demand for a standard protocol
Singh Expires - December 2005 [Page 1]
� Internet-Draft CTP June 2005
and architecture that enables the deployment of large scale wireless
networks.
This document describes the CAPWAP Tunneling Protocol, a protocol
that allows for the centralized control and provisioning of a large
number of wireless access points from access controllers. It is
supported by an architecture where the MAC layer of the RF technology
is terminated within the AP. This allows for the protocol to be
extensible to multiple radio technologies. It assumes an IP
connection between the access points and access controllers and has
signaling primitives to enable wireless station mobility between
access points. Therefore, seamless Layer 3 subnet mobility is
seamlessly enabled by this protocol.
Table of Contents
1. Definitions....................................................4
1.1 Conventions used in this document..........................4
1.2 Terminology................................................4
2. Introduction...................................................4
2.1 Out of scope...............................................7
2.1.1 Secure discovery of AP and AC.........................7
2.1.2 AP image management...................................7
2.1.3 Multiple AC mobility..................................7
3. Protocol Overview..............................................8
3.1 Control and Status Messages................................8
3.2 Configuration and Statistics messages......................8
3.3 Data Messages..............................................9
4. CTP Packets....................................................9
4.1 CTP Header format..........................................9
4.2 Messages..................................................11
4.3 Message Payloads..........................................11
5. Message descriptions..........................................14
5.1 Message State Control.....................................14
5.2 Control and Status messages...............................15
5.2.1 CTP_Reg-Req..........................................15
5.2.2 CTP Reg-Rsp..........................................15
5.2.3 CTP Auth-Req.........................................15
5.2.4 CTP Auth-Rsp.........................................16
5.2.5 CTP SW-Update-Req....................................16
5.2.6 CTP SW-Update-Rsp....................................17
5.2.7 CTP_Set-State-Req....................................17
5.2.8 CTP_Set-State-Rsp....................................18
5.2.9 CTP Poll-Req.........................................19
5.2.10 CTP Poll-Rsp........................................19
5.2.11 CTP_MU-Connect-Req..................................19
5.2.12 CTP_MU-Connect-Rsp..................................20
5.2.13 CTP_MU-Disconnect-Req...............................20
Singh Expires - December 2005 [Page 2]
� Internet-Draft CTP June 2005
5.2.14 CTP_MU-Disconnect-Rsp...............................20
5.2.15 CTP_MU-Disconnect-Nfy...............................21
5.2.16 CTP MU-Authenticate-Req.............................21
5.2.17 CTP MU-Authenticate-Rsp.............................22
5.2.18 CTP MAC-Management..................................22
5.3 Configuration and Statistics messages.....................22
5.3.1 CTP Cap-Req..........................................23
5.3.2 CTP Cap-Rsp..........................................26
5.3.3 CTP Config-Req.......................................27
5.3.4 CTP Config-Rsp.......................................27
5.3.5 CTP Config-Ack.......................................27
5.3.6 CTP_Config-Status-Notify.............................28
5.3.7 CTP_Stats-Notify.....................................28
5.3.8 CTP Stats-Req........................................28
5.3.9 CTP Stats-Rsp........................................28
5.3.10 Configuration and Statistics........................29
5.4 CTP_Data Messages.........................................29
5.4.1 CTP_Data.............................................30
6. State Machines................................................31
6.1 Init......................................................31
6.2 Control Channel Establishment.............................31
6.3 Active State..............................................32
6.4 Standby State.............................................32
7. Authentication, Encryption and Session Key generation.........32
7.1 Authentication............................................32
7.2 Encryption................................................35
7.3 Session Key refresh and generation........................37
8. Security considerations.......................................38
9. References....................................................38
10. Author's Addresses...........................................39
Intellectual Property and Copyright Statements .................37
Singh Expires - December 2005 [Page 3]
� Internet-Draft CTP June 2005
1. Definitions
1.1 Conventions used in this document
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC-2119 [1]
1.2 Terminology
AP û Access Point - The network device that includes both the
wireless termination point as well as the implementation of a
specific radio technology management layer.
AC - Access Controller - A centralized network entity that controls,
configures and manages one or more than one APs.
MU - Mobile Unit - A wireless device which is also an IP node capable
of dynamic change in its association with an Access Point.
2. Introduction
The rapid pace with which wireless networks are being deployed in the
home, enterprise and carrier industries has led to the proliferation
of proprietary solutions which attempt to address problems associated
with large scale wireless installations. The main issues plaguing
802.11 wireless networks, for example, are described in [2] and can
be summarized as: the manageability of large numbers of APs (Access
Points); the secure and bulk provisioning, monitoring, and control of
APs; and policy control and enforcement of MU (Mobile Units) data
flows and policies.
One of the key problems with deploying large scale wireless networks
is that the infrastructure needs to scale to meet both geographic
coverage as well as client density requirements. CAPWAP Tunneling
Protocol (CTP) addresses these challenges by minimizing configuration
of the wired infrastructure to accommodate the wireless network.
CTP provides both centralized configuration and operational control
for wireless networks, and in doing so, provides centralized security
and policy management.
This solution has been currently focused towards 802.11 networks.
However, CTP is independent of the layer 2 wireless standard because
it assumes that the MAC layer of the wireless technology is fully
implemented in the AP. The control channel binding between the AP and
AC provides for all the necessary signaling to facilitate MU
connection, mobility, and even RF resource management. Thus, it is
Singh Expires - December 2005 [Page 4]
� Internet-Draft CTP June 2005
possible to use CTP to offer IP network services to wireless users
independent of the underlying wireless technology (e.g. 802.11,
802.15, or 802.16).
CTP involves one or more Access Points (APs) connected to one or more
Access Controllers (ACs). The network connectivity between the APs
and ACs is primarily through a Layer 3 routed network. However,
switched Layer 2 or directly connected network topologies are also
supported. Figure 1 shows the typical network topology of AP and AC
placement in a CTP network. However, since it is assumed that the AP
and AC are IP addressable direct connect or L2 connect is also
supported.
+-------+-------+
| AC |
+-------+-------+
|
--------+------ LAN
|
+-------+-------+
| <L3 Network> |
+-------+-------+
|
-----+--+--+--- LAN
| |
+---+ +---+
| |
+--+--+ +--+--+
| AP | | AP |
+--+--+ +--+--+
Figure 1 - Topology of AP and AC placement
CTP address both local MAC and split MAC solution architectures by
treating control and data traffic independently. In a local MAC
solution, CTP interacts directly with the MAC management entity to
monitor and control configuration and wireless connections. In a
split MAC solution, CTP allows wireless management to pass between
the AP and the AC.
CTP provides a flexible mechanism in the treatment of data traffic.
Data traffic can be either bridged locally by the AP or tunneled to
the AC. This feature maximizes the protocolÆs ability to address a
wide variety of deployment requirements.Bridging the MU data traffic
at the AP ensures that user data traffic does not have to traverse
the slow WAN link to access local resources such as a printer. CTP
Singh Expires - December 2005 [Page 5]
� Internet-Draft CTP June 2005
provides the means for the AC to control the AP behavior and user
network access centrally.
In either the split MAC or local MAC case, user data frames can
either be bridged locally or tunneled to the AC. This allows CTP to
address four solutions: Local MAC with traffic tunneled to AC; split
MAC with traffic tunneled to AC; Local MAC with traffic bridged
locally at the AP; and split MAC with traffic bridged locally at the
AP.
