AERO Minimal
EncapsulationBoeing Research & TechnologyP.O. Box 3707SeattleWA98124USAfltemplin@acm.orgI-DInternet-DraftAsymmetric Extended Route Optimization (AERO) specifies both a
control messaging and data packet forwarding facility for managing
tunnels over an enterprise network or other Internetwork. Although AERO
can operate with any tunnel encapsulation format, the base document
considers Generic UDP Encapsulation (GUE) as the default. This document
presents a minimal encapsulation format for AERO for use when a UDP
header is not needed.Asymmetric Extended Route Optimization (AERO) specifies both a control messaging and
data packet forwarding facility for forwarding Internet Protocol (IP)
packets over an
enterprise network or other Internetwork through a process known as
tunneling. Although AERO can operate with any tunnel encapsulation
format, the base document specifies the insertion of a User Datagram
Protocol (UDP) header with port 8060 between
the inner and outer IP headers per the Generic UDP Encapsulation (GUE)
specification. This document presents
a minimal encapsulation format for AERO for use when a UDP header is not
needed.In its minimal form, AERO can use direct IP-in-IP encapsulation or
Generic Routing Encapsulation (GRE) for interior routing and addressing services. The
encapsulation is therefore only differentiated from other tunnel types
through the application of AERO control messaging.However, the tunnel fragmentation required by AERO to support a
guaranteed minimum 1500 bytes requires a different fragment header than
the one offered by GUE .
Instead, for simple IP-in-IP encapsulation an IPv6 fragment header is
inserted directly between the inner and outer IP headers when needed,
i.e., even if the outer header is IPv4. The IPv6 Fragment Header is
identified to the outer IP layer by its IP protocol number, and the Next
Header field in the IPv6 Fragment Header identifies the inner IP header
version. shows the AERO minimal encapsulation format
before any fragmentation is applied:The IPv6 Fragment Header is inserted whenever the AERO tunnel ingress
needs to apply fragmentation to accommodate packets no larger than 1500
bytes. Fragmentation is performed on the inner packet while
encapsulating each inner packet fragment in identical outer IP and IPv6
Fragment Headers. Fragmentation therefore follows the same procedure as
for the case when a UDP header is included, which follows the same
procedure as for standard IPv6 fragmentation.The IPv6 Fragment Header can also be inserted in order to include a
coherent Identification value with each packet, e.g., to aid in
Duplicate Packet Detection (DPD). In this way, networking devices can
cache the Identification values of recently-seen packets and use the
cached values to determine whether a newly-arrived packet is in fact a
duplicate.Finally, the Identification value within each packet could provide a
rough indicator of packet reordering, e.g., in cases when the tunnel
egress wishes to discard packets that are grossly out of order.Minimal encapsulation is preferred in environments where UDP
encapsulation would add unnecessary overhead. For example, certain
low-bandwidth wireless data links may benefit from an 8-byte-per-packet
overhead reduction. This is not likely to be a prime consideration for
many modern wireless data links nor for most modern wired-line data
links.UDP encapsulation can traverse network paths that are inaccessible to
minimal encapsulation, e.g., for crossing Network Address Translators
(NATs). More and more, network middleboxes are also being configured to
discard packets that include anything other than a well-known IP
protocol such as UDP and TCP. It may therefore be necessary to consider
the potential for middlebox filtering before enabling minimal
encapsulation in a given environment.Evidence seems to suggest that IPv6 fragmentation does not work along
all paths, since well-meaning network middleboxes may consider it as an
attack.GRE encapsulation can be used instead of simple IP-in-IP
encapsulation when GRE facilities such as keys and checksums are
desired. In that case, AERO can include a GRE fragmentation header in
the encpasulation as shown
in :This document introduces no IANA considerations.Security considerations are discussed in the base AERO specification
.TBD