Internet DRAFT - draft-tsou-pcp-natcoord
draft-tsou-pcp-natcoord
Internet Engineering Task Force Q. Sun
Internet-Draft China Telecom
Intended status: Standards Track M. Boucadair
Expires: August 26, 2013 France Telecom
S. Sivakumar
Cisco Systems
C. Zhou
Huawei Technologies
T. Tsou
Huawei Technologies (USA)
S. Perreault
Viagenie
February 22, 2013
Port Control Protocol (PCP) Extension for Port Set Allocation
draft-tsou-pcp-natcoord-10
Abstract
This document defines an extension to PCP allowing clients to
manipulate sets of ports as a whole. This is accomplished by a new
MAP option: PORT_SET.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on August 26, 2013.
Copyright Notice
Copyright (c) 2013 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
Sun, et al. Expires August 26, 2013 [Page 1]
�
Internet-Draft PCP PORT_SET February 2013
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
1.1. Lightweight 4over6 . . . . . . . . . . . . . . . . . . . 2
1.2. Applications Using Port Sets . . . . . . . . . . . . . . 3
1.3. Firewall Control . . . . . . . . . . . . . . . . . . . . 3
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. The need for PORT_SET . . . . . . . . . . . . . . . . . . . . 3
4. The PORT_SET Option . . . . . . . . . . . . . . . . . . . . . 4
4.1. Client Behavior . . . . . . . . . . . . . . . . . . . . . 5
4.2. Server Behavior . . . . . . . . . . . . . . . . . . . . . 6
4.3. Port Set Renewal and Deletion . . . . . . . . . . . . . . 6
5. Operational Considerations . . . . . . . . . . . . . . . . . 7
6. Security Considerations . . . . . . . . . . . . . . . . . . . 7
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7
8. Authors List . . . . . . . . . . . . . . . . . . . . . . . . 7
9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 8
10. References . . . . . . . . . . . . . . . . . . . . . . . . . 9
10.1. Normative References . . . . . . . . . . . . . . . . . . 9
10.2. informative References . . . . . . . . . . . . . . . . . 9
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 9
1. Introduction
This section describes a few (and non-exhaustive) envisioned use
cases. Note that the PCP extension defined in this document is
generic and is expected to be applicable to other use cases.
1.1. Lightweight 4over6
In the Lightweight 4over6 [I-D.cui-softwire-b4-translated-ds-lite]
architecture, shared global addresses can be allocated to customers.
It allows moving the Network Address Translation (NAT) function,
otherwise accomplished by a Carrier-Grade NAT (CGN)
[I-D.ietf-behave-lsn-requirements], to the Customer-Premises
Equipment (CPE). This provides more control over the NAT function to
the user, and more scalability to the ISP.
In the lw4o6 architecture, the PCP-controlled device corresponds to
the lwAFTR, and the PCP client corresponds to the lwB4. The client
Sun, et al. Expires August 26, 2013 [Page 2]
�
Internet-Draft PCP PORT_SET February 2013
sends a PCP MAP request containing a PORT_SET option to trigger
shared address allocation on the lwAFTR. The PCP response contains
the shared address information, including the port set allocated to
the lwB4.
1.2. Applications Using Port Sets
Some applications require not just one port, but a port set. One
example is a Session Initiation Protocol (SIP) User Agent Server
(UAS) [RFC3261] expecting to handle multiple concurrent calls,
including media termination. When it receives a call, it needs to
signal media port numbers to its peer. Generating individual PCP MAP
requests for each of the media ports during call setup would
introduce unwanted latency. Instead, the server can pre-allocate a
set of ports such that no PCP exchange is needed during call setup.
Using PORT_SET, an application can manipulate port sets much more
efficiently than with individual MAP requests.
1.3. Firewall Control
Port sets are often used in firewall rules. For example, defining a
range for RTP [RFC3550] traffic is common practice. The MAP request
can already be used for firewall control. The PORT_SET option brings
the additional ability to manipulate firewall rules operating on port
sets instead of single ports.
2. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119].
3. The need for PORT_SET
Multiple MAP requests can be used to manipulate a set of ports,
having roughly the same effect as a single use of a MAP request with
a PORT_SET option. However, use of the PORT_SET option is more
efficient when considering the following aspects:
Network Traffic: A single request uses less network resources than
multiple requests.
Latency: Even though MAP requests can be sent in parallel, we can
expect the total processing time to be longer for multiple
requests than a single one.
Sun, et al. Expires August 26, 2013 [Page 3]
�
Internet-Draft PCP PORT_SET February 2013
Client-side simplicity: The logic that is necessary for maintaining
a set of ports using a single port set entity is much simpler than
that required for maintaining individual ports, especially when
considering failures, retransmissions, lifetime expiration, and
re-allocations.
Server-side efficiency: Some PCP-controlled devices can allocate
port sets in a manner such that data passing through the device is
processed much more efficiently than the equivalent using
individual port allocations. For example, a CGN having a "bulk"
port allocation scheme (see [I-D.ietf-behave-lsn-requirements]
section 5) often has this property.