In this local MAC solution of CTP, the layer 2 wireless termination
point and the MAC layer are fully implemented in the AP as shown in
Figure 2, which enables this type of feature. The Control traffic
will always travel to the AC. The user data frames can be either
tunneled to the AC or bridged locally.
+--+--+ +----+------+
Control <===>| | | |
| CTP |<===========>|WirelessMAC|
Tunnel Data <--->| | | |
+--+--+ +----+------+
^ ^
| +-----------+ |
| | | |
Data <------------+--->| L2 bridge |<---+
| |
+-----------+
Figure 2 - CTP and Local MAC interaction in an AP
In this split MAC solution of CTP, the layer 2 wireless termination
point and the MAC layer is divided between the AP and the AC as shown
in Figure 23, which enables AP to relay MAC Management frames to the
AP. The used data frames can either be bridged locally or relayed to
the AC.
+--+--+ +----+------+
Control <===>| | | |
MAC Management <===>| CTP |<===========>| Wireless |
Tunnel Data <--->| | |MAC Control|
+--+--+ +----+------+
^
+-----------+ |
| | |
Data <---------------->| L2 bridge |<---+
| |
+-----------+
Figure 3 - CTP and Split MAC interaction in an AP
Singh Expires - December 2005 [Page 6]
� Internet-Draft CTP June 2005
CTP provides flexibility in how user authentication and data
encryption is implemented across the system. The 802.1x Authenticator
function can be divided into two components: EAP-Authentication and
MAC Key Management. Both components can be configured to reside
either at the AC or at the AP. MAC Key Management can be done at
either the AC or the AP. EAP-Authentication function and MAC Key
Management function do not have to co-reside in either the AC or the
AP. However, if both the EAP-Authentication and MAC Key Management is
done at the AC, user data traffic must be tunneled between the AP and
the AC.
2.1 Out of scope
The following areas are out of scope for this version of the
protocol.
2.1.1 Secure discovery of AP and AC.
Rather than specify a brand new secure discovery mechanism for APs
and ACs within this protocol, CTP specifies the context and security
credentials that are required to register APs into ACs. All AP
implementations of CTP MUST provide a method to statically configure
the IP address(es) of the AC to be stored in the non-volatile RAM of
the AP.
Other methods for automatic discovery that MAY be used by
implementations of CTP are: SLP, DNS name resolution, and DHCP
options for AC IP address(es). The mechanism by which these methods
are incorporated into CTP is out of scope for this document but is a
worthwhile task for the working group that takes on this work.
2.1.2 AP image management.
A conscious decision in the design of this protocol excluded the
implementation of an AP image management system. However, CTP
provides triggers for software upgrade, ie. a message to indicate
software version and a message to command the AP to initiate software
upgrade. The actual protocol and mechanism for secure software
download has been deemed out of scope for the protocol and beyond
what the protocol was intended for.
2.1.3 Multiple AC mobility
This version of CTP does not include the details of support for
multi-AC control over APs for the purposes of multi-AC MU mobility.
However, the reserved message types and the capability exchange phase
may be used to facilitate the setting up of intra-AC tunnels.
Singh Expires - December 2005 [Page 7]
� Internet-Draft CTP June 2005
3. Protocol Overview
CTP is a generic protocol that defines a mechanism for the control
and provisioning of wireless APs through centralized ACs. In
addition, it provides a mechanism to optionally tunnel the mobile
client data between the AP and AC.
There are three types of CTP packet headers:
a) Control: these messages allow the AC to provision and control
the APs and MU session state and further contain messages that
consist of configuration, statistics and state management.
b) MAC Management: these messages allow the AP to relay MAC
Management frames to the AC when the CTP connection is
configured for split MAC operation.
c) Data: an optional aspect of the protocol that allows MU data
packets tunneled between the AP and the AC.
The CTP messages between APs and ACs are delivered by a UDP transport
and the UDP port number is [TBD]. The message types of this protocol
are classified into three distinct categories:
o Control and Status messages
o Configuration and Statistics messages
o Data messages.
3.1 Control and Status Messages
The set of system control messages of CTP provides a mechanism for an
AP to register itself with the AC and to interact with the MU session
management operations of the AC. Primarily this set is utilized by
the AP to request session association with the AC, configuration
information, and control of AP operations.
In a local MAC configuration, CTP provides system control messages
for notification of MU connection to the AC. The AC uses this
message set to acknowledge AP and MU session establishment and to
explicitly control both AP and MU session operational state (such as
AP state changes, AP and MU session disconnection, etc.)
In a split MAC configuration, CTP provides MAC Mangement control
messages for the AP and AC to exchange MAC management frames.
3.2 Configuration and Statistics messages
This logical set of messages exchanged between AP and AC is primarily
intended for the provisioning of the AP via a capabilities exchange
Singh Expires - December 2005 [Page 8]
� Internet-Draft CTP June 2005
and configuration message set. This message set also includes a
means for the AP to provide periodic status notifications of current
operational state, statistics information such as wireless and wired
statistics, security alerts, etc.
3.3 Data Messages
The CTP-Data message is the only message in this set. Its purpose is
to carry encapsulated frames associated with a registered MU. This
message type utilizes the Policy field of the message header to
provide user based, post authentication policy enforcement on a per
packet basis. This message type applies to actual MU client data and
does not include MU association, authentication and MU session
management messages as those operations are explicitly represented
though specific control messages.
It must be noted that the protocol allows for the data path to not
have to traverse the AC. In that case, no policy can be applied on a
per user basis centrally.
4. CTP Packets
It is assumed that the AP and AC source and destination information
is available in the transport layer headers. As such, it is not
indicated below.
4.1 CTP Header format
Figure 4 describes the CTP message header format:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Ver |0|0|X|P|E| Type | Policy | Protocol |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Session Id. | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | Reserved | | Message Payload...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+|
Figure 4 - CTP Header format
Ver Field
This field identifies the version of the protocol. It is 3 bits of
data. For this specification the version field is 0.
Singh Expires - December 2005 [Page 9]
� Internet-Draft CTP June 2005
Flags Field
This field is a bitmask of 5 bits that represents special CTP
processing. Bits 3, 4, and 5 are undefined and MUST be zero (0).
Bit #6 and #7 as follows:
Bit P û Payload Header
1 indicates that the CTP header is followed by a CTP payload
header (see 5.4.1)
0 indicates that there is no CTP payload header
Bit X û Extended Payload Header
1 indicates that the CTP-Data header is extended with
additional wireless information [5.4.1]
Bit E - Data path Encryption
1 indicates that the CTP-Data message type data is encrypted
0 indicates that the CTP-Data message is in the clear
Type Field
This is a 1 byte field that identifies the message type. The message
types are identified in Section 4.2.
Policy Field
This is a 1 byte field that represents policy to be assigned and
enforced. The definition of this policy field is dependent on the
message type. For example, if the message type is CTP-Data (defined
below) the Policy field corresponds to QOS policy for the MU data
above and beyond the QOS TOS markings or DiffServ markings that may
have been applied to the end-to-end user data. If the message type
is not CTP-Data, then this field is not interpreted by either AP or
AC and MUST be set to all zeros.
Protocol
Provides identification of payload protocol in support of Split-MAC
operations.
0 for Local-MAC.
RADIO TYPE û Radio Protocol (see Capabilities Exchange in 5.3.1)
Session ID Field
This is a 2 byte field that includes a unique session identifier
provisioned by the AC after successful authentication.
Singh Expires - December 2005 [Page 10]
� Internet-Draft CTP June 2005
Length Field
This is a 2 byte field that indicates the length of payload (excludes
the header length).
