Internet Engineering Task Force (IETF) M. Boucadair Request for Comments: 7488 France Telecom Updates: 6887 R. Penno Category: Standards Track D. Wing ISSN: 2070-1721 P. Patil T. Reddy Cisco March 2015
Internet Engineering Task Force (IETF) M. Boucadair Request for Comments: 7488 France Telecom Updates: 6887 R. Penno Category: Standards Track D. Wing ISSN: 2070-1721 P. Patil T. Reddy Cisco March 2015
Port Control Protocol (PCP) Server Selection
端口控制协议(PCP)服务器选择
Abstract
摘要
This document specifies the behavior to be followed by a Port Control Protocol (PCP) client to contact its PCP server(s) when one or several PCP server IP addresses are configured.
本文档指定配置一个或多个PCP服务器IP地址时,端口控制协议(PCP)客户端联系其PCP服务器所遵循的行为。
This document updates RFC 6887.
本文件更新了RFC 6887。
Status of This Memo
关于下段备忘
This is an Internet Standards Track document.
这是一份互联网标准跟踪文件。
This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 5741.
本文件是互联网工程任务组(IETF)的产品。它代表了IETF社区的共识。它已经接受了公众审查,并已被互联网工程指导小组(IESG)批准出版。有关互联网标准的更多信息,请参见RFC 5741第2节。
Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc7488.
有关本文件当前状态、任何勘误表以及如何提供反馈的信息,请访问http://www.rfc-editor.org/info/rfc7488.
Copyright Notice
版权公告
Copyright (c) 2015 IETF Trust and the persons identified as the document authors. All rights reserved.
版权所有(c)2015 IETF信托基金和确定为文件作者的人员。版权所有。
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
本文件受BCP 78和IETF信托有关IETF文件的法律规定的约束(http://trustee.ietf.org/license-info)自本文件出版之日起生效。请仔细阅读这些文件,因为它们描述了您对本文件的权利和限制。从本文件中提取的代码组件必须包括信托法律条款第4.e节中所述的简化BSD许可证文本,并提供简化BSD许可证中所述的无担保。
Table of Contents
目录
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 2. Terminology and Conventions . . . . . . . . . . . . . . . . . 3 2.1. Requirements Language . . . . . . . . . . . . . . . . . . 3 2.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 3. IP Address Selection: PCP Server with Multiple IP Addresses . 3 4. IP Address Selection: Multiple PCP Servers . . . . . . . . . 4 5. Example: Multiple PCP Servers on a Single Interface . . . . . 5 6. Security Considerations . . . . . . . . . . . . . . . . . . . 7 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 7 7.1. Normative References . . . . . . . . . . . . . . . . . . 7 7.2. Informative References . . . . . . . . . . . . . . . . . 8 Appendix A. Multihoming . . . . . . . . . . . . . . . . . . . . 9 A.1. IPv6 Multihoming . . . . . . . . . . . . . . . . . . . . 9 A.2. IPv4 Multihoming . . . . . . . . . . . . . . . . . . . . 10 Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 11 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 12
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 2. Terminology and Conventions . . . . . . . . . . . . . . . . . 3 2.1. Requirements Language . . . . . . . . . . . . . . . . . . 3 2.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 3. IP Address Selection: PCP Server with Multiple IP Addresses . 3 4. IP Address Selection: Multiple PCP Servers . . . . . . . . . 4 5. Example: Multiple PCP Servers on a Single Interface . . . . . 5 6. Security Considerations . . . . . . . . . . . . . . . . . . . 7 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 7 7.1. Normative References . . . . . . . . . . . . . . . . . . 7 7.2. Informative References . . . . . . . . . . . . . . . . . 8 Appendix A. Multihoming . . . . . . . . . . . . . . . . . . . . 9 A.1. IPv6 Multihoming . . . . . . . . . . . . . . . . . . . . 9 A.2. IPv4 Multihoming . . . . . . . . . . . . . . . . . . . . 10 Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 11 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 12
A host may have multiple network interfaces (e.g., 3G, IEEE 802.11, etc.), each configured with different PCP servers. Each PCP server learned must be associated with the interface on which it was learned. Generic multi-interface considerations are documented in Section 8.4 of [RFC6887]. Multiple PCP server IP addresses may be configured on a PCP client in some deployment contexts such as multihoming (see Appendix A). A PCP server may also have multiple IP addresses associated with it. It is out of the scope of this document to enumerate all deployment scenarios that require multiple PCP server IP addresses to be configured.
