Network Working GroupA new Request for Comments is now available in online RFC libraries.
RFC 3186
Title: MAPOS/PPP Tunneling mode
Author(s): S. Shimizu
INTERNET-DRAFT Shimizu, T. Kawano Kawano, K. Murakami
NTT Network Innovation Labs. Murakami, E. Beier
DeTe Systems
July 2000
Expires: January
Status: Informational
Date: December 2001
MAPOS/PPP Tunneling mode
(draft-shimizu-ppp-mapos-00.txt)
Status of this Memo
This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC2026.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet- Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
Distribution of this memo is unlimited. Please send comments to the
authors <shimizu@ntt-20.ecl.net> <kawano@core.ecl.net>
<murakami@ntt-20.ecl.net> and <Beier@bina.de>.
Abstract
Mailbox: shimizu@ntt-20.ecl.net, kawano@core.ecl.net,
murakami@ntt-20.ecl.net, Beier@bina.de
Pages: 14
Characters: 27109
Updates/Obsoletes/SeeAlso: None
I-D Tag: draft-shimizu-ppp-mapos-01.txt
URL: ftp://ftp.rfc-editor.org/in-notes/rfc3186.txt
This document specifies tunneling configuration over MAPOS (Multiple
Access Protocol over SONET/SDH) networks. Using this mode, a MAPOS
network can provide transparent point-to-
point point-to-point link for PPP over
SONET/SDH (Packet over SONET/SDH, POS) without any additional
overhead.
1. Introduction
MAPOS [1] frame is designed to be similar to PPP over SONET/SDH
(Packet over SONET/SDH, POS)[2][3] frame. This means that a MAPOS
network can easily carry POS frames with no additional header
overhead. PPP tunneling configuration over MAPOS networks (MAPOS/PPP
tunneling mode) provides an efficiant way of L2 multiplexing by which
users can share the cost of high speed longhaul links.
This document specifies MAPOS/PPP tunneling mode. In this mode, a
MAPOS network memo provides a point-to-point link for those who intend to
connect POS equipment. Such link is established within a MAPOS
switch, or between a pair of MAPOS switches by rewriting POS header
with MAPOS header information for each L2 frame.
Chapter 2 describes the specification in two parts. First part is
user network interface (UNI) specification and the second part is
operation, administration, management and provisioning (OAM&P)
description. Other issues such as congestion avoidance, end-to-end
fairness control are out of scope of this document.
An example of service is given in Chapter 3. Some security issues
are noted in Chapter 4.
2. MAPOS/PPP tunneling mode
2.1 Overview
MAPOS/PPP tunneling mode is based on header rewriting. Figure 1.
shows Internet community. It does
not specify an example of MAPOS/PPP tunneling mode. The MAPOS network uses
MAPOS 16 [6] in this example. Consider a tunneling path between
customer premise equipment (CPE) A and CPE B which are industry Internet standard POS equipment. Unique MAPOS addresses (0x0203 and 0x0403
respectively) are assigned to both of CPEs inside MAPOS switches.
Usually these assignments are predetermined on per port basis.
From CPE A to CPE B, ingress MAPOS switch A rewrites the first 2
octets of every frame from CPE A, which are fixed as 0xFF and 0x03,
to the MAPOS address any kind. Distribution of its peer, which is 0x0403. Frames are
forwarded by MAPOS network and arrives at the egress MAPOS switch B
which rewrites the first 2 octets to their original values. Vice
versa for packet from CPE B to CPE A. If MAPOS v1 [5] is used in the
MAPOS network, only the first octet is rewritten.
+-----+ POS/0x0203 +--------+ +--------+
|CPE A|<---------->|MAPOS | MAPOS |MAPOS |<---
+-----+ --->|switch A|------------------|switch |<---
+--------+\__ Networks __/+--------+
\__ __/
+--------+ +-|-----|-+ POS/0x0403 +-----+
--->|MAPOS |----|MAPOS |<---------->|CPE B|
--->|switch | |switch B |<--- +-----+
+--------+ +---------+
Figure 1. MAPOS/PPP tunneling mode
The tunneling path between the two CPEs is managed by each
ingress/egress MAPOS switches.
2.2 User-Network Interface(UNI)
2.2.1 Physical Layer
For transport media between border MAPOS switch and CPE, SONET/SDH
signal this
memo is utilized. Signal speed, path signal label, light power
budget and all physical requirements are the same as PPP over
SONET/SDH [2].
SONET/SDH overheads are terminated at the ingress/egress switches. unlimited.
This means, SONET/SDH performance monitors and alarms are used only
for the link between CPE and the switch. Service provider should
prepare high-reliable inter-switch link by using optically protected
WDM equipment and/or SONET/SDH protected ring.