4.2 Messages
The following message types are defined in CTP:
Message Type
-----------------------------
Reserved 0-1
Reg-Req 2
Reg-Rsp 3
Auth-Req 4
Auth-Rsp 5
SW-Update-Req 6
SW-Update-Rsp 7
Config-Req 8
Config-Rsp 9
Config-Ack 10
Conf-Status-Notify 11
Set-State-Req 12
Set-State-Rsp 13
Stats-Notify 14
CTP-Data 15
Poll-Req 16
Poll-Rsp 17
Stats-Req 18
Stats-Rsp 19
Cap-Req 20
Cap-Rsp 21
Reserved 22-50
MU-Connect-Req 51
MU-Connect-Rsp 52
MU-Disconnect-Req 53
MU-Disconnect-Rsp 54
MU-Authenticate-Req 55
MU-Authenticate-Rsp 56
MU-Disconnect-Nfy 57
MAC-Management 58
Reserved 59-255
4.3 Message Payloads
Each message type defined above may or may not have a corresponding
CTP message payload. The payload contents are exchanged with the AC
through the exchange of relevant Type-Length-Value (TLV) elements.
Singh Expires - December 2005 [Page 11]
� Internet-Draft CTP June 2005
Each element is encoded as follows:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Value...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type
One of the element types as defined below
Length
Total length of the type + length + value fields
Value
Value
Several elements may be combined in sequence to provide a full
payload definition.
Note: In order to properly utilize TLVs, the length field of the CTP
header must be properly calculated and includes the sum of the length
fields of all TLVs in the payload.
The following provides a list of TLVs as defined in this version of
the protocol:
Definition Type Length Description
(bytes)
---------------------------------------------------------------------
STATUS 1 4 Explicit indication of the
response to requests messages.
Values for STATUS are the same
across all messages:
0 - Undefined
1 - Success
2 û Failure
SWVersion 2 Variable ASCII text representation of
the AP software version
number.
AP SERIAL_NUMBER 3 16 Unique ASCII representation of
the Serial number of AP. This
Singh Expires - December 2005 [Page 12]
� Internet-Draft CTP June 2005
serial number of the AP must
be a priori available to the
AC. Method of getting this
serial number to the AC is out
of scope for this document.
AP REG_CHALLENGE 4 16 A 16 byte random challenge
generated by the AC, to be
used by AP upon registration.
AP REG_RESPONSE 5 16 A 16 byte AP calculated
response to AP REG CHALLENGE
AC_IPADDR LIST 6 Variable List of AC IP addresses with
which said AP should attempt
to connect
CONFIG 7 variable Value contains a [SNMP] set of
OIDs of encoded configuration
elements
AC REG CHALLENGE 8 16 A 16 byte random challenge
generated by the AP, to be
used by AC upon registration
request.
AC REG_RESPONSE 9 16 A 16 byte AC calculated
response to AC REG CHALLENGE
NETWORK ID 10 4 Network ID with which a given
radio in the AP is associated.
This value is unique as it is
calculated by the AC upon the
provisioning phase of the AP
and provided to it in the
Config-Rsp message. In the
case of 802.11 radio
technology, this is the
Extended Service Set (ESS) to
which the AP belongs. This is
a 32 bit integer represent-
ation of the ESS. For other
radio technologies, this is a
unique value representing the
network that the radio is a
member of.
Singh Expires - December 2005 [Page 13]
� Internet-Draft CTP June 2005
AP_STATE 11 4 Value contains indication of
AP state:
0=Standby
1=Active
2=Reset
SESSION_KEY 12 19 Encrypted session encryption
key to secure AP to/from AC
communications.
STATS 13 Variable Value contains a
[SNMP] set of OIDs of encoded
statistics elements
RADIO ID 15 1 Index number of the radio as
learnt during the Capabilities
exchange.
REQ ID 16 1 Message identification to
match request and response
messages.
AUTH_PAYLOAD 17 Variable Payload TLV to include
Encapsulation of MU
Authentication/Authorization
Messages. Typically EAP
frames.
CERTIFICATE 18 Variable Digital certificate
credentials of the AP or AC
5. Message descriptions
5.1 Message State Control
Unless otherwise stated, every message that is a "request" type
includes a REQ ID payload inserted by the sender of the message.
This is sent so as to aid in the match of messages that are received
as "responses". After the transmission of each request, the source
will wait up to 2 seconds for the reception of the response. If a
response is not received, the source will retransmit the packet up to
3 times. If after 3 attempts a response is still not received the
source aborts the session and resets its state machine. If the
source is the AP, the AP shall resume registration operations.
Correspondingly the AC will simply delete the AP session from its
database and drop all packets which are from unregistered APs.
Singh Expires - December 2005 [Page 14]
� Internet-Draft CTP June 2005
5.2 Control and Status messages
5.2.1 CTP_Reg-Req
This message is used by the AP to request registration with the AC.
This message is initiated by the AP after successful secure discovery
and following the hardware and software initialization sequence of
the AP. The Session ID of this message is set to 0x0000 because the
AC will subsequently assign a Session ID upon successful
authentication. This message requires a mandatory payload, namely
"AP Serial Number".
HEADER
Type = 2
SessionID = 0x0000
PAYLOAD
REQ ID
AP SERIAL NUMBER
5.2.2 CTP Reg-Rsp
This message is sent by the AC to an AP to indicate that it has
conditionally accepted the AP's registration request based on knowing
who the AP is and based on the provided serial number. If the STATUS
= Success, then this message will also contain an AP REG CHALLENGE
payload. This is a randomly generated 16 byte challenge to the AP.
HEADER
Type = 3
SessionID = 0x0
PAYLOAD
REQ ID = from the corresponding Reg-Req message
STATUS = Success (1) or Failure (2) based on the known AP database
in the AC
AP REG CHALLENGE
5.2.3 CTP Auth-Req
This message is sent by the AP to begin the authentication phase of
the connection establishment with the AC. It contains the AP serial
number, an AP REG RESPONSE payload, the AP's digital certificate
(which contains the AP's public key) and a 16 byte random challenge
to the AC. Note that the SessionID field in the packet header is
still zero.
Singh Expires - December 2005 [Page 15]
� Internet-Draft CTP June 2005
HEADER
Type = 4
SessionID = 0x0
PAYLOAD
REQ ID
AP_SERIAL_NUMBER
CERTIFICATE
AP REG RESPONSE = Digital Signature of the concatenation of the AP
SERIAL NUMBER and the AP REG CHALLENGE (from the Reg-Rsp message)
AC_REG_CHALLENGE = 16 byte random number challenge sent to
authenticate the AC.
The response is calculated by the AP and is verified by the AC. For
details on the calculation of challenge and response, see Section 7
5.2.4 CTP Auth-Rsp
This message is sent by the AC to the AP as an indication of the
success or failure of the authentication phase. The AP is only
considered to have successfully associated with the AC if both
registration and authentication phases complete successfully.
HEADER
Type = 5
SessionID = 16 byte unsigned value generated by the AC. This is
set appropriately in this message if the authentication phase was
successful. After this message, the AP should use this Session ID in
all subsequent messages.
PAYLOAD
REQ ID = from the corresponding Auth-Req message
STATUS = Success (1) if the AP's digital certificate was
successfully verified and the AP REG RESPONSE was verified.