Server-side scalability: The number of mapping entries in PCP-
controlled devices is often a limiting factor. Allocating port
sets in a single request can result in a single mapping entry
being used, therefore allowing greater scalability.
Therefore, while it is functionally possible to obtain the same
results using plain MAP, the extension proposed in this document
allows greater efficiency, scalability, and simplicity, while
lowering latency and necessary network traffic. In a nutshell,
PORT_SET is a necessary optimization.
In addition, PORT_SET supports parity preservation. Some protocols
(e.g. RTP [RFC3550]) assign meaning to a port number's parity. When
mapping sets of ports for the purpose of using such kind of protocol,
preserving parity can be necessary.
4. The PORT_SET Option
Option Name: PORT_SET
Number: TBD
Purpose: To map sets of ports.
Valid for Opcodes: MAP
Length: 2 bytes
May appear in: Both requests and responses
Maximum occurrences: 1
NOTE TO IANA (to be removed prior to publication as an RFC): The
number is to be assigned by IANA in the range 1-63 (i.e.,
mandatory to process and created via Standards Action).
Sun, et al. Expires August 26, 2013 [Page 4]
�
Internet-Draft PCP PORT_SET February 2013
The PORT_SET Option indicates that the client wishes to reserve a set
of ports. The requested number of ports in that set is indicated in
the option.
The PORT_SET Option is formatted as shown in Figure 1.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Option Code=? | Reserved |P| Option Length=2 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Port Set Size |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 1: PORT_SET Option
The fields are as follows:
P: 1 if parity preservation is requested, 0 otherwise.
Port Set Size: Number of ports requested. MUST NOT be zero nor one.
NOTE: In its current form, PORT_SET does not support allocating
discontinuous port sets. That feature could be added in the
future depending on input from the working group.
The Internal Port Set is defined as being the range of Port Set Size
ports starting from the Internal Port. The External Port Set is
respectively defined as being the range of Port Set Size ports
starting from the Assigned External Port. The two ranges always have
the same size (i.e., the Port Set Size returned by the server).
4.1. Client Behavior
To retrieve a set of ports, the PCP client adds a PORT_SET option to
its PCP MAP request. If port preservation is required, the PCP
Client MUST set the parity bit (to 1) to ask the server to preserve
the port parity (i.e., the Assigned External Port and Internal Port
have the same parity). The PCP client MUST indicate a suggested Port
Set Size. A non-null value MUST be used.
The PCP Client MUST NOT include more than one PORT_SET option in a
MAP request. If several port sets are needed, the PCP client MUST
issue as many MAP requests each of them include a PORT_SET option.
These individual MAP request MUST include distinct Internal Port.
If the PORT_SET option is not supported by the server, the PCP client
will have to issue individual MAP requests with no PORT_SET option.
Sun, et al. Expires August 26, 2013 [Page 5]
�
Internet-Draft PCP PORT_SET February 2013
4.2. Server Behavior
In addition to regular MAP request processing, the following checks
are made upon receipt of a PORT_SET option with non-zero Requested
Lifetime:
o If multiple PORT_SET options are present in a single MAP request,
a MALFORMED_OPTION error is returned.
o If the Port Set Size is zero or one, a MALFORMED_OPTION error is
returned.
If the PREFER_FAILURE option is present and the server is unable to
map all ports in the requested External Port Set or is unable to
preserve parity (P = 1), the CANNOT_PROVIDE_EXTERNAL error is
returned.
If the PREFER_FAILURE option is absent, the server MAY map fewer
ports than the value of Port Set Size from the request. It MUST NOT
map more ports than the client asked for. In any case, the Internal
Port Set MUST always begin from the Internal Port indicated by the
client. In particular, if the port mapping failed either because of
the unavailability of ports, the PCP Server SHOULD reserve only one
external port (i.e., the PCP server ignores the PORT_SET option). If
the server ends up mapping only a single port, for any reason, the
PORT_SET option MUST NOT be present in the response.
If the PREFER_FAILURE option is absent and port parity preservation
is requested (P = 1), the server MAY preserve port parity. In that
case, the External Port is set to a value having the same parity as
the Internal Port.
If a mapping already exists and the PORT_SET option can be honored,
the PCP server updates the mapping with port set information and
sends back a positive answer to the requesting PCP client.
If the mapping is successful, the MAP response's Assigned External
Port is set to the first port in the External Port Set, and the
PORT_SET option's Port Set Size is set to number of ports in the
mapped port set.
4.3. Port Set Renewal and Deletion
Port set mappings are renewed and deleted as a single entity. That
is, the lifetime of all port mappings in the set is set to the
Assigned Lifetime at once.
Sun, et al. Expires August 26, 2013 [Page 6]
�
Internet-Draft PCP PORT_SET February 2013
The PORT_SET option MUST be present in a renewal or deletion request.
If a server receives a MAP request without a PORT_SET option and
whose Internal Port is inside a mapped Internal Port Set, it replies
with a MALFORMED_REQUEST error.
5. Operational Considerations
It is totally up to the PCP server to determine the port-set quota
for each PCP client. In addition, when the PCP-controlled device
supports multiple port-sets delegation for a given PCP client, the
PCP client MAY re-initiate a PCP request to get another port set when
it has exhausted all the ports within the port-set.
If the PCP server is configured to allocate multiple port-set
allocation for one subscriber, the same Assigned External IP Address
SHOULD be assigned to one subscriber in multiple port-set requests.
To optimize the number of mapping entries maintained by the PCP
server, it is RECOMMENDED to configure the server to assign the
maximum allowed port set in a single response. This policy SHOULD be
configurable.
The failover mechanism in MAP [section 14 in [I-D.ietf-pcp-base]] and
[I-D.boucadair-pcp-failure] can also be applied to port sets.
6. Security Considerations
It is believed that no additional security considerations beyond
those discussed in [I-D.ietf-pcp-base] apply to this extension.
7. IANA Considerations
IANA shall allocate a code in the range 1-63 for the new PCP option
defined in Section 4.
8. Authors List
The following are extended authors who contributed to the effort:
Yunqing Chen
China Telecom
Room 502, No.118, Xizhimennei Street
Beijing 100035
P.R.China
Sun, et al. Expires August 26, 2013 [Page 7]
�
Internet-Draft PCP PORT_SET February 2013
Chongfeng Xie
China Telecom
Room 502, No.118, Xizhimennei Street
Beijing 100035
P.R.China
Yong Cui
Tsinghua University
Beijing 100084
P.R.China
Phone: +86-10-62603059
Email: yong@csnet1.cs.tsinghua.edu.cn
Qi Sun
Tsinghua University
Beijing 100084
P.R.China
Phone: +86-10-62785822
Email: sunqibupt@gmail.com
Gabor Bajko
Nokia
Email: gabor.bajko@nokia.com
Xiaohong Deng
France Telecom
Email: xiaohong.deng@orange-ftgroup.com
9. Acknowledgements
Sun, et al. Expires August 26, 2013 [Page 8]
�
Internet-Draft PCP PORT_SET February 2013
The authors would like to show sincere appreciation to Alain Durand,
Dan Wing, Dave Thaler, Reinaldo Penno, Sam Hartman, and Yoshihiro
Ohba, for their useful comments and suggestions.
10. References
10.1. Normative References
[I-D.ietf-pcp-base]
Wing, D., "Port Control Protocol (PCP)", October 2012.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
10.2. informative References
[I-D.boucadair-pcp-failure]
Boucadair, M., Dupont, F., and R. Penno, "Port Control
Protocol (PCP) Failure Scenarios", August 2012.
[I-D.cui-softwire-b4-translated-ds-lite]
Cui, Y., Sun, Q., Boucadair, M., Tsou, T., and Y. Lee,
"Lightweight 4over6: An Extension to DS-Lite
Architecture", Feb 2012.
[I-D.ietf-behave-lsn-requirements]
Perreault, S., Yamagata, I., Miyakawa, S., Nakagawa, A.,
and H. Ashida, "Common requirements for Carrier Grade NATs
(CGNs)", draft-ietf-behave-lsn-requirements-10 (work in
progress), December 2012.
[RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston,
A., Peterson, J., Sparks, R., Handley, M., and E.
Schooler, "SIP: Session Initiation Protocol", RFC 3261,
June 2002.
[RFC3550] Schulzrinne, H., Casner, S., Frederick, R., and V.
Jacobson, "RTP: A Transport Protocol for Real-Time
Applications", STD 64, RFC 3550, July 2003.
Authors' Addresses
Qiong Sun
China Telecom
P.R.China
Phone: 86 10 58552936
Email: sunqiong@ctbri.com.cn
Sun, et al. Expires August 26, 2013 [Page 9]
�
Internet-Draft PCP PORT_SET February 2013
Mohamed Boucadair
France Telecom
Rennes 35000
France
Email: mohamed.boucadair@orange.com
Senthil Sivakumar
Cisco Systems
7100-8 Kit Creek Road
Research Triangle Park, North Carolina 27709
USA
Phone: +1 919 392 5158
Email: ssenthil@cisco.com
Cathy Zhou
Huawei Technologies
Bantian, Longgang District
Shenzhen 518129
P.R. China
Email: cathy.zhou@huawei.com
Tina Tsou
Huawei Technologies (USA)
2330 Central Expressway
Santa Clara, CA 95050
USA
Phone: +1 408 330 4424
Email: Tina.Tsou.Zouting@huawei.com
Simon Perreault
Viagenie
246 Aberdeen
Quebec, QC G1R 2E1
Canada
Phone: +1 418 656 9254
Email: simon.perreault@viagenie.ca
Sun, et al. Expires August 26, 2013 [Page 10]