A CPE should synchronize to the clock of the border MAPOS switch.
The corresponding port of the MAPOS switch uses its internal clock.
However, when the CPE announcement is connected to the MAPOS switch through
SONET/SDH network, both should synchronize sent to the clock of the
SONET/SDH transmission equipment.
2.2.2 Link layer
Link layer framing between CPE and MAPOS switch also follows the
specification of PPP over SONET/SDH [2].
HDLC operation including byte stuffing, scrambling, FCS generation
is terminated at the ingress/egress switch. In a MAPOS switch, HDLC
frame [3] is picked up from a SONET/SDH payload and the first octet
(HDLC address) for MAPOS v1 [1], and the first two octets (HDLC
address and control field) for MAPOS 16 [6] are rewritten. The
operation inside the border switch is as follows:
From CPE (Ingress Switch receiving):
SONET/SDH framing -> X^43+1 Descrambling -> Byte destuffing
-> FCS detection (if error, silently discard)
-> L2 HDLC address/control rewriting
(0xFF -> MAPOS v1 destination address, or
0xFF03 -> MAPOS 16 destination address)
-> MAPOS-FCS generation
-> Byte stuffing -> X^43+1 Scrambling -> SONET/SDH framing
To CPE (Egress Switch transmitting):
SONET/SDH framing -> X^43+1 Descrambling -> Byte destuffing
-> MAPOS-FCS detection (if error, silently discard)
-> L2 HDLC address/control rewriting
(MAPOS v1 address -> 0xFF, or
MAPOS 16 address -> 0xFF03)
-> FCS generation
-> Byte stuffing -> X^43+1 Scrambling -> SONET/SDH framing
For STS-3c-SPE/VC-4, non-scrambled frame can be used for
compatibility with RFC 1619. However, the use of 32bit-CRC and
X^43+1 scrambling is recommended in RFC2615 [2] and for MAPOS
networks.
Maximum transmission unit (MTU) of the link must not be negotiated
larger than MAPOS-MTU which is 65280 octets.
Figure 2 shows a CPE-side L2 frame and the converted frame in the
ingress/egress MAPOS switches. Note that the MAPOS/PPP tunneling
mode is not a piggyback encapsulation, but it is a transparent link
with no additional header overhead.
+----------+----------+----------+----------+
| Flag | Address | Control | Protocol |
| 01111110 | 11111111 | 00000011 | 16 bits |
+----------+----------+----------+----------+
+-------------+---------+----------+----------+-----------------
| Information | Padding | FCS | Flag | Inter-frame Fill
| * | * |16/32 bits| 01111110 | or next Address
+-------------+---------+----------+----------+-----------------
(a) HDLC frame from/to CPE
+----------+----------+----------+----------+
| Flag | MAPOS Destination | Protocol |
| 01111110 | 0xxxxxx0 | xxxxxxx1 | 16 bits |
+----------+----------+----------+----------+
+-------------+---------+----------+----------+-----------------
| Information | Padding |MAPOS FCS | Flag | Inter-frame Fill
| * | * |16/32 bits| 01111110 | or next Address
+-------------+---------+----------+----------+-----------------
(b) Converted MAPOS 16 frame, forwarded in MAPOS networks
Figure 2. HDLC frame from/to CPE and its conversion
2.3 Operation, Administration, Management and Provisioning (OAM&P)
2.3.1 MAPOS port configuration
When a port of MAPOS switch is configured to PPP tunneling mode, at
least the following operations are performed in the switch.
a) Disable NSP [9] and SSP [7] (for the port, same below)
b) Disable MAPOS broadcast IETF list and multicast forwarding
c) Enable header rewriting function
d) Reset the Path Signal Label (C2) RFC-DIST list.
Requests to 0x16 if X^43+1 scrambling is
used. The value 0xCF is used for non-scrambled OC3c signal.
e) Start host-route advertisement (see 2.3.2)
When the port is configured back to MAPOS mode, reverse order of the
operations above are performed. That means;
a) Stop host-route advertisement (see 2.3.4)
b) Reset the Path Signal Label (C2) to MAPOS default (0x8d)
c) Disable header rewriting function
d) Enable MAPOS broadcast and multicast forwarding
e) Enable NSP [9] and SSP [7]
2.3.2 Path Establishment
A MAPOS/PPP tunneling path is established by following steps.
a) Choose MAPOS address pair on both ingress/egress switches and
configure their ports to PPP tunneling mode. Switches enable
their header rewriting process and start advertising host-
route for the tunneling port.
b) Wait for host-route exchange and its convergence.
c) When the routes for both directions become stable, the
tunneling path is established. The link between the CPEs may
be set up at that moment; PPP LCP controls are transparently
exchanged by the CPEs.