主机可具有多个网络接口(例如,3G、IEEE 802.11等),每个网络接口配置有不同的PCP服务器。每个读入的PCP服务器必须与读入它的接口相关联。通用多接口注意事项记录在[RFC6887]第8.4节中。在某些部署上下文中,例如多主(multihoming),可以在PCP客户端上配置多个PCP服务器IP地址(请参见附录a)。PCP服务器也可能有多个与其关联的IP地址。枚举需要配置多个PCP服务器IP地址的所有部署方案超出了本文档的范围。
If a PCP client discovers multiple PCP server IP addresses, it needs to determine which actions it needs to undertake (e.g., whether PCP entries are to be installed in all or a subset of discovered IP addresses, whether some PCP entries are to be removed, etc.). This document makes the following assumptions:
如果PCP客户端发现多个PCP服务器IP地址,则需要确定需要执行哪些操作(例如,是否在所有或部分发现的IP地址中安装PCP条目,是否删除某些PCP条目等)。本文件作出以下假设:
o There is no requirement that multiple PCP servers configured on the same interface have the same capabilities.
o 不要求在同一接口上配置的多个PCP服务器具有相同的功能。
o PCP requests to different PCP servers are independent, the result of a PCP request to one PCP server does not influence another.
o 对不同PCP服务器的PCP请求是独立的,对一个PCP服务器的PCP请求的结果不会影响另一个PCP服务器。
o The configuration mechanism must distinguish IP addresses that belong to the same PCP server.
o 配置机制必须区分属于同一PCP服务器的IP地址。
This document specifies the behavior to be followed by a PCP client [RFC6887] to contact its PCP server(s) [RFC6887] when it is configured with one or several PCP server IP addresses (e.g., using DHCP [RFC7291]). This document does not make any assumption on the type of these IP addresses (i.e., unicast/anycast).
本文档规定了PCP客户端[RFC6887]在配置一个或多个PCP服务器IP地址(例如,使用DHCP[RFC7291])时联系其PCP服务器[RFC6887]所遵循的行为。本文档不对这些IP地址的类型(即单播/选播)进行任何假设。
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119].
本文件中的关键词“必须”、“不得”、“要求”、“应”、“不应”、“应”、“不应”、“建议”、“可”和“可选”应按照RFC 2119[RFC2119]中所述进行解释。
o PCP client: denotes a PCP software instance responsible for issuing PCP requests to a PCP server. Refer to [RFC6887].
o PCP客户端:表示负责向PCP服务器发出PCP请求的PCP软件实例。请参阅[RFC6887]。
o PCP server: denotes a software instance that receives and processes PCP requests from a PCP client. A PCP server can be co-located with or be separated from the function it controls (e.g., Network Address Translation (NAT) or firewall). Refer to [RFC6887].
o PCP服务器:表示从PCP客户端接收和处理PCP请求的软件实例。PCP服务器可以与其控制的功能(例如,网络地址转换(NAT)或防火墙)共存或分离。请参阅[RFC6887]。
This section describes the behavior a PCP client follows to contact its PCP server when the PCP client has multiple IP addresses for a single PCP server.
本节描述当PCP客户端具有单个PCP服务器的多个IP地址时,PCP客户端联系其PCP服务器所遵循的行为。
1. A PCP client should construct a set of candidate source addresses (see Section 4 of [RFC6724]) based on application input and PCP [RFC6887] constraints. For example, when sending a PEER or a MAP with a FILTER request for an existing TCP connection, the only candidate source address is the source address used for the existing TCP connection. But when sending a MAP request for a service that will accept incoming connections, the candidate source addresses may be all of the node's IP addresses or some subset of IP addresses on which the service is configured to listen.
