idnits 2.17.1 draft-tsirtsis-mext-binary-filters-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** The document seems to lack a License Notice according IETF Trust Provisions of 28 Dec 2009, Section 6.b.ii or Provisions of 12 Sep 2009 Section 6.b -- however, there's a paragraph with a matching beginning. Boilerplate error? (You're using the IETF Trust Provisions' Section 6.b License Notice from 12 Feb 2009 rather than one of the newer Notices. See https://trustee.ietf.org/license-info/.) Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (May 1, 2009) is 5446 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-11) exists of draft-ietf-mext-flow-binding-01 Summary: 1 error (**), 0 flaws (~~), 2 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group G. Tsirtsis 3 Internet-Draft G. Giarreta 4 Intended status: Standards Track Qualcomm 5 Expires: November 2, 2009 H. Soliman 6 Elevate Technologies 7 N. Montavont 8 IT/TB 9 May 1, 2009 11 Definition of Binary Filter Description 12 draft-tsirtsis-mext-binary-filters-00.txt 14 Status of this Memo 16 This Internet-Draft is submitted to IETF in full conformance with the 17 provisions of BCP 78 and BCP 79. 19 Internet-Drafts are working documents of the Internet Engineering 20 Task Force (IETF), its areas, and its working groups. Note that 21 other groups may also distribute working documents as Internet- 22 Drafts. 24 Internet-Drafts are draft documents valid for a maximum of six months 25 and may be updated, replaced, or obsoleted by other documents at any 26 time. It is inappropriate to use Internet-Drafts as reference 27 material or to cite them other than as "work in progress." 29 The list of current Internet-Drafts can be accessed at 30 http://www.ietf.org/ietf/1id-abstracts.txt. 32 The list of Internet-Draft Shadow Directories can be accessed at 33 http://www.ietf.org/shadow.html. 35 This Internet-Draft will expire on November 2, 2009. 37 Copyright Notice 39 Copyright (c) 2009 IETF Trust and the persons identified as the 40 document authors. All rights reserved. 42 This document is subject to BCP 78 and the IETF Trust's Legal 43 Provisions Relating to IETF Documents in effect on the date of 44 publication of this document (http://trustee.ietf.org/license-info). 45 Please review these documents carefully, as they describe your rights 46 and restrictions with respect to this document. 48 Abstract 50 This document defines binary formats for IPv4 and IPv6 flow 51 descriptors to be used in conjuction with flow bindings for Mobile 52 IPv6. 54 Table of Contents 56 1. Requirements notation . . . . . . . . . . . . . . . . . . . . 3 57 2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 58 3. Flow Description Sub-Options . . . . . . . . . . . . . . . . . 5 59 3.1. IPv4 Binary Flow Description . . . . . . . . . . . . . . . 5 60 3.2. IPv6 Binary Flow Description . . . . . . . . . . . . . . . 8 61 4. Security Considerations . . . . . . . . . . . . . . . . . . . 11 62 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 12 63 6. Aknowledgements . . . . . . . . . . . . . . . . . . . . . . . 13 64 7. Normative References . . . . . . . . . . . . . . . . . . . . . 14 65 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 15 67 1. Requirements notation 69 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 70 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 71 document are to be interpreted as described in [RFC2119]. 73 2. Introduction 75 This document defines binary formats for IPv4 and IPv6 flow 76 description sub-options as defined in [I-D.ietf-mext-flow-binding]. 78 The binary flow descriptors defined here, allow efficient flow 79 identification based on well known field in IPv4, IPv6, and transport 80 layer headers, as well as flexible identification of random fields 81 based on pointers that can identify fields of varied length and 82 location in the IP packet. In that sense, although the format is 83 binary, and thus very efficient in terms of overhead, it is also very 84 flexible. 86 3. Flow Description Sub-Options 88 [I-D.ietf-mext-flow-binding] defines the format for the Flow 89 description sub-option. 