To add a new path, operators should pick unused MAPOS address-pair.
They may be determined simply by choosing switches and ports for each
CPE, because there is one-to-one correspondence between MAPOS
addresses and switch ports.
Then, those ports should be configured added to MAPOS/PPP tunneling mode
on both of the switches. This triggers header rewriting and host-
route advertising. Using triggered update of SSP [7], both switches
will receive a route to each other. When the routes become stable,
the path is established and frame forwarding is started. Until then,
the link between border switches and CPE should be down.
A MAPOS/PPP tunneling path should be managed by or deleted from the pair of MAPOS
addresses. It IETF distribution list
should be carefully handled sent to IETF-REQUEST@IETF.ORG. Requests to avoid misconfiguration
such as path duplication. For convenient management, path database
can be used
added to keep information about pairs of MAPOS addresses. Note
that the path database is not used for frame forwarding. It is for
OAM&P use only.
2.3.3 Failure detection and indication
When any link or node failure is detected, it deleted from the RFC-DIST distribution list should
be indicated to
each peer of the path. This is done by PPP keepalive (LCP Echo
request/reply) for end-to-end detection.
Consideration is required to handle SONET/SDH alarms. When a link
between CPE and the MAPOS switch fails, it is detected by both the
MAPOS switch and the CPE seeing SONET/SDH alarms. However, far-side
link remains up and no SONET/SDH error is found; SONET/SDH alarms
are not transferred sent to the far end because each optical path is
terminated in MAPOS network. In this case, the far end will see
'link up, line protocol down' status because of keepalive expiration.
For example, figure 3 shows a tunneling path. When link 1 goes
down, MAPOS sw A and CPE A detects SONET/SDH alarms but MAPOS sw B
and CPE A' do not see this failure. When PPP keepalive expires, CPE
A' detects the failure and stops the packet transmission. The same
mechanism is used for failure within the MAPOS cloud (link 2). When
a MAPOS switch is down, SSP handles it as a topology change.
1 2 3
CPE A <-x-> MAPOS sw A ---(MAPOS cloud)--- MAPOS sw B <---> CPE A'
Figure 3. Link failure
2.3.4 Path removal
A MAPOS/PPP tunneling path is removed by following steps.
a) Choose the path to remove, configure MAPOS switches RFC-DIST-REQUEST@RFC-EDITOR.ORG.
Details on both
ends of the path to disable the ports connected to the CPEs.
b) Switches removes host-route entry of peer addresses and
stops advertising host-route information.
c) Wait for the host-route information to be cleard from the
MAPOS network. Path database obtaining RFCs via FTP or EMAIL may be updated that the path is
removed.
Frames arriving after the destination port was disabled should be
silently discarded and should not be forwarded obtained by sending
an EMAIL message to rfc-info@RFC-EDITOR.ORG with the port.
2.3.5 Provisioning and Design Consideration
Because MAPOS does not have any QoS control at its protocol level,
and POS does not have flow-control feature, it is difficult to
guarantee end-end throughput. Sufficient bandwidth message body
help: ways_to_get_rfcs. For example:
To: rfc-info@RFC-EDITOR.ORG
Subject: getting rfcs
help: ways_to_get_rfcs
Requests for inter-switch
link special distribution should be prepared to support all paths on the link.
Switches are recommended to ensure per-port fairness using any
appropriate queueing algorithm. This is especially important for
over-subscribed configuration, for example to have more than 16 OC12c
paths on one OC192c inter-switch link.
Although MAPOS v1 [5] can be applied addressed to either the MAPOS/PPP tunneling
mode, MAPOS 16 [6] is recommended for ease
author of address management.
Automatic switch address negotiation mechanism is not suitable for the MAPOS/PPP tunneling mode, because the path management mechanism
becomes much more complex.
3. Service example
Figure 4 shows an example of MAPOS network with four switches.
Inter-switch links are provided at OC192c or OC48c rate, customer
links are either OC3c or OC12c rate. Some links are optically
protected. Path Database (Path DB) is used for path management.
Using MAPOS-netmask with 8 bits, this topology can be extended up to
64 MAPOS switches, each equipped with up to 127 CPE ports. Switch
addresses are fixed to pre-assigned values.
The cost of optical protection (< 50ms) can be shared among paths.
Unprotected link can also be coupled for more redundancy RFC in case of
link failure. SSP provides restoration path within a few seconds.