CERTIFICATE
AC REG RESPONSE = Digital Signature of the concatenation of the AP
SERIAL NUMBER and the AC REG CHALLENGE (from the Auth-Req message)
SESSION KEY = An encrypted payload of the AC generated CTP session
key. This is encrypted using the public key of the AP as received in
the AP's digital certificate from the Auth-Req message.
The STATUS payload indicates whether authentication and registration
was processed correctly. If so, Session ID for registration is
explicitly provided in the message header.
5.2.5 CTP SW-Update-Req
Singh Expires - December 2005 [Page 16]
� Internet-Draft CTP June 2005
This message is sent by the AP to ask the AC whether it should
upgrade its own software or not. It simply needs to provide its
current software version to the AC.
This message MAY also be sent by the AC to the AP which is a command
indication for the AP to stop operations and upgrade its software.
HEADER
Type = 6
SessionID = the assigned ID as received in the Auth-Rsp message.
PAYLOAD
REQ ID
SWVersion = Variable length ASCII text specifying the current
running software on the AP.
5.2.6 CTP SW-Update-Rsp
This message is sent by the AC to signal the AP to upgrade its
software or by the AP to the AC to indicate to confirm that it has
received the upgrade request. When the corresponding request is
issued by the AP, the AC will check the SWVersion payload received in
the Software-Upgrade-Req for the AP and send a response based on a
match. The interpretation of the SWVersion payload is implementation
specific. The response by the AC is either "Yes" or "No" which is
interpreted through the STATUS payload. If the response by the AC
indicates a failure the AP must abandon the registration stage,
upgrade its software to the version indicated by the AC. The method
by which the software image is exchanged is outside of the scope of
this protocol.
When the corresponding request is issued by the AC, the AP will
simply confirm the reception of the request and abandon itÆs
connected state in order to perform the upgrade.
HEADER
Type = 7
SessionID = the assigned ID as received in the Auth-Rsp message.
PAYLOAD
REQ ID = from the corresponding SW-Update-Req message
STATUS = [Success/Don't Upgrade (1) | Failure/Upgrade (2)]
SWVersion [On Failure] = Variable length ASCII text specifying the
correct software version the AP should have in order to complete the
session registration with the AC.
5.2.7 CTP_Set-State-Req
Singh Expires - December 2005 [Page 17]
� Internet-Draft CTP June 2005
This message is sent by the AC to modify the operational state of the
AP. For example, at some point during an established connection it
may be necessary to instruct an AP to go to STANDBY state or initiate
a reboot/reset of its state machine. These states are usually
entered upon user request
The following states are defined and apply to the AP:
ACTIVE
Indication to the AP that it should exit standby state and should
resume full active network state including enabling itÆs RF
interfaces. This is the default state of the AP after successful
configuration phase.
STANDBY
This signifies a state where the AP, although connected to the AC, is
in a state whereby no RF connection is allowed. It may be a sent to
the AP upon user request.
RESET
This is used as a command to the AP to change state to initialization
state. This may be sent to the AP upon user request or upon failure
of any of the phases of the control channel establishment.
HEADER
Type = 12
SessionID = AP session id from registration
PAYLOAD
REQ ID
AP_STATE = [STANDBY(0) | ACTIVE(1) | RESET(2)]
5.2.8 CTP_Set-State-Rsp
This message is sent by the AP to indicate to the AC that it has
changed its operational state as requested.
HEADER
Type = 13
SessionID = AP session id from registration
PAYLOAD
REQUEST ID = Same ID that was received in the Set-State-Req
message.
STATUS = [Success (1) | Failure (2)]
AP_STATE = [STANDBY(0) | ACTIVE(1) | RESET(2)]
Singh Expires - December 2005 [Page 18]
� Internet-Draft CTP June 2005
The RESET(2) state assumes that the AP would have reset its
operations after sending out this message.
5.2.9 CTP Poll-Req
This message is the keep-alive mechanism for the CTP control channel.
This is sent by the AP to the AC. The default send frequency for
this message is 5 seconds. If no response is received from the AC
after sending this message 6 times in a row, then the AP should tear
down its CTP control channel state and reattempt to connect to the
AC. These values are considered to be defaults. An AP
implementation MAY choose to change these values for suitability to
network deployment conditions.
HEADER
Type = 16
SessionID = AP session id from registration
PAYLOAD
REQ ID = ID representing the Poll-Req. Incremented until a
corresponding Poll-Rsp is received.
5.2.10 CTP Poll-Rsp
This message is the keepalive mechanism for the CTP control channel.
This is sent by the AC in response to a CTP Poll-Req message received
from the AP. The AC SHOULD detect the loss of connectivity with the
AP based on the receipt of a Poll-Req message.
HEADER
Type = 17
SessionID = AP session id from registration
PAYLOAD
REQ ID = ID corresponding to the Poll-Req received.
5.2.11 CTP_MU-Connect-Req
This message is sent by the AP to relay an association request
received from an MU to the AC.
HEADER
Type = 51
SessionID = AP session id from registration
PAYLOAD
REQ ID
MU-MAC-Address = MAC Address corresponding to the associating MU
Singh Expires - December 2005 [Page 19]
� Internet-Draft CTP June 2005
NETWORK ID = Network identification where association is taking
place
RADIO ID = Radio ID where association is taking place
5.2.12 CTP_MU-Connect-Rsp
This message is sent by the AC to authorize the access point to relay
an association response to the MU requesting service. If the
association is successful, then the AC MAY also include optional
payloads such as Policy which can be enforced at the AP.
If the association is rejected by the AC, the AP must disallow
association of the MU.
HEADER
Type = 52
SessionID = AP session id from registration
PAYLOAD
REQ ID = from the corresponding MU-Connect-Req message
MU-MAC-Address = MAC Address corresponding to the associating MU
STATUS = [Success (1) | Failure internal error (2)| Failure user
deny (3)]
5.2.13 CTP_MU-Disconnect-Req
This message is sent by the AC to request that a specific Mobile Unit
session be removed from the AP list of currently connected devices.
This operation may be the result of Mobile Unit roaming to a
different AP or the result of Mobile Unit session timeout, or
administrator request.
The MU-MAC-Address identifies the device in question.
HEADER
Type = 53
SessionID = AP session id from registration
PAYLOAD
REQ ID = ID for the request. Must increment after every
retransmission of this message.
MU-MAC-Address = MAC Address corresponding to the MU that is to be
disconnected.
RADIO ID = Radio ID where disconnection is required.
5.2.14 CTP_MU-Disconnect-Rsp
Singh Expires - December 2005 [Page 20]
� Internet-Draft CTP June 2005
This message is sent by the AP to indicate that it has successfully
processed a disconnect request by the AC. At this point the MU should
no longer be associated with the AP.
HEADER
Type = 54
SessionID = AP session id from registration
PAYLOAD
REQ ID = Same ID that was received in the MU-Disconnect-Req
message.
MU-MAC-ADDRESS = MAC Address corresponding to the MU that was
disconnected
STATUS = [Success (1) | Failure (2)]
5.2.15 CTP_MU-Disconnect-Nfy
This message is sent by the AP to the AC to indicate that it has
received an explicit disconnection message from the MU. The
transmission of this message from the AP is dependent on the MAC
layer of the radio technology implemented on the AP as well as the
capability of the MU. For example, the radio MAC layer may or may
not support an explicit "disconnect" trigger when an MU goes away.
Rather, the disconnection is based on a timer. In cases where the
disconnection is timer based, the AC may be the appropriate entity to
handle idle timer management. However, in the case where there may
be a disconnect indication, then the AP must send this message to the
AC when and MU disconnects.