91 The following values of the sub-option Type field, are reserved in 92 this specification for binary flow descriptions 94 TBD IPv4 Binary Flow Description 96 TBD IPv6 Binary Flow Description 98 3.1. IPv4 Binary Flow Description 100 If the Type field of the Flow Description sub-option indicates an 101 IPv4 Flow then the Filter Descriptor is: 103 0 1 2 3 104 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 105 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 106 |A|B|C|D|E|F|G|H|I|K|L|R| NxPs | (A)TOS | (B)Protocol | 107 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 108 | (C)Source Address | 109 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 110 | (D)Destination Address | 111 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 112 |(E)S. PrefLeng |(F)D. PrefLeng | (G)Source port - Low | 113 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 114 | (H)Source port - High | (I)Dst port - Low | 115 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 116 | (K)Dst port - High | (L)SPI | 117 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 118 | (L)SPI | N number of Pointers ... 119 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 121 Figure 1: IPv4 Filter Descriptor 123 Flags (A-L) 125 Each flag indicates whether the corresponding field is present in 126 the message 128 (A)TOS - Type of Service 130 The TOS field in the data packet as seen by the home agent. 132 (B)Protocol 133 An 8-bit unsigned integer representing the value of the transport 134 protocol number associated with the port numbers in data packets. 136 (C)Source Address 138 This field identifies the source address of data packets as seen 139 by the home agent that is, the 32-bit IPv4 address of the 140 correspondent node. 142 (D)Destination Address 144 This field identifies the destination address of data packets as 145 seen by the home agent. When included this field must one of the 146 registered home addresses of the mobile node. It is a 32-bit IPv4 147 address. 149 (E)Source Prefix Length 151 This field includes the prefix length for the source address. 152 This field can only be included if the Source Address field is 153 included. 155 (F)Destination Prefix Length 157 This field includes the prefix length for the destination address. 158 If The Destination Address field is included then it refers to 159 that field. 161 (G)Source Port - Low 163 This field identifies the lowest source port number within a range 164 of port numbers that will be used in data packets, as seen by the 165 home agent. 167 (H)Source Port - High 169 This field identifies the highest source port number within a 170 range of port numbers that will be used in data packets, as seen 171 by the home agent. If a single port is indicated then this field 172 SHOULD NOT be included. If it is included it SHOULD be set to the 173 value of the Source Port - Low field. 175 (I)Destination Port - Low 177 This field identifies the lowest destination port number within a 178 range of port numbers that will be used in data packets as seen by 179 the home agent. 181 (K)Destination Port - High 183 This field identifies the highest destination port number within a 184 range of port numbers that will be used in data packets as seen by 185 the home agent. If a single port is indicated then this field 186 SHOULD NOT be included. If it is included it SHOULD be set to the 187 value of the Dst Port - Low field. 189 (L)SPI - Security Parameter Index 191 The SPI field in the data packet as seen by the home agent. 193 (R)Reserved 195 Reserved for future use. 197 (NxPs) 'N' Number of Pointers 199 This 3 bit field indicates an integer number identifying 'N' 200 number of pointers included at the end of the flow descriptor. 201 Each pointer has the format shown at Figure 2 203 0 1 2 3 204 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 205 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 206 | Offset | Length | 207 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 208 | Value ... 209 +-+-+-+-+-+-+-+-+-+ 211 Figure 2: Pointer 213 Offset 215 The Offset field identifies an integer number of bytes from the 216 beginning of the IP header. It points to the beginning of the 217 field of interest in the packet. 219 Length 221 The Length field identifies the total length of the Pointer 222 including the Offset, Length and Value fields. 224 Value 225 The variable length Value field identifies the value to be matched 226 at the point identified by this Pointer. The length if the Value 227 field is the length identified by the Length field minus 3 bytes 228 (for Offset and Length fields). 230 3.2. IPv6 Binary Flow Description 232 If the Type field of the Flow Identification extension indicates an 233 IPv6 Flow then the Filter Rule Descriptor is: 235 0 1 2 3 236 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 237 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 238 |A|B|C|D|E|F|G|H|I|K|L|M| NxPs | (A)CS | (B)Protocol | 239 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 240 | | 241 + + 242 | | 243 + (C)Source Address + 244 | | 245 + + 246 | | 247 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 248 | | 249 + + 250 | | 251 + (D)Destination Address + 252 | | 253 + + 254 | | 255 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 256 |(E)S. PrefLeng |(F)D. PrefLeng | (G)Source port - Low | 257 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 258 | (H)Source port - High | (I)Dst port - Low | 259 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 260 | (K)Dst port - High | (L)SPI | 261 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 262 | (L)SPI | (M)Flow Label | 263 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 264 | (M)Flow Label | 'N' Number of Pointers ... 265 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 267 Figure 3: IPv6 Filter Rule Descriptor 269 Flags (A-M) 270 Each flag indicates whether the corresponding field is present in 271 the message 273 CS - Class of Service 275 The CS field in the data packet as seen by the home agent. 277 (B)Protocol 279 An 8-bit unsigned integer representing value of the transport 280 protocol number associated with the port numbers in data packets. 282 (C)Source Address 284 This field identifies the source address of data packets as seen 285 by the home agent. That is, the address of the correspondent node 286 and it is a 128-bit IPv6 address. 288 (D)Destination Address 290 This field identifies the destination address of the data packet 291 as seen by the home agent. When included this field must be set 292 to either one of the registered home addresses of the mobile node 293 or to an address that falls under one of the mobile's home network 294 prefixes. The value of this fild is 128-bit IPv6 address. 296 (E)Source Prefix Length 298 This field includes the prefix for the source address. This field 299 can only be included if the Source Address field is included . 301 (F)Destination Prefix Length 303 This field includes the prefix for the destination address. If 304 the Destination Address field is included then it refers to that 305 field. 307 (G)Source Port - Low 309 This field identifies the lowest source port number within a range 310 of port numbers that will be used in data packets, as seen by the 311 home agent. 313 (H)Source Port - High 315 This field identifies the highest source port number within a 316 range of port numbers that will be used in data packets, as seen 317 by the home agent. If a single port is indicated then this field 318 SHOULD NOT be included. If it is included it SHOULD be set to the 319 value of the Source Port - Low field. 321 (I)Destination Port - Low 323 This field identifies the lowest destination port number within a 324 range of port numbers that will be used in data packets as seen by 325 the home agent. 327 (K)Destination Port - High 329 This field identifies the highest destination port number within a 330 range of port numbers that will be used in data packets as seen by 331 the home agent. If a single port is indicated then this field 332 SHOULD NOT be included. If it is included it SHOULD be set to the 333 value of the Dst Port - Low field. 335 (L)SPI - Security Parameter Index 337 The SPI field in the data packet as seen by the home agent. 339 (M)Flow Label 341 The Flow Label field in the data packet as seen by the home agent. 343 (NxPs) 'N' Number of Pointers 345 This 3 bit field indicates an integer number identifying 'N' 346 number of pointers included at the end of the flow descriptor. 347 Each pointer has the format shown at Figure 2 349 4. Security Considerations 351 This draft simply defines a format for a flow descriptor. This 352 foramt is to be used as part of a flow description sub-option defined 353 in the flow bindings [I-D.ietf-mext-flow-binding]. The authors have 354 not identified any security concenrs pertaining to this draft beyond 355 what is already identified in [I-D.ietf-mext-flow-binding]. 357 5. IANA Considerations 359 TBD 361 6. Aknowledgements 363 TBD 365 7. Normative References 367 [I-D.ietf-mext-flow-binding] 368 Soliman, H., Montavont, N., Fikouras, N., and K. 369 Kuladinithi, "Flow Bindings in Mobile IPv6 and Nemo Basic 370 Support", draft-ietf-mext-flow-binding-01 (work in 371 progress), February 2009. 373 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 374 Requirement Levels", BCP 14, RFC 2119, March 1997. 376 Authors' Addresses 378 George Tsirtsis 379 Qualcomm 381 Email: tsirtsis@gmail.com 383 Gerardo Giarreta 384 Qualcomm 386 Email: gerardog@qualcomm.com 388 Hesham Soliman 389 Elevate Technologies 391 Email: hesham@elevatemobile.com 393 Nicolas Montavont 394 Institut Telecom / Telecom Bretagne 395 2, rue de la chataigneraie 396 Cesson Sevigne 35576 397 France 399 Phone: (+33) 2 99 12 70 23 400 Email: nicolas.montavont@telecom-bretagne.eu 401 URI: http://www.rennes.enst-bretagne.fr/~nmontavo//