0x2003+---------+ +---------+ 0x2203
A----->| MAPOS | OC192c(protected) | MAPOS |<-------A'
0x2005| Switch 1|=======================| Switch 2| 0x2205
B----->| 0x2000/8| _________| 0x2200/8|<-------C'
+---------+ / +---------+
OC192c| /
| / OC48c(backup)
+---------+ / +---------+ 0x2603
| MAPOS |_________/ | MAPOS |<-------B'
0x2405| Switch 3|=======================| Switch 4|
C----->| 0x2400/8| OC192c(protected) | 0x2600/8|
+---------+ +---------+
Path database entries:
-----------------------------------------------------------
User : Speed : PPP mode : Addrs pair : Status
-----------------------------------------------------------
A-A' : OC3c : CRC32, scramble : 0x2003-0x2203 : Up and running
B-B' : OC12c : CRC32, scramble : 0x2005-0x2603 : B Down
C-C' : OC3c : CRC16, no-scram : 0x2405-0x2205 : C' Down
...
-----------------------------------------------------------
Figure 4. Example Topology and its Path Management
4. Security Consideration
There is no way to control question, or attack a MAPOS network from CPE side
under PPP tunneling mode. It is impossible to tap other stream
because it is completely transparent from the viewpoint of PPP layer.
However, operaters must carefully avoid misconfiguration such as path
duplication. Per-path isolation is extremely important.
In addition, potential vulnerability still exists in a mixed
environment where PPP tunneling mode and MAPOS native mode coexists
in the same network. Use of such environment is not recommended,
until some filter (like VLAN mechanism) is implemented in all MAPOS
switches in the network. Note that there is no source address field
in the MAPOS framing.
For example, each switch may have forwarding database RFC-Manager@RFC-EDITOR.ORG. Unless
specifically noted otherwise on per-port
basis. Traffic from a MAPOS node is not forwarded to any of the
tunneling ports that are listed as host-route entries in the
forwarding table.
5. Expiration
This Internet Draft expires within 6 months from the date of
submission.
6. References
[1] Murakami, K., and Maruyama, M., "MAPOS - Multiple Access
Protocol over SONET/SDH Version 1", RFC2171, June 1997.
[2] Malis, A., and Simpson, W., "PPP over SONET/SDH", RFC2615, June
1999.
[3] Simpson, W., Editor, "PPP in HDLC-like Framing", STD 51, RFC
1662, Daydreamer, July 1994.
[4] Simpson, W., Editor, "The Point-to-Point Protocol (PPP)",
STD 51, RFC1661, Daydreamer, July 1994.
[5] Murakami, K., and Maruyama, M., "MAPOS - Multiple Access
Protocol over SONET/SDH Version 1", RFC2171, June 1997.
[6] Murakami, K., and Maruyama, M., "MAPOS 16 - Multiple Access
Protocol over SONET/SDH with 16 Bit Addressing", RFC2175, June
1997.
[7] Murakami, K., and Maruyama, M., "A MAPOS version 1 Extension -
Switch-Switch Protocol", RFC2174, June 1997.
[8] Murakami, K. and M. Maruyama, "A MAPOS version 1 Extension -
Node Switch Protocol," RFC-2173, June, 1997.
7. Acknowledgements
The authors would like to acknowledge the contributions and
thoughtful suggestions of Takahiro Sajima.
8. Author's Address
Susumu Shimizu
Tetsuo Kawano
Ken Murakami
NTT Network Innovation Laboratories,
3-9-11, Midori-cho Musashino-shi
Tokyo 180-8585 Japan
Phone: +81 422 59 3323 Fax: +81 422 59 3765
E-mail: shimizu@ntt-20.ecl.net
E-mail: kawano@core.ecl.net
E-mail: murakami@ntt-20.ecl.net
Eddy Beier
DeTe Systems
Nuremberg, Germany
E-mail: Beier@bina.de
9. Full Copyright Statement
"Copyright (C) The Internet Society (2000). All Rights Reserved.
This document and translations of it may be copied and furnished
to others, and derivative works that comment on or otherwise
explain it or assist in its implementation may be prepared, copied,
published and distributed, in whole or in part, without
restriction of any kind, provided that the above copyright notice
and this paragraph are included on itself, all such copies and derivative
works. However, this document itself may not be modified in any
way, such as by removing the copyright notice or references to the
Internet Society or other Internet organizations, except as needed RFCs are for the purpose of developing Internet standards in which case the
procedures
unlimited distribution.echo
Submissions for copyrights defined in the Internet Standards
process must Requests for Comments should be followed, or as required sent to translate it into
languages other than English.
The limited permissions granted above are perpetual and will not
be revoked by the Internet Society or its successors or assigns.
This document and the information contained herein is provided on
an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
RFC-EDITOR@RFC-EDITOR.ORG. Please consult RFC 2223, Instructions to RFC
Authors, for further information.