HEADER:
Type = 57
SessionID = AP session ID negotiated at registration
PAYLOAD
MU-MAC-Address = MAC address of Mobile unit that was disconnected
NETWORK ID =
RADIO ID =
5.2.16 CTP MU-Authenticate-Req
This message is sent by the AP to forward an authentication request
to the AC. In the case of 802.1x/EAP authentication, the payload of
this packet will include information that the AC will forward to a
RADIUS Server
HEADER
Type = 55
SessionID = AP session id from registration
Singh Expires - December 2005 [Page 21]
� Internet-Draft CTP June 2005
PAYLOAD
REQ ID
AUTH_PAYLOAD = The authentication request payload between the AP
and the AC carries the request of the MU for authentication. In
typical cases this will be the EAP packets from an 802.1x supplicant.
5.2.17 CTP MU-Authenticate-Rsp
This message is sent by the AC to forward an authentication response
to the AP. In the case of 802.1x/EAP authentication, the payload of
this packet will include the response from the RADIUS server which
will be forwarded to the AP.
HEADER
Type = 56
SessionID û AP session id from registration
PAYLOAD
REQ ID = from the MU-Authenticate-Req message
AUTH_PAYLOAD = The Authentication response payload between the AP
and the AC carries the response from the authentication server. In
typical cases this will be the EAP packets from the Authentication
server.
STATUS = [Success (1) | Failure (2)] - Note that the authenticator
to authentication server interface resides in the AC so the AC does
know the state of the authentication.
Note: There may be multiple transitions of this message set.
5.2.18 CTP MAC-Management
The MAC-Management frame provides transport for protocol specific
management frames in support of Split-MAC implementations
HEADER
Type= 58
SessionID û AP Session id from registration
Payload type = RADIO_TYPE (Capabilities exchange [5.3.1])-
Indicates radio technology employed by radio. Provides reference to
associated MAC protocol type.
PAYLOAD
The payload of the wireless MAC management frame
5.3 Configuration and Statistics messages
These messages correspond to information and command exchanges
between AP and AC only after successful authentication and setup of
the secure channel between AP and AC.
Singh Expires - December 2005 [Page 22]
� Internet-Draft CTP June 2005
5.3.1 CTP Cap-Req
This message is sent by the AP to indicate to the AC the capabilities
of this AP in regards to the number of radios and the types of RF
technologies that it supports. The AP will encode its capabilities
per each RADIO (or interface) that it supports. These are encoded in
a variable length embedded attribute format called ôcapabilities
control framesö. A type-length-value encoding scheme, similar to the
format of payloads of regular control messages, is used to encode the
capabilities attributes (ATTs) in the capability control frames.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Value...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
The available capability attributes are defined as follows:
1) ATT-NUM-RADIOS - number of radios that the AP supports.
Type= 1
Length= 1 byte
Value= 1 through 255
2) ATT-RADIO-INFO - the information for each radio that
consists of the RADIO-INDEX, RADIO-TYPE, and NUM-
NETWORKS. There MUST be exactly ATT-NUM-RADIOS number of
unique ATT-RADIO-INFO attributes within the Cap-Req
message.
Type= 2
Length= 3 bytes
Value= radio information type as defined below:
0 1 2
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| RADIO-INDEX | PHY-TYPE | NUM NETWORKS |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
where
RADIO-INDEX is a unique index of the enumeration of the
number of radios that the AP supports. The AC will use this
value for subsequent configuration and control.
PHY-TYPE is defined as
Singh Expires - December 2005 [Page 23]
� Internet-Draft CTP June 2005
o Reserved = 0
o 802.11a = 1
o 802.11b = 2
o 802.11g only = 3
o 802.11n = 4
o 802.15 = 5
o 802.16 = 6
o 802.20 = 7
o 802.22 = 8
o Reserved = 9 through 254
o All = 255 (this value indicates that
all interfaces are configurable
to any radio type)
NUM-NETWORKS is the number of logical networks that the
RADIO supports.
3) ATT-MAC-INFO û This attribute consists of information
pertaining to the implementation of the wireless MAC
layer in the WTP. This in turn specifies to the AC the
mode of MAC operation. At this time only two types of
MAC implementation are supported, ie. Local MAC and Split
MAC. The MAC-INFO attribute also allows the AP and AC the
ability to negotiate Authentication and User Data
Encryption functions.
Type= 3
Length= 2 bytes
Value= MAC layer information as defined below:
0 1 2
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+_
| RADIO-INDEX | MAC-CAP | AUTH-CAP | ENCRYPT-CAP |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
where
RADIO-INDEX is a unique index of the enumeration of the
number of radios that the AP supports
MAC-CAP is defined as MAC Capabilities:
o Local MAC = 1
o Split MAC = 2
Singh Expires - December 2005 [Page 24]
� Internet-Draft CTP June 2005
AUTH-CAP is defined to indicate the 802.1x Authenticator
capabilities:
o Full 802.1x Authenticator support = 1
o MAC Key Management support only = 2
ENCRYPT-CAP is defined to indicate the Encryption
Capabilities of the radio:
o Supports user data encryption at AP = 1
o Supports user data encryption at AC = 2
4) ATT-NETWORK-INFO - This attribute consists of the unique
information that identifies each network per RADIO-INDEX
and consists of RADIO-INDEX, NETWORK-INDEX and NETWORK-
ID. Each Cap-Req payload MUST contain exactly NUM-
NETWORKS worth of unique ATT-NETWORK-INFO attributes.
Type= 4
Length= 8 bytes
Value= network information type as defined below:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| RADIO-INDEX | NETWORK-INDEX | NETWORK ID |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| NETWORK ID |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
where
RADIO-INDEX is a unique index of the enumeration of the
number of radios that the AP supports
NETWORK-INDEX is a unique index of the enumeration of the
networks that each RADIO supports
NETWORD-ID is the unique identifier for the network. This 6
byte value MAY be the MAC address for the given network
within the radio. In the case of 802.11 radios, this value
SHOULD be the BSS ID.
Singh Expires - December 2005 [Page 25]
� Internet-Draft CTP June 2005
5) ATT-VENDOR-ID - name of vendor or manufacturer of AP.
Type= 5
Length= 4 bytes
Value = a 32-bit value containing the IANA assigned
"SMI Network Management Private Enterprise Codes" [3].
6) ATT-PRODUCT-ID - name of product.
Type= 6
Length= variable length value of string
Value= ASCII string for the name of the product, non-
Null terminated.
HEADER
Type = 20
SessionID = AP session id from registration
PAYLOAD
REQ ID = increments with each retransmission.
The capabilities attributes encoded as TLVs and as defined above.
5.3.2 CTP Cap-Rsp
This message is sent by the AC to acknowledge the capabilities of the
AP. The AC must ack or nak the capabilities for each RADIO-INFO
element that it received in the Cap-Req message. This is
accomplished by sending back exactly ATT-NUM-RADIOS worth of ATT-
RADIO-INFO-ACK for each RADIO-INFO sub-attribute that this AC
supports.
The ATT-RADIO-INFO-ACK is an attribute that contains the RADIO-INDEX
and CAP-STATUS sub-attribute. For each Radio type that the AC
supports, the CAP-STATUS must be set to 1. For each radio type that
the AC does not support, the CAP-STATUS must be set to 0.
Type= 7
Length= 2 bytes
Value= as defined below.
0 1
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| RADIO-INDEX | CAP-STATUS |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
HEADER
Type = 21
SessionID = AP session id from registration
Singh Expires - December 2005 [Page 26]
� Internet-Draft CTP June 2005
PAYLOAD
REQ ID = ID corresponding to the Cap-Req message.
