Internet Engineering Task Force (IETF) C. Shao Request for Comments: 7494 H. Deng Category: Standards Track China Mobile ISSN: 2070-1721 R. Pazhyannur Cisco Systems F. Bari AT&T R. Zhang China Telecom S. Matsushima SoftBank Telecom April 2015
Internet Engineering Task Force (IETF) C. Shao Request for Comments: 7494 H. Deng Category: Standards Track China Mobile ISSN: 2070-1721 R. Pazhyannur Cisco Systems F. Bari AT&T R. Zhang China Telecom S. Matsushima SoftBank Telecom April 2015
IEEE 802.11 Medium Access Control (MAC) Profile for Control and Provisioning of Wireless Access Points (CAPWAP)
IEEE 802.11无线接入点(CAPWAP)控制和配置的媒体访问控制(MAC)配置文件
Abstract
摘要
The Control and Provisioning of Wireless Access Points (CAPWAP) protocol binding for IEEE 802.11 defines two Medium Access Control (MAC) modes for IEEE 802.11 Wireless Transmission Points (WTPs): Split and Local MAC. In the Split MAC mode, the partitioning of encryption/decryption functions is not clearly defined. In the Split MAC mode description, IEEE 802.11 encryption is specified as located in either the Access Controller (AC) or the WTP, with no clear way for the AC to inform the WTP of where the encryption functionality should be located. This leads to interoperability issues, especially when the AC and WTP come from different vendors. To prevent interoperability issues, this specification defines an IEEE 802.11 MAC Profile message element in which each profile specifies an unambiguous division of encryption functionality between the WTP and AC.
IEEE 802.11无线接入点(CAPWAP)协议绑定的控制和配置为IEEE 802.11无线传输点(WTP)定义了两种媒体访问控制(MAC)模式:拆分和本地MAC。在分割MAC模式下,加密/解密功能的分区没有明确定义。在分割MAC模式描述中,IEEE 802.11加密被指定为位于接入控制器(AC)或WTP中,AC没有明确的方式通知WTP加密功能应位于何处。这会导致互操作性问题,尤其是当AC和WTP来自不同的供应商时。为了防止互操作性问题,本规范定义了IEEE 802.11 MAC配置文件消息元素,其中每个配置文件指定了WTP和AC之间加密功能的明确划分。
Status of This Memo
关于下段备忘
This is an Internet Standards Track document.
这是一份互联网标准跟踪文件。
This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 5741.
本文件是互联网工程任务组(IETF)的产品。它代表了IETF社区的共识。它已经接受了公众审查,并已被互联网工程指导小组(IESG)批准出版。有关互联网标准的更多信息,请参见RFC 5741第2节。
Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc7494.
有关本文件当前状态、任何勘误表以及如何提供反馈的信息,请访问http://www.rfc-editor.org/info/rfc7494.
Copyright Notice
版权公告
Copyright (c) 2015 IETF Trust and the persons identified as the document authors. All rights reserved.
版权所有(c)2015 IETF信托基金和确定为文件作者的人员。版权所有。
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
本文件受BCP 78和IETF信托有关IETF文件的法律规定的约束(http://trustee.ietf.org/license-info)自本文件出版之日起生效。请仔细阅读这些文件,因为它们描述了您对本文件的权利和限制。从本文件中提取的代码组件必须包括信托法律条款第4.e节中所述的简化BSD许可证文本,并提供简化BSD许可证中所述的无担保。
Table of Contents
目录
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 2. IEEE MAC Profile Descriptions . . . . . . . . . . . . . . . . 5 2.1. Split MAC with WTP Encryption . . . . . . . . . . . . . . 5 2.2. Split MAC with AC Encryption . . . . . . . . . . . . . . 6 2.3. IEEE 802.11 MAC Profile Frame Exchange . . . . . . . . . 8 3. MAC Profile Message Element Definitions . . . . . . . . . . . 8 3.1. IEEE 802.11 Supported MAC Profiles . . . . . . . . . . . 8 3.2. IEEE 802.11 MAC Profile . . . . . . . . . . . . . . . . . 9 4. Security Considerations . . . . . . . . . . . . . . . . . . . 9 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10 6. References . . . . . . . . . . . . . . . . . . . . . . . . . 11 6.1. Normative References . . . . . . . . . . . . . . . . . . 11 6.2. Informative References . . . . . . . . . . . . . . . . . 11 Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 12 Contributors . . . . . . . . . . . . . . . . . . . . . . . . . . 12 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 12
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 2. IEEE MAC Profile Descriptions . . . . . . . . . . . . . . . . 5 2.1. Split MAC with WTP Encryption . . . . . . . . . . . . . . 5 2.2. Split MAC with AC Encryption . . . . . . . . . . . . . . 6 2.3. IEEE 802.11 MAC Profile Frame Exchange . . . . . . . . . 8 3. MAC Profile Message Element Definitions . . . . . . . . . . . 8 3.1. IEEE 802.11 Supported MAC Profiles . . . . . . . . . . . 8 3.2. IEEE 802.11 MAC Profile . . . . . . . . . . . . . . . . . 9 4. Security Considerations . . . . . . . . . . . . . . . . . . . 9 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10 6. References . . . . . . . . . . . . . . . . . . . . . . . . . 11 6.1. Normative References . . . . . . . . . . . . . . . . . . 11 6.2. Informative References . . . . . . . . . . . . . . . . . 11 Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 12 Contributors . . . . . . . . . . . . . . . . . . . . . . . . . . 12 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 12
The CAPWAP protocol supports two MAC modes of operation: Split and Local MAC, as described in [RFC5415] and [RFC5416]. However, there are MAC functions that have not been clearly defined. For example, IEEE 802.11 [IEEE.802.11] encryption is specified as located in either the AC or the WTP with no clear way to negotiate where it should be located. Because different vendors have different definitions of the MAC mode, many MAC-layer functions are mapped differently to either the WTP or the AC by different vendors. Therefore, depending upon the vendor, the operators in their deployments have to perform different configurations based on implementation of the two modes by their vendor. If there is no clear specification, then operators will experience interoperability issues with WTPs and ACs from different vendors.
CAPWAP协议支持两种MAC操作模式:拆分和本地MAC,如[RFC5415]和[RFC5416]所述。但是,有些MAC功能尚未明确定义。例如,IEEE 802.11[IEEE.802.11]加密被指定为位于AC或WTP中,没有明确的方式协商其应位于何处。由于不同的供应商对MAC模式有不同的定义,许多MAC层功能由不同的供应商以不同的方式映射到WTP或AC。因此,根据供应商的不同,其部署中的运营商必须根据其供应商对这两种模式的实施情况执行不同的配置。如果没有明确的规范,那么运营商将遇到来自不同供应商的WTP和ACs的互操作性问题。
Figure 1 from [RFC5416] illustrates how some functions are processed in different places in the Local MAC and Split MAC mode. Specifically, note that in the Split MAC mode, the IEEE 802.11 encryption/decryption is specified as WTP/AC, implying that it could be at either location. This is not an issue with Local MAC because encryption is always at the WTP.
[RFC5416]中的图1说明了在本地MAC和拆分MAC模式下,一些函数是如何在不同位置处理的。具体地说,请注意,在分割MAC模式中,IEEE 802.11加密/解密被指定为WTP/AC,这意味着它可以位于任意位置。这不是本地MAC的问题,因为加密始终在WTP。
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Functions | Local MAC | Split MAC | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Distribution Service | WTP/AC | AC | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Integration Service | WTP | AC | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Beacon Generation | WTP | WTP | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Probe Response Generation| WTP | WTP | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Function |Power Mgmt/ | WTP | WTP | + |Packet Buffering | | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Fragmentation/ | WTP | WTP/AC | + |Defragmentation | | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Assoc/Disassoc/Reassoc | WTP/AC | AC | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Classifying | WTP | AC | + IEEE +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 802.11 QoS |Scheduling | WTP | WTP/AC | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Queuing | WTP | WTP | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |IEEE 802.1X/EAP | AC | AC | + IEEE +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 802.11 RSN |RSNA Key Management | AC | AC | + (WPA2) +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |IEEE 802.11 | WTP | WTP/AC | + |Encryption/Decryption | | | |-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Functions | Local MAC | Split MAC | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Distribution Service | WTP/AC | AC | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Integration Service | WTP | AC | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Beacon Generation | WTP | WTP | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Probe Response Generation| WTP | WTP | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Function |Power Mgmt/ | WTP | WTP | + |Packet Buffering | | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Fragmentation/ | WTP | WTP/AC | + |Defragmentation | | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Assoc/Disassoc/Reassoc | WTP/AC | AC | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Classifying | WTP | AC | + IEEE +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 802.11 QoS |Scheduling | WTP | WTP/AC | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Queuing | WTP | WTP | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |IEEE 802.1X/EAP | AC | AC | + IEEE +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 802.11 RSN |RSNA Key Management | AC | AC | + (WPA2) +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |IEEE 802.11 | WTP | WTP/AC | + |Encryption/Decryption | | | |-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Note: RSN - Robust Security Network RSNA - Robust Security Network Association WPA2 - Wi-Fi Protected Access 2
注:RSN-强健安全网络RSNA-强健安全网络协会WPA2-Wi-Fi保护访问2
Figure 1: Functions in Local MAC and Split MAC
图1:本地MAC和拆分MAC中的功能
To solve this problem, this specification introduces the IEEE 802.11 MAC Profile. The IEEE 802.11 MAC Profile unambiguously specifies where the various MAC functionalities should be located.
为了解决这个问题,本规范引入了IEEE 802.11 MAC配置文件。IEEE 802.11 MAC配置文件明确规定了各种MAC功能的位置。
A IEEE 802.11 MAC Profile refers to a description of how the MAC functionality is split between the WTP and AC shown in Figure 1.
IEEE 802.11 MAC配置文件是指图1所示的WTP和AC之间MAC功能如何划分的描述。
The functional split for the Split MAC with WTP encryption is provided in Figure 2. This profile is similar to the Split MAC description in [RFC5416], except that IEEE 802.11 encryption/ decryption is at the WTP. Note that fragmentation is always done at the same entity as the encryption. Consequently, in this profile fragmentation/defragmentation is also done only at the WTP. Note that scheduling functionality is denoted as WTP/AC. As explained in [RFC5416], this means that the admission control component of IEEE 802.11 resides on the AC; the real-time scheduling and queuing functions are on the WTP.
图2提供了使用WTP加密的拆分MAC的功能拆分。此配置文件类似于[RFC5416]中的拆分MAC描述,只是IEEE 802.11加密/解密位于WTP。请注意,碎片始终与加密在同一实体中完成。因此,在此配置文件中,碎片/碎片整理也仅在WTP进行。注意,调度功能表示为WTP/AC。如[RFC5416]中所述,这意味着IEEE 802.11的准入控制组件驻留在AC上;实时调度和排队功能在WTP上。
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Functions | Profile | | | 0 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Distribution Service | AC | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Integration Service | AC | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Beacon Generation | WTP | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Probe Response Generation| WTP | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Function |Power Mgmt/ | WTP | + |Packet Buffering | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Fragmentation/ | WTP | + |Defragmentation | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Assoc/Disassoc/Reassoc | AC | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Classifying | AC | + IEEE +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 802.11 QoS |Scheduling | WTP/AC | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Queuing | WTP | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |IEEE 802.1X/EAP | AC | + IEEE +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 802.11 RSN |RSNA Key Management | AC | + (WPA2) +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |IEEE 802.11 | WTP | + |Encryption/Decryption | | |-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Functions | Profile | | | 0 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Distribution Service | AC | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Integration Service | AC | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Beacon Generation | WTP | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Probe Response Generation| WTP | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Function |Power Mgmt/ | WTP | + |Packet Buffering | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Fragmentation/ | WTP | + |Defragmentation | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Assoc/Disassoc/Reassoc | AC | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Classifying | AC | + IEEE +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 802.11 QoS |Scheduling | WTP/AC | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Queuing | WTP | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |IEEE 802.1X/EAP | AC | + IEEE +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 802.11 RSN |RSNA Key Management | AC | + (WPA2) +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |IEEE 802.11 | WTP | + |Encryption/Decryption | | |-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Note: EAP - Extensible Authentication Protocol
注:EAP-可扩展身份验证协议
Figure 2: Functions in Split MAC with WTP Encryption
图2:使用WTP加密的拆分MAC中的函数
The functional split for the Split MAC with AC encryption is provided in Figure 3. This profile is similar to the Split MAC in [RFC5416], except that IEEE 802.11 encryption/decryption is at the AC. Since fragmentation is always done at the same entity as the encryption, in this profile, AC does fragmentation/defragmentation.
图3提供了使用AC加密的拆分MAC的功能拆分。此配置文件类似于[RFC5416]中的拆分MAC,不同之处在于IEEE 802.11加密/解密位于AC。由于碎片始终与加密在同一实体中完成,因此在此配置文件中,AC进行碎片/碎片整理。
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Functions | Profile | | | 1 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Distribution Service | AC | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Integration Service | AC | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Beacon Generation | WTP | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Probe Response Generation| WTP | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Function |Power Mgmt/ | WTP | + |Packet Buffering | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Fragmentation/ | AC | + |Defragmentation | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Assoc/Disassoc/Reassoc | AC | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Classifying | AC | + IEEE +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 802.11 QoS |Scheduling | WTP | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Queuing | WTP | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |IEEE 802.1X/EAP | AC | + IEEE +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 802.11 RSN |RSNA Key Management | AC | + (WPA2) +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |IEEE 802.11 | AC | + |Encryption/Decryption | | |-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Functions | Profile | | | 1 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Distribution Service | AC | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Integration Service | AC | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Beacon Generation | WTP | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Probe Response Generation| WTP | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Function |Power Mgmt/ | WTP | + |Packet Buffering | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Fragmentation/ | AC | + |Defragmentation | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Assoc/Disassoc/Reassoc | AC | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Classifying | AC | + IEEE +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 802.11 QoS |Scheduling | WTP | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |Queuing | WTP | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |IEEE 802.1X/EAP | AC | + IEEE +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 802.11 RSN |RSNA Key Management | AC | + (WPA2) +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |IEEE 802.11 | AC | + |Encryption/Decryption | | |-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 3: Functions in Split MAC with AC encryption
图3:使用AC加密的拆分MAC中的功能
An example of message exchange using the IEEE 802.11 MAC Profile message element is shown in Figure 4. The WTP informs the AC of the various MAC Profiles it supports. This happens in either a Discovery Request message or the Join Request message. The AC determines the appropriate profile and configures the WTP with the profile while configuring the WLAN.
使用IEEE 802.11 MAC配置文件消息元素的消息交换示例如图4所示。WTP通知AC其支持的各种MAC配置文件。这发生在发现请求消息或加入请求消息中。AC确定适当的配置文件,并在配置WLAN时使用该配置文件配置WTP。
+-+-+-+-+-+-+ +-+-+-+-+-+-+ | WTP | | AC | +-+-+-+-+-+-+ +-+-+-+-+-+-+ |Join Request[Supported IEEE 802.11 | | MAC Profiles ] | |---------------------------------------->| | | |Join Response | |<----------------------------------------| | | |IEEE 802.11 WLAN Config. Request [ | | IEEE 802.11 Add WLAN, | | IEEE 802.11 MAC Profile | | ] | |<----------------------------------------| | | |IEEE 802.11 WLAN Config. Response | |---------------------------------------->|
+-+-+-+-+-+-+ +-+-+-+-+-+-+ | WTP | | AC | +-+-+-+-+-+-+ +-+-+-+-+-+-+ |Join Request[Supported IEEE 802.11 | | MAC Profiles ] | |---------------------------------------->| | | |Join Response | |<----------------------------------------| | | |IEEE 802.11 WLAN Config. Request [ | | IEEE 802.11 Add WLAN, | | IEEE 802.11 MAC Profile | | ] | |<----------------------------------------| | | |IEEE 802.11 WLAN Config. Response | |---------------------------------------->|
Figure 4: Message Exchange for Negotiating MAC Profiles
图4:协商MAC配置文件的消息交换
The IEEE 802.11 Supported MAC Profile message element allows the WTP to communicate the profiles it supports. The Discovery Request message, Primary Discovery Request message, and Join Request message may include one such message element.
IEEE 802.11支持的MAC配置文件消息元素允许WTP通信其支持的配置文件。发现请求消息、主发现请求消息和加入请求消息可以包括一个这样的消息元素。
0 1 2 3 0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7 0 +=+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- | Num_Profiles | Profile_1 | Profile_[2..N].. +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
0 1 2 3 0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7 0 +=+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- | Num_Profiles | Profile_1 | Profile_[2..N].. +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
Figure 5: IEEE 802.11 Supported MAC Profiles
图5:IEEE 802.11支持的MAC配置文件
o Type: 1060 for IEEE 802.11 Supported MAC Profiles
o 类型:1060,适用于支持IEEE 802.11的MAC配置文件
o Num_Profiles >=1: This refers to the number of profiles present in this message element. There must be at least one profile.
o Num_Profiles>=1:这是指此消息元素中存在的配置文件数。必须至少有一个配置文件。
o Profile: Each profile is identified by a value specified in Section 3.2.
o 轮廓:每个轮廓由第3.2节中规定的值标识。
The IEEE 802.11 MAC Profile message element allows the AC to select a profile. This message element may be provided along with the IEEE 802.11 ADD WLAN message element while configuring a WLAN on the WTP.
IEEE 802.11 MAC配置文件消息元素允许AC选择配置文件。在WTP上配置WLAN时,此消息元素可与IEEE 802.11添加WLAN消息元素一起提供。
0 1 2 3 4 5 6 7 +=+-+-+-+-+-+-+-+ | Profile | +-+-+-+-+-+-+-+-+
0 1 2 3 4 5 6 7 +=+-+-+-+-+-+-+-+ | Profile | +-+-+-+-+-+-+-+-+
Figure 6: IEEE 802.11 MAC Profile
图6:IEEE 802.11 MAC配置文件
o Type: 1061 for IEEE 802.11 MAC Profile
o 类型:1061适用于IEEE 802.11 MAC配置文件
o Profile: The profile is identified by a value as given below
o 配置文件:配置文件由以下给定的值标识
* 0: This refers to the IEEE 802.11 Split MAC Profile with WTP encryption
* 0:这是指具有WTP加密的IEEE 802.11分割MAC配置文件
* 1: This refers to the IEEE 802.11 Split MAC Profile with AC encryption
* 1:这是指带有AC加密的IEEE 802.11拆分MAC配置文件
This document does not introduce any new security risks compared to [RFC5416]. The negotiation messages between the WTP and AC have origin authentication and data integrity. As a result, an attacker cannot interfere with the messages to force a less-secure mode choice. The security considerations described in [RFC5416] apply here as well.
与[RFC5416]相比,本文件没有引入任何新的安全风险。WTP和AC之间的协商消息具有原始身份验证和数据完整性。因此,攻击者无法干扰消息以强制选择不太安全的模式。[RFC5416]中描述的安全注意事项也适用于此处。
The following IANA actions have been completed.
以下IANA行动已经完成。
o This specification defines two new message elements: IEEE 802.11 Supported MAC Profiles (described in Section 3.1) and the IEEE 802.11 MAC Profile (described in Section 3.2). These elements have been registered in the existing "CAPWAP Message Element Type" registry, defined in [RFC5415].
o 本规范定义了两个新的消息元素:IEEE 802.11支持的MAC配置文件(如第3.1节所述)和IEEE 802.11 MAC配置文件(如第3.2节所述)。这些元素已在[RFC5415]中定义的现有“CAPWAP消息元素类型”注册表中注册。
CAPWAP Protocol Message Element Type Value IEEE 802.11 Supported MAC Profiles 1060 IEEE 802.11 MAC Profile 1061
CAPWAP协议消息元素类型值IEEE 802.11支持的MAC配置文件1060 IEEE 802.11 MAC配置文件1061
o The IEEE 802.11 Supported MAC Profiles message element and IEEE 802.11 MAC Profile message element include a Profile field (as defined in Section 3.2). The Profile field in the IEEE 802.11 Supported MAC Profiles denotes the MAC Profiles supported by the WTP. The Profile field in the IEEE 802.11 MAC Profile denotes the MAC Profile assigned to the WTP. The namespace for the field is 8 bits (0-255). This specification defines two values: zero (0) and one (1) as described below. The remaining values (2-255) are controlled and maintained by IANA, and the registration procedure is Expert Review [RFC5226]. IANA has created a new subregistry called "IEEE 802.11 Split MAC Profile" under the existing registry "Control And Provisioning of Wireless Access Points (CAPWAP) Parameters". The registry format is given below.
o IEEE 802.11支持的MAC配置文件消息元素和IEEE 802.11 MAC配置文件消息元素包括配置文件字段(如第3.2节所定义)。IEEE 802.11支持的MAC配置文件中的配置文件字段表示WTP支持的MAC配置文件。IEEE 802.11 MAC配置文件中的配置文件字段表示分配给WTP的MAC配置文件。字段的命名空间为8位(0-255)。本规范定义了两个值:零(0)和一(1),如下所述。其余值(2-255)由IANA控制和维护,注册程序为专家评审[RFC5226]。IANA在现有注册表“无线接入点(CAPWAP)参数的控制和设置”下创建了一个新的子区域,名为“IEEE 802.11分割MAC配置文件”。注册表格式如下所示。
Profile Type Value Reference Split MAC with WTP encryption 0 RFC 7494 Split MAC with AC encryption 1 RFC 7494
配置文件类型值参考带WTP加密的拆分MAC 0 RFC 7494带AC加密的拆分MAC 1 RFC 7494
[IEEE.802.11] IEEE, "IEEE Standard for Information Technology - Telecommunications and information exchange between systems - Local and metropolitan area networks - Specific requirements Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications", IEEE Std 802.11-2012, March 2012, <http://standards.ieee.org/about/get/802/802.11.html>.
[IEEE.802.11]IEEE,“IEEE信息技术标准-系统间电信和信息交换-局域网和城域网-特定要求第11部分:无线局域网介质访问控制(MAC)和物理层(PHY)规范”,IEEE标准802.11-2012,2012年3月, <http://standards.ieee.org/about/get/802/802.11.html>.
[RFC5415] Calhoun, P., Ed., Montemurro, M., Ed., and D. Stanley, Ed., "Control And Provisioning of Wireless Access Points (CAPWAP) Protocol Specification", RFC 5415, March 2009, <http://www.rfc-editor.org/info/rfc5415>.
[RFC5415]Calhoun,P.,Ed.,Montemurro,M.,Ed.,和D.Stanley,Ed.,“无线接入点的控制和供应(CAPWAP)协议规范”,RFC 5415,2009年3月<http://www.rfc-editor.org/info/rfc5415>.
[RFC5416] Calhoun, P., Ed., Montemurro, M., Ed., and D. Stanley, Ed., "Control and Provisioning of Wireless Access Points (CAPWAP) Protocol Binding for IEEE 802.11", RFC 5416, March 2009, <http://www.rfc-editor.org/info/rfc5416>.
[RFC5416]Calhoun,P.,Ed.,Montemurro,M.,Ed.,和D.Stanley,Ed.,“IEEE 802.11无线接入点(CAPWAP)协议绑定的控制和供应”,RFC 5416,2009年3月<http://www.rfc-editor.org/info/rfc5416>.
[RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an IANA Considerations Section in RFCs", BCP 26, RFC 5226, May 2008, <http://www.rfc-editor.org/info/rfc5226>.
[RFC5226]Narten,T.和H.Alvestrand,“在RFCs中编写IANA注意事项部分的指南”,BCP 26,RFC 5226,2008年5月<http://www.rfc-editor.org/info/rfc5226>.
Acknowledgments
致谢
The authors are grateful for extremely valuable suggestions from Dorothy Stanley in developing this specification.
作者非常感谢Dorothy Stanley在制定本规范时提出的极为宝贵的建议。
Guidance from the management team -- Melinda Shore, Scott Bradner, Chris Liljenstolpe, Benoit Claise, Joel Jaeggli, and Dan Romascanu -- is highly appreciated.
非常感谢管理团队的指导——梅琳达·肖尔、斯科特·布拉德纳、克里斯·利延斯托尔佩、贝诺特·克莱斯、乔尔·贾格利和丹·罗马斯坎努。
Contributors
贡献者
Yifan Chen <chenyifan@chinamobile.com>
Yifan Chen <chenyifan@chinamobile.com>
Naibao Zhou <zhounaibao@chinamobile.com>
Naibao Zhou <zhounaibao@chinamobile.com>
Authors' Addresses
作者地址
Chunju Shao China Mobile No.32 Xuanwumen West Street Beijing 100053 China
邵春菊中国移动北京宣武门西街32号100053
EMail: shaochunju@chinamobile.com
EMail: shaochunju@chinamobile.com
Hui Deng China Mobile