1. PCP客户机应根据应用程序输入和PCP[RFC6887]约束构造一组候选源地址(见[RFC6724]第4节)。例如,当为现有TCP连接发送带有筛选器请求的对等或映射时,唯一的候选源地址是用于现有TCP连接的源地址。但是,当发送将接受传入连接的服务的映射请求时,候选源地址可能是节点的所有IP地址或服务配置为侦听的IP地址的某个子集。
2. The PCP client then sorts the PCP server IP addresses as per Section 6 of [RFC6724] using the candidate source addresses selected in the previous step as input to the destination address selection algorithm.
2. 然后,PCP客户端根据[RFC6724]第6节,使用在上一步中选择的候选源地址作为目标地址选择算法的输入,对PCP服务器IP地址进行排序。
3. The PCP client initializes its Maximum Retransmission Count (MRC) to 4.
3. PCP客户端将其最大重传计数(MRC)初始化为4。
4. The PCP client sends its PCP messages following the retransmission procedure specified in Section 8.1.1 of [RFC6887]. If no response is received after MRC attempts, the PCP client retries the procedure with the next IP address in the sorted list.
4. PCP客户端按照[RFC6887]第8.1.1节规定的重传程序发送其PCP消息。如果MRC尝试后未收到响应,PCP客户端将使用排序列表中的下一个IP地址重试该过程。
The PCP client may receive a response from an IP address after exhausting MRC attempts for that particular IP address. The PCP client SHOULD ignore such a response because receiving a delayed response after exhausting four retransmissions sent with exponentially increasing intervals is an indication that problems are to be encountered in the corresponding forwarding path and/or when processing subsequent requests by that PCP server instance.
PCP客户端可以在用尽针对特定IP地址的MRC尝试之后从该IP地址接收响应。PCP客户端应该忽略这样的响应,因为在以指数级增加的间隔发送的四次重传耗尽之后接收到延迟响应表示在相应的转发路径和/或在处理该PCP服务器实例的后续请求时将遇到问题。
If, when sending PCP requests, the PCP client receives a hard ICMP error [RFC1122], it MUST immediately try the next IP address from the list of PCP server IP addresses.
如果在发送PCP请求时,PCP客户端收到硬ICMP错误[RFC1122],它必须立即尝试PCP服务器IP地址列表中的下一个IP地址。
5. If the PCP client has exhausted all IP addresses configured for a given PCP server, the procedure SHOULD be repeated every 15 minutes until the PCP request is successfully answered.
5. 如果PCP客户端已耗尽为给定PCP服务器配置的所有IP地址,则该过程应每15分钟重复一次,直到成功响应PCP请求。
6. Once the PCP client has successfully received a response from a PCP server's IP address, all subsequent PCP requests to that PCP server are sent on the same IP address until that IP address becomes unresponsive. In case the IP address becomes unresponsive, the PCP client clears the cache of sorted destination addresses and follows the steps described above to contact the PCP server again.
6. 一旦PCP客户端成功接收到来自PCP服务器IP地址的响应,所有随后发送到该PCP服务器的PCP请求都将在同一IP地址上发送,直到该IP地址变得无响应为止。如果IP地址没有响应,PCP客户端将清除已排序目标地址的缓存,并按照上述步骤再次联系PCP服务器。
For efficiency, the PCP client SHOULD use the same Mapping Nonce for requests sent to all IP addresses belonging to the same PCP server. As a reminder, nonce validation checks are performed when operating in the Simple Threat Model (see Section 18.1 of [RFC6887]) to defend against some off-path attacks.
为了提高效率,PCP客户端应该对发送到属于同一PCP服务器的所有IP地址的请求使用相同的映射Nonce。作为提醒,在简单威胁模型(见[RFC6887]第18.1节)中操作时,会执行非有效性验证检查,以抵御某些非路径攻击。
This section describes the behavior a PCP client follows to contact multiple PCP servers, with each PCP server reachable on a list of IP addresses. There is no requirement that these multiple PCP servers have the same capabilities.
本节描述PCP客户端联系多个PCP服务器时所遵循的行为,每个PCP服务器都可以通过IP地址列表访问。不要求这些多个PCP服务器具有相同的功能。
Note that how PCP clients are configured to separate lists of IP addresses of each PCP server is implementation specific and deployment specific. For example, a PCP client can be configured using DHCP with multiple lists of PCP server IP addresses; each list is referring to a distinct PCP server [RFC7291].
请注意,如何将PCP客户端配置为分离每个PCP服务器的IP地址列表是特定于实现和部署的。例如,可以使用具有多个PCP服务器IP地址列表的DHCP配置PCP客户端;每个列表都指向一个不同的PCP服务器[RFC7291]。
If several PCP servers are configured, each with multiple IP addresses, the PCP client contacts all PCP servers using the procedure described in Section 3.
如果配置了多个PCP服务器,每个服务器都有多个IP地址,则PCP客户端将使用第3节中描述的过程联系所有PCP服务器。
As specified in Sections 11.2 and 12.2 of [RFC6887], the PCP client must use a different Mapping Nonce for each PCP server with which it communicates.
如[RFC6887]第11.2节和第12.2节所述,PCP客户端必须为与其通信的每个PCP服务器使用不同的映射Nonce。
If the PCP client is configured, using some means, with the capabilities of each PCP server, a PCP client may choose to contact all PCP servers simultaneously or iterate through them with a delay.
如果使用某些方法配置PCP客户机,并使用每个PCP服务器的功能,则PCP客户机可以选择同时联系所有PCP服务器或延迟地迭代它们。
This procedure may result in a PCP client instantiating multiple mappings maintained by distinct PCP servers. The decision to use all these mappings or delete some of them depends on the purpose of the PCP request. For example, if the PCP servers are configuring firewall (not NAT) functionality, then the client would, by default (i.e., unless it knows that they all replicate state among them), need to use all the PCP servers.
此过程可能导致PCP客户端实例化由不同PCP服务器维护的多个映射。使用所有这些映射或删除其中一些映射的决定取决于PCP请求的目的。例如,如果PCP服务器正在配置防火墙(而非NAT)功能,则客户端在默认情况下(即,除非它知道它们都在其中复制状态),需要使用所有PCP服务器。
Figure 1 depicts an example that is used to illustrate the server selection procedure specified in Sections 3 and 4. In this example, PCP servers (A and B) are co-located with edge routers (rtr1 and rtr2) with each PCP server controlling its own device.
图1描述了用于说明第3节和第4节中指定的服务器选择过程的示例。在此示例中,PCP服务器(A和B)与边缘路由器(rtr1和rtr2)位于同一位置,每个PCP服务器控制自己的设备。
ISP Network | | ......................................................... | | Subscriber Network +----------+-----+ +-----+----------+ | PCP-Server-A | | PCP-Server-B | | (rtr1) | | (rtr2) | +-------+--------+ +--+-------------+ 192.0.2.1 | | 198.51.100.1 2001:db8:1111::1 | | 2001:db8:2222::1 | | | | -------+-------+------+----------- | | 203.0.113.0 | 2001:db8:3333::1 +---+---+ | Host | +-------+
ISP Network | | ......................................................... | | Subscriber Network +----------+-----+ +-----+----------+ | PCP-Server-A | | PCP-Server-B | | (rtr1) | | (rtr2) | +-------+--------+ +--+-------------+ 192.0.2.1 | | 198.51.100.1 2001:db8:1111::1 | | 2001:db8:2222::1 | | | | -------+-------+------+----------- | | 203.0.113.0 | 2001:db8:3333::1 +---+---+ | Host | +-------+
Edge Routers (rtr1, rtr2)
边缘路由器(rtr1、rtr2)
Figure 1: Single Uplink, Multiple PCP Servers
图1:单上行链路、多个PCP服务器
The example describes behavior when a single IP address for one PCP server is not responsive. The PCP client is configured with two PCP servers for the same interface, PCP-Server-A and PCP-Server-B, each of which have two IP addresses: an IPv4 address and an IPv6 address. The PCP client wants an IPv4 mapping, so it orders the addresses as follows:
该示例描述了一台PCP服务器的单个IP地址没有响应时的行为。PCP客户端为同一接口配置了两个PCP服务器,即PCP-Server-A和PCP-Server-B,每个服务器都有两个IP地址:IPv4地址和IPv6地址。PCP客户端需要IPv4映射,因此其地址顺序如下:
o PCP-Server-A:
o PCP-Server-A:
* 192.0.2.1
* 192.0.2.1
* 2001:db8:1111::1
* 2001:db8:1111::1
o PCP-Server-B:
o PCP-Server-B:
* 198.51.100.1
* 198.51.100.1
* 2001:db8:2222::1
* 2001:db8:2222::1
Suppose that:
假设:
o The path to reach 192.0.2.1 is broken
o 达到192.0.2.1的路径被中断
o The path to reach 2001:db8:1111::1 is working
o 到达2001:db8:1111::1的路径正在运行
o The path to reach 198.51.100.1 is working
o 达到198.51.100.1的路径正在运行
o The path to reach 2001:db8:2222::1 is working
o 到达2001:db8:2222::1的路径正在运行
It sends two PCP requests at the same time, the first to 192.0.2.1 (corresponding to PCP-Server-A) and the second to 198.51.100.1 (corresponding to PCP-Server-B). The path to 198.51.100.1 is working, so a PCP response is received. Because the path to 192.0.2.1 is broken, no PCP response is received. The PCP client retries four times to elicit a response from 192.0.2.1 and finally gives up on that address and sends a PCP message to 2001::db8:1111:1. That path is working, and a response is received. Thereafter, the PCP client should continue using that responsive IP address for PCP-Server-A (2001:db8:1111::1). In this particular case, it will have to use the THIRD_PARTY option for IPv4 mappings.
它同时发送两个PCP请求,第一个到192.0.2.1(对应于PCP-Server-A),第二个到198.51.100.1(对应于PCP-Server-B)。198.51.100.1的路径正在运行,因此收到PCP响应。由于到192.0.2.1的路径已断开,因此未收到PCP响应。PCP客户端重试四次,从192.0.2.1中获取响应,最后放弃该地址,并向2001::db8:1111:1发送PCP消息。该路径正在工作,并收到响应。此后,PCP客户端应该继续为PCP-Server-A(2001:db8:1111::1)使用该响应IP地址。在这种特殊情况下,它必须为IPv4映射使用第三方选项。
PCP-related security considerations are discussed in [RFC6887].
[RFC6887]中讨论了PCP相关的安全注意事项。
This document does not specify how PCP server addresses are provisioned on the PCP client. It is the responsibility of PCP server provisioning document(s) to elaborate on security considerations to discover legitimate PCP servers.
本文档未指定如何在PCP客户端上设置PCP服务器地址。PCP服务器配置文档负责详细说明发现合法PCP服务器的安全注意事项。
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997, <http://www.rfc-editor.org/info/rfc2119>.
[RFC2119]Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,1997年3月<http://www.rfc-editor.org/info/rfc2119>.
[RFC6724] Thaler, D., Ed., Draves, R., Matsumoto, A., and T. Chown, "Default Address Selection for Internet Protocol Version 6 (IPv6)", RFC 6724, September 2012, <http://www.rfc-editor.org/info/rfc6724>.
[RFC6724]Thaler,D.,Ed.,Draves,R.,Matsumoto,A.,和T.Chown,“互联网协议版本6(IPv6)的默认地址选择”,RFC 67242012年9月<http://www.rfc-editor.org/info/rfc6724>.
[RFC6887] Wing, D., Ed., Cheshire, S., Boucadair, M., Penno, R., and P. Selkirk, "Port Control Protocol (PCP)", RFC 6887, April 2013, <http://www.rfc-editor.org/info/rfc6887>.
[RFC6887]Wing,D.,Ed.,Cheshire,S.,Boucadair,M.,Penno,R.,和P.Selkirk,“港口控制协议(PCP)”,RFC 6887,2013年4月<http://www.rfc-editor.org/info/rfc6887>.
[RFC1122] Braden, R., Ed., "Requirements for Internet Hosts - Communication Layers", STD 3, RFC 1122, October 1989, <http://www.rfc-editor.org/info/rfc1122>.
[RFC1122]Braden,R.,Ed.“互联网主机的要求-通信层”,STD 3,RFC 1122,1989年10月<http://www.rfc-editor.org/info/rfc1122>.
[RFC4116] Abley, J., Lindqvist, K., Davies, E., Black, B., and V. Gill, "IPv4 Multihoming Practices and Limitations", RFC 4116, July 2005, <http://www.rfc-editor.org/info/rfc4116>.
[RFC4116]Abley,J.,Lindqvist,K.,Davies,E.,Black,B.,和V.Gill,“IPv4多宿主实践和限制”,RFC 41162005年7月<http://www.rfc-editor.org/info/rfc4116>.
[RFC7291] Boucadair, M., Penno, R., and D. Wing, "DHCP Options for the Port Control Protocol (PCP)", RFC 7291, July 2014, <http://www.rfc-editor.org/info/rfc7291>.
[RFC7291]Boucadair,M.,Penno,R.,和D.Wing,“端口控制协议(PCP)的DHCP选项”,RFC 72912014年7月<http://www.rfc-editor.org/info/rfc7291>.
The main problem of a PCP multihoming situation can be succinctly described as "one PCP client, multiple PCP servers." As described in Section 3, if a PCP client discovers multiple PCP servers, it should send requests to all of them with assumptions described in Section 1.
PCP多主情况的主要问题可以简明扼要地描述为“一个PCP客户端,多个PCP服务器”。如第3节所述,如果PCP客户端发现多个PCP服务器,它应根据第1节所述的假设向所有PCP服务器发送请求。
The following sub-sections describe multihoming examples to illustrate the PCP client behavior.
以下小节描述了多宿主示例,以说明PCP客户端行为。
In this example of an IPv6 multihomed network, two or more routers co-located with firewalls are present on a single link shared with the host(s). Each router is, in turn, connected to a different service provider network, and the host in this environment would be offered multiple prefixes and advertised multiple DNS servers. Consider a scenario in which firewalls within an IPv6 multihoming environment also implement a PCP server. The PCP client learns the available PCP servers using DHCP [RFC7291] or any other provisioning mechanism. In reference to Figure 2, a typical model is to embed DHCP servers in rtr1 and rtr2. A host located behind rtr1 and rtr2 can contact these two DHCP servers and retrieve from each server the IP address(es) of the corresponding PCP server.
在IPv6多宿主网络的示例中,与主机共享的单个链路上存在两个或多个与防火墙位于同一位置的路由器。每个路由器依次连接到不同的服务提供商网络,并且此环境中的主机将被提供多个前缀和多个DNS服务器。考虑一种场景,其中IPv6多宿主环境中的防火墙也实现PCP服务器。PCP客户端使用DHCP[RFC7291]或任何其他配置机制学习可用的PCP服务器。参考图2,典型的模型是在rtr1和rtr2中嵌入DHCP服务器。位于rtr1和rtr2后面的主机可以联系这两个DHCP服务器,并从每个服务器检索相应PCP服务器的IP地址。
The PCP client will send PCP requests in parallel to each of the PCP servers.
PCP客户端将向每个PCP服务器并行发送PCP请求。
================== | Internet | ================== | | | | +----+-+ +-+----+ | ISP1 | | ISP2 | +----+-+ +-+----+ ISP Network | | ......................................................... | | | | Subscriber Network +-------+---+ +----+------+ | rtr1 with | | rtr2 with | | FW1 | | FW2 | +-------+---+ +----+------+ | | | | -------+----------+------ | +---+---+ | Host | +-------+
================== | Internet | ================== | | | | +----+-+ +-+----+ | ISP1 | | ISP2 | +----+-+ +-+----+ ISP Network | | ......................................................... | | | | Subscriber Network +-------+---+ +----+------+ | rtr1 with | | rtr2 with | | FW1 | | FW2 | +-------+---+ +----+------+ | | | | -------+----------+------ | +---+---+ | Host | +-------+
Figure 2: IPv6 Multihoming
图2:IPv6多宿主
In this example of an IPv4 multihomed network described in "NAT- or RFC2260-based Multihoming" (Section 3.3 of [RFC4116]), the gateway router is connected to different service provider networks. This method uses Provider-Aggregatable (PA) addresses assigned by each transit provider to which the site is connected. The site uses NAT to translate the various provider addresses into a single set of private-use addresses within the site. In such a case, two PCP servers might have to be present to configure NAT to each of the transit providers. The PCP client learns the available PCP servers using DHCP [RFC7291] or any other provisioning mechanism. In reference to Figure 3, a typical model is to embed the DHCP server and the PCP servers in rtr1. A host located behind rtr1 can contact the DHCP server to obtain IP addresses of the PCP servers. The PCP client will send PCP requests in parallel to each of the PCP servers.
在“基于NAT或RFC2260的多宿”(RFC4116第3.3节)中描述的IPv4多宿网络示例中,网关路由器连接到不同的服务提供商网络。此方法使用站点所连接的每个运输提供商分配的提供商可聚合(PA)地址。站点使用NAT将各种提供者地址转换为站点内的一组专用地址。在这种情况下,可能必须有两台PCP服务器来为每个传输提供商配置NAT。PCP客户端使用DHCP[RFC7291]或任何其他配置机制学习可用的PCP服务器。参考图3,典型的模型是在rtr1中嵌入DHCP服务器和PCP服务器。位于rtr1后面的主机可以联系DHCP服务器以获取PCP服务器的IP地址。PCP客户端将向每个PCP服务器并行发送PCP请求。
===================== | Internet | ===================== | | | | +----+--------+ +-+------------+ | ISP1 | | ISP2 | | | | | +----+--------+ +-+------------+ ISP Network | | | | .............................................................. | | | Port1 | Port2 Subscriber Network | | +----+--------------+----+ |rtr1: NAT & PCP servers | | GW Router | +----+-------------------+ | | | -----+-------------- | +-+-----+ | Host | (private address space) +-------+
===================== | Internet | ===================== | | | | +----+--------+ +-+------------+ | ISP1 | | ISP2 | | | | | +----+--------+ +-+------------+ ISP Network | | | | .............................................................. | | | Port1 | Port2 Subscriber Network | | +----+--------------+----+ |rtr1: NAT & PCP servers | | GW Router | +----+-------------------+ | | | -----+-------------- | +-+-----+ | Host | (private address space) +-------+
Figure 3: IPv4 Multihoming
图3:IPv4多主
Acknowledgements
致谢
Many thanks to Dave Thaler, Simon Perreault, Hassnaa Moustafa, Ted Lemon, Chris Inacio, and Brian Haberman for their reviews and comments.
非常感谢Dave Thaler、Simon Perreault、Hasnaa Moustafa、Ted Lemon、Chris Inacio和Brian Haberman的评论和评论。
Authors' Addresses
作者地址
Mohamed Boucadair France Telecom Rennes 35000 France
穆罕默德·布卡达尔法国电信雷恩35000法国
EMail: mohamed.boucadair@orange.com
EMail: mohamed.boucadair@orange.com
Reinaldo Penno Cisco Systems, Inc. United States
美国雷纳尔多·佩诺思科系统公司
EMail: repenno@cisco.com
EMail: repenno@cisco.com
Dan Wing Cisco Systems, Inc. 170 West Tasman Drive San Jose, California 95134 United States
Dan Wing Cisco Systems,Inc.美国加利福尼亚州圣何塞市西塔斯曼大道170号,邮编95134
EMail: dwing@cisco.com
EMail: dwing@cisco.com
Prashanth Patil Cisco Systems, Inc. Bangalore India
印度班加罗尔Prashanth Patil思科系统公司
EMail: praspati@cisco.com
EMail: praspati@cisco.com
Tirumaleswar Reddy Cisco Systems, Inc. Cessna Business Park, Varthur Hobli Sarjapur Marathalli Outer Ring Road Bangalore, Karnataka 560103 India
Tirumaleswar Reddy Cisco Systems,Inc.印度卡纳塔克邦班加罗尔外环路瓦图尔霍布里萨贾普尔马拉塔利塞斯纳商业园560103
EMail: tireddy@cisco.com
EMail: tireddy@cisco.com