The AC capabilities attribute response encoded as TLVs and as
defined above.
5.3.3 CTP Config-Req
This message is sent by the AP to request configuration from its
master AC. This message must be sent only after a receipt of a
successful Auth-Rsp message from the AC and the verification of the
ACÆs AC REG RESPONSE payload.
HEADER
Type = 8
SessionID û the assigned ID as received in the Auth-Rsp message.
PAYLOAD
REQ ID
No specific information is required on this message.
5.3.4 CTP Config-Rsp
This message is sent by the AC as a response to a Config-Req message
to provide the configuration parameters for the registered AP.
HEADER
Type = 9
SessionID = AP session id from registration
Sequence Number = Sequence number of current packet.
PAYLOAD
REQ ID = from Config-Req message
STATUS = [Success (1) | Failure (2)]
CONFIG = The type of the configuration payload is defined in
Section 5.3.10.
5.3.5 CTP Config-Ack
This message is sent by the AP to indicate proper reception of an
AP_Config-Rsp message. This message is particularly important in
processing multi-sequenced packets, in particular configuration
updates that require more than one payload for full receipt of
configuration information.
HEADER
Type = 10
SessionID = AP session id from registration
Singh Expires - December 2005 [Page 27]
� Internet-Draft CTP June 2005
PAYLOAD
None
5.3.6 CTP_Config-Status-Notify
This message is used by the AP to indicate to the AC that it has
successfully completed it's configuration as per parameters indicated
by the AP.
HEADER
Type = 11
SessionID = AP session id from registration
PAYLOAD
STATUS
5.3.7 CTP_Stats-Notify
This message is sent by the AP to provide periodic operational
statistics to the AC. This message is also used following a correct
configuration establishment to indicate to the AC that the AP is
functionally ready to enter ACTIVE state.
HEADER
Type = 14
SessionID = AP session id from registration
PAYLOAD
STATS - The type of the statistics payload is defined in Section
5.3.10.
5.3.8 CTP Stats-Req
This message is sent by the AC to request statistics information upon
request. It is intended to be used as an interface by an
administrator or management application to query the AP for
instantaneous statistics information.
HEADER
Type = 18
SessionID = AP session id from registration
PAYLOAD
STATS = The type of the statistics payload is defined in Section
5.3.10
5.3.9 CTP Stats-Rsp
Singh Expires - December 2005 [Page 28]
� Internet-Draft CTP June 2005
This message is sent by the AP to provide operational statistics to
the AC as per the Stats-Req message. It is similar in format to the
Stats-Notify message.
HEADER
Type = 19
SessionID = AP session id from registration
PAYLOAD
STATS = The type of the statistics payload is defined in Section
5.3.10
5.3.10 Configuration and Statistics
Two data representations were considered for the CTP configuration
and statistics payload. The first data representation considered was
a TLV representation where all the variables for the statistics and
configuration would be defined as groups of TLVs. Given the nature of
CTP as a radio agnostic protocol and the complexity of the statistics
and configuration of the 802.11 protocols with multiple networks per
radio a TLV representation might be cumbersome and not extensible.
Most of todayÆs network devices in both the enterprise and the
carrier space employ the Simple Network Management Protocol. Thus, it
is natural to assume that most, if not all, APs will contain an
embedded SNMP agent able to decode SMI representations. Using SMI
representations for configuration and statistics variables can speed
up deployment of CTP without incurring additional cost for the APs.
Our recommendation is to reuse the 802.11 MIBs where applicable for
the CTP configuration and statistics message payload. MIB extensions
should be defined where the corresponding IEEE MIBs are not
sufficient. Upon reception of the message the CTP daemon should
forward the configuration and statistics message payload to the SNMP
daemon for further decoding and processing of the SMI O.I.D.s.
5.4 CTP_Data Messages
The CTP data messages use the same CTP header as the control and
other messages. If the Type field is 15 (CTP-Data), then the Policy
field of the header is used by the AC to tag the data for special
handling. The interpretation of the Policy field is left up to the
implementation. An example of its use is as follows:
Data packet coming into the AC from the wired network is a voice
packet as indicated by the TOS or DSCP markings in the IP header.
This TOS/DSCP byte will be copied to the outer transport header for
proper priority handling within the network between the AP and the
AC. However, for appropriate classification at the AP, the AC sets
the Policy field to a value that allows the AP to prioritize this
Singh Expires - December 2005 [Page 29]
� Internet-Draft CTP June 2005
packet over other data packets that may have a lower priority.
Similarly in the reverse direction, the MU may have set the
appropriate fields in the original IP header, but the AP can
interpret those bits and map them to the Policy field in the CTP-Data
header for special dispensation at the AC.
5.4.1 CTP_Data
This message is used for transport of MU data frames. The contents
of the message body are not interpreted by the AP layer other than
sending it to the MAC layer of the AP.
HEADER
Type = 15
SessionID = AP session id from registration
Policy = as set by the implementation
Payload type = RADIO_TYPE (Caps Exchange)
0 û Local MAC uses an 802.3 frame format
Radio-Type û MAC data frame format (e.g. 802.11)
Flags: X (Optional) û Indicates presence of extended payload
header for 802.11 data frames. The extended payload indicates RF
characteristics of the data frame.
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ RSSI | RATE |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
RSSI û Provides Signal Strength indicator payload.
RATE û The data rate as expressed as an integer in 500 kb/s
increments.
PAYLOAD
802.3 frame in the case of local MAC. Wireless protocol dependent
in the case of split MAC.
Singh Expires - December 2005 [Page 30]
� Internet-Draft CTP June 2005
6. State Machines
This state machine in Figure 5 indicates the logical state
transitions of the CTP session establishment.
user-request/reset
+----------------------------------------------+
| |
| |
| |
| |
| |
V +-----------+ |
+------+ Success | Control | Success +----------+
| Init |------------->| Session |--------->| Active |
+------+ | Establish | +----------+
^ +-----------+ ^ |
| | | |
| | | |
| | user-req | |user-req
| | | |
| | | |
| Failure | | V
+--------------------------+ +----------+
| Standby |
+----------+
Figure 5 - Simple CTP state machine
6.1 Init
This state represents the boot state, and initialization of the
hardware. Entry into this state is either Failure of the Control
Session Establishment or user-request or reset signal from the Active
state
6.2 Control Channel Establishment
Once Initialization completes the AP initiates the control channel
establishment phase of the connection. Any phase within this state
that fails because of a STATUS=FAILURE or no response from either
device will result in a failure of the whole phase and go back to
initialization. A successful completion of the control session
establishment process will include
Registration
Authentication
Singh Expires - December 2005 [Page 31]
� Internet-Draft CTP June 2005
Software Upgrade Notification
Capability negotiation
Configuration Request
Configuration Response
Configuration Ack.
Upon receipt of a successful Config-Ack from the AP, the AP and AC
session for the AP are put into ACTIVE state.
6.3 Active State
Once confirmation of successful registration is received the device
now has a properly established communications/tunneling session with
the AC. The Authentication response MUST have indicated a valid CTP
session ID by which this tunnel is registered on the AC. So in this
state, the SessionId MUST be non-zero.
This state persists until device terminates or communications with
the AC are interrupted. To assist in the detection of connection
termination, the device MUST implement the CTP Poll-Req and Poll-Rsp
messages as described previously. Another method of exiting this
state is with an explicit Set-State message that may only be
initiated by the AC to the AP.
6.4 Standby State
At some time during the operation, it may be necessary to instruct an
AP to halt its current operation, ie. to switch off the RF
interface(s) on the AP . This is done by the Set-State message. The
device will remain in this state, until explicitly told by the AC to
resume operation also using the Set-State message.
7. Authentication, Encryption and Session Key generation
Since the AP and AC can be separated over any arbitrary L3 cloud,
first and foremost there is a need for a secure binding between the
AC and AP. A control channel security association is required
between the AC and AP.
7.1 Authentication
The AC and AP must go through a mutual authentication phase during a
registration and authentication process and form a security
association. A couple of assumptions are made to ensure this
security association is created. First, there must be a secure
mechanism to get the digital certificates onto the APs and ACs and
that process must be run either at the factory or prior to device
deployment. Secondly, the placement of the AP ID (in most cases the
AP serial number) in a data store on the AC assumes a secure
Singh Expires - December 2005 [Page 32]
� Internet-Draft CTP June 2005
insertion mechanism. This may be a manual process or other secure ID
provisioning methods may be employed. Mutual authentication of AP and
AC is done by means of digital certificates as is described below.
+----+ +----+
| AP | | AC |
+----+ +----+
Reg-Req(AP-ID)
---------------------------------------------->
Reg-Rsp(Status,AP-challenge)
<----------------------------------------------
Auth-Req(AP-ID,AP-cert,AP-resp,AC-challenge)
----------------------------------------------->
Auth-Rsp(Status,AC-cert,AC-rsp,Session-Key)
<-----------------------------------------------
AP-ID - AP SERIAL NUMBER attribute. This attribute is assumed to be
available in a data store in the AC as well as being factory burnt-in
in the AP device. The AC will respond with a STATUS=Success in the
Reg-Rsp message if there is a match in its data store for the given
AP-ID
AP-challenge - is a 16 byte random number generated using [4] as
guidelines for the randomness of the challenge.
AP-cert - Is a digital certificate assumed to be available on the AP
prior to its Registration request. The mechanism to get the
certificate onto the AP is out of scope for this document.
AP-resp - Is a digital signature over the SHA-1 hash of the AP-
challenge concatenated with the AP-ID.
S-ap(H-sha1(AP-challenge|AP-ID))
AP-challenge - is a 16 byte random number generated for subsequent
authentication of the AC.
AC-cert - Is a digital certificate or chain of certificates of the AC
that is assumed to be available on the AC prior to sending the Reg-
Rsp message. The mechanism to get the certificate or chain of
certificates onto the AC is out of scope for this document.
AC-resp - is a digital signature over the SHA-1 hash of the AC-
challenge concatenated with the encrypted session key.
S-ac(H-sha1(AC-challenge|Enc-ac-p(SessionKey)))
Singh Expires - December 2005 [Page 33]
� Internet-Draft CTP June 2005
Session Key - is actually the encrypted randomly generated session
encryption keying material. The AC uses the public key of the AP to
encrypt the session encryption key. The size of the Session Key is 19
bytes. The first 16 bytes are used as AES-CCM encryption and the
remaining 3 bytes are used as a salt for a nonce which is required by
the AES-CCM algorithm. See section 7.2 for encryption details.
The Session key is a random number generated using [4]. At the time
of writing this document there are no known weak keys for AES.
The following steps describe in detail the registration and
authentication process:
1. The AP sends a Reg-Req message with its AP SERIAL NUMBER. If it
does not receive a Reg-Req within 3 seconds, it must resend the
Reg-Req message.
2. Upon receipt of the Reg-Req message, the AC checks its data store
for the AP SERIAL NUMBER. If it exists then the AC sends back a
Reg-Rsp message with STATUS payload with Success (1) attribute
and an AP CHALLENGE payload. If the AP SERIAL NUMBER does not
exist, then a Reg-Rsp message with a STATUS payload of Failure
(2) is sent back.
3. The AP will take the AP CHALLENGE payload, concatenate it with
the AP SERIAL NUMBER and calculate an AP RESPONSE as shown above
and send it back to the AC along with an AC CHALLENGE payload and
its own digital CERTIFICATE payload in an Auth-Req message.
4. Upon receipt of the Auth-Req message the AC will
a. Verify the AP's digital certificate
b. Verify the AP RESPONSE, which was the digital signature of
the AP over the hash of the AP CHALLENGE and the AP SERIAL
NUMBER. This is done with the public key of the AP.
c. If both a) and b) are verified correctly, then the STATUS
payload will contain Success (1). Otherwise it will contain
Failure (2).
d. If Success, then the AC will add its own CERTIFICATE to the
Auth-Rsp message
e. Encrypt the session encryption keys with the public key of
the AP.
f. Generate a unique SessionID to be used in subsequent CTP
messages.
g. Send back an Auth-Rsp message with STATUS, CERTIFICATE, AC
RESPONSE and SESSION KEY payloads with the SessionID in the
CTP header.
5. Upon receipt of the Auth-Rsp message, the AP will
a. Verify the AC's digital certificate
b. Verify the AC RESPONSE which was the digital signature of the
AC over the hash of the AC CHALLENGE and the encrypted
session encryption key.
c. Decrypt the encrypted session encryption key with its own
private key
Singh Expires - December 2005 [Page 34]
� Internet-Draft CTP June 2005
d. Store the SessionID which will be used in each subsequent CTP
message.
6. All CTP control messages after the Auth-Rsp will be sent
encrypted with AES-CCM as described in section 7.2.
7.2 Encryption
Once the registration and authentication process has successfully
completed then the control traffic is encrypted. The traffic is
confined to control, configuration and management traffic between the
AC and AP.
It is believed that for security sensitive applications and
deployments there will always be an end to end encrypted tunnel for
MU data traffic. Therefore, a data path encryption mechanism is not
provided by CTP.
For Local-MAC mode all control messages which are used to establish a
trust relationship between the AP and AC, must be encrypted. If a
non-encrypted CTP control packet with type other than CTP_Reg-Req,
CTP_Reg-Rsp, CTP_Auth-Req and CTP_Auth-Rsp is received, it MUST be
dropped by a receiver and no notification is sent to the sender.
For Split-MAC mode encryption of Control Packets depends on location
of PMK key. If PMK is centrally stored in AC, WTP forwards
MAC_MGMT_FRAMEs without CTP encryption, because encapsulated 802.11
management frames are already encrypted. If PMK key is distributed to
WTP, 802.11 encryption terminates at WTP and CTP tunnel MUST encrypt
MAC_MGMT_FRAMEs. Location of PMK keys is negotiated in [5.3.1]
Encrypted packets MUST be sent in the following format:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Ver |0|0|0|P|E| Type | Policy | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Session Id. | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IV (8 bytes) |
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Sequence Number |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Encrypted data |
| (var length) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Authentication Data (variable) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Singh Expires - December 2005 [Page 35]
� Internet-Draft CTP June 2005
The first 8 bytes is general CTP header described in section 4.1. E
bit MUST be equal to 1.
The additional fields have the following meaning:
IV û Initialization Vector used by AES-CCM as described in section
7.2.
Sequence Number û 32 bits value used for anti-replay protection.
Encrypted Data û data of variable length encrypted with AES-CCM.
Typically the encrypted data corresponds to the specified message
payloads.
Authentication Data û MAC of CTP header, IV, Sequence Number and
encrypted data.
CTP uses AES-CCM encryption as defined in [5] with value L = 4 and
value M = 8. The Nonce length is 11 bytes. The Nonce is formed by
concatenation of 3 bytes of the salt send by AC to the AP during
Session Key exchange and 8 bytes of Initialization Vector. The sender
of a packets MUST NOT send two packets with the same IV, as it
immediately leads to plain-text revealing.
The Sequence Number field MUST start from zero for the first
encrypted packet and is incremented each time a packet is encrypted.
The receiver MUST use the sequence number field to protect against
replay-attack and MAY use it to accept reordered or late packets. The
sender MUST negotiate a new session key before reaching maximum value
for the Sequence Number.
The sender of an encrypted packet MUST perform the following steps
during the packet encryption:
- IV and the Sequence Number are inserted into the packet after CTP
header.
- E bit in CTP header is set to 1.
- The first 20 bytes including CTP header, IV and the Sequence
Number are passed to AES-CCM for authentication only.
- The CTP payload is encrypted with AES-CCM.
- After encryption, a MAC value received from AES-CCM is copied to
the output packet after encrypted data.
- The Sequence Number MUST be incremented
- IV value must be changed to another value which has not been used
so far with the current encryption key.
The receiver of the encrypted packet MUST perform the following steps
during the packet decryption:
Singh Expires - December 2005 [Page 36]
� Internet-Draft CTP June 2005
- E bit in CTP header is checked. If it is not 1, the packet is
silently dropped.
- Type of the packet is checked. All control packets except CTP_Reg-
Req, CTP_Reg-Rsp, CTP_Auth-Req and CTP_Auth-Rsp must be encrypted.
- The Sequence Number is compared to the sequence number of the last
received packet, which MUST be stored by the receiver. If the
Sequence Number is larger that the one stored by the receiver the
packet MUST be accepted for further processing. If the sequence
number is equal to the one stored by the receiver the packet MUST
be silently dropped. If the sequence number is lower that stored by
the receiver, packet MAY be accepted it the receiver implements
sliding window algorithm.
- Payload of the packet is passed for decryption to AES-CCM
algorithm.
- The first 20 bytes of the packet starting with CTP header are
passed to AES-CCM for authentication.
- Data payload is passed to AES-CCM for decryption
- After decryption, MAC value received from AES-CCM decryption
process is compared to the MAC value received in the packet. If
locally calculated MAC does not match the MAC value from the
received packet, the packet MUST be silently dropped. If MAC values
are equal, the packet is passed for further processing.
- IV, the Sequence Number and MAC values are stripped from the
packet.
- If the Sequence Number from the received packet is larger than
stored by the receiver, the receiver must update the stored
sequence number with the received one.
7.3 Session Key refresh and generation
One session key is used to encrypt control packets exchanged in both
directions between the AP and the AC. The Session Key is always
generated by the AC and is sent to AP during the CTP registration and
authentication phase as described in section 7.1.
The Session Key must be refreshed before either one of the following
happens:
- key lifetime expires
- sequence numbers are exhausted
The Session KeyÆs lifetime is not negotiated in-band and is set to 24
hours.
If the Session KeyÆs lifetime has expired or the sequence numbers has
been exhausted and the new Session Key has not been negotiated, the
receiver MUST silently drop any received packet and the sender MUST
NOT encrypt CTP packet.
The Key refresh is always initiated by the AP. The packet exchange
between the AP and the AC for new key is TBD.
Singh Expires - December 2005 [Page 37]
� Internet-Draft CTP June 2005
The AC MAY request the AP to start the key refresh process by sending
TBD packet.
After the Session Key refresh, the AC must use the old key until it
receives a packet encrypted with the new Session Key, what is an
indication that the AP received and accepted the new Session Key.
8. Security considerations
CTP provides mutual authentication of the AP and the AC. The trust is
achieved by digital certificates. The trust hierarchy leading to
successful certificate or certificates chain validation is out of
scope of this document.
Certificates issued for the AP and the AC are bound to the serial
number of the AP and the AC respectively.
During the authentication exchange, the receiver cannot verify that
the sender of the certificate really has the serial number presented
in the certificate. An attacker may steal the legitimate credentials
and send a valid certificate from a device with different serial
number.
During the authentication phase the receiver MAY verify whether the
presented certificate has not been revoked. The mechanism of
accessing CRL is not defined by CTP.
CTP encryption and authentication is sufficient for control packets
only. It MUST NOT be used for data encryption, because the exchange
between the AP and the AC does not use ephemeral keys. Compromise of
APÆs private key enables an attacker to decrypt all session keys used
in the past between the AP and AC and decrypt all data packets
exchanged between AP and AC.
Control packets exchanged between the AP and the AC are encrypted and
authenticated. Both, confidentiality and authentication is provided
by AES-CCM as described in [5].
9. References
[1] Bradner, S., "Key words for use in RFCs to Indicate Requirement
Levels", BCP 14, RFC 2119, March 1997
[2] OÆHara, B., et. al, ôCAPWAP Problem Statementö, RFC 3990,
February 2005
Singh Expires - December 2005 [Page 38]
� Internet-Draft CTP June 2005
[3] "Assigned Numbers: RFC 1700 is Replaced by an On-line Database",
January 2002, ftp://ftp.isi.edu/in-notes/rfc3232
[4] Eastlake, D., et. al., "Randomness Recommendations for Security",
December 1994, RFC 1750
[5] Whiting, et al., "Counter with CBC-MAC (CCM)", September 2003,
RFC 3610
10. Author's Addresses
Paulo Francisco
Chantry Networks
1900 Minnesota Court
Mississauga, ON L5N 3C9
Canada
Phone: +1 905-363-6410
Email: paulo@chantrynetworks.com
Inderpreet Singh
Chantry Networks
1900 Minnesota Court
Mississauga, ON L5N 3C9
Canada
Phone: +1 905-363-6412
Email: isingh@chantrynetworks.com
Krzysztof Pakulski
Chantry Networks
1900 Minnesota Court
Mississauga, ON L5N 3C9
Canada
Phone: +1 905-363-6400 (ext. 6449)
Email: kpakulski@chantrynetworks.com
Michael Montemurro
Chantry Networks
1900 Minnesota Court
Mississauga, ON L5N 3C9
Canada
Phone: +1 905-363-6413
Email: mike@chantrynetworks.com
Singh Expires - December 2005 [Page 39]
� Internet-Draft CTP June 2005
Floyd Backes
AutoCell Laboratories
125 Nagog Park
Acton, MA 01720
USA
Phone: +1 978-264-4884
Email: fbackes@autocell.com
Intellectual Property Statement
The IETF takes no position regarding the validity or scope of any
intellectual property or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; neither does it represent that it
has made any effort to identify any such rights. Information on the
IETF's procedures with respect to rights in standards-track and
standards-related documentation can be found in BCP-11. Copies of
claims of rights made available for publication and any assurances of
licenses to be made available, or the result of an attempt made to
obtain a general license or permission for the use of such
proprietary rights by implementers or users of this specification can
be obtained from the IETF Secretariat.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights which may cover technology that may be required to practice
this standard. Please address the information to the IETF Executive
Director.
Disclaimer of Validity
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Copyright Statement
Copyright (C) The Internet Society (2005). This document is subject
to the rights, licenses and restrictions contained in BCP 78, and
except as set forth therein, the authors retain all their rights.
Singh Expires - December 2005 [Page 40]
� Internet-Draft CTP June 2005
Acknowledgment
Funding for the RFC Editor function is currently provided by the
Internet Society.
Singh Expires - December 2005 [Page 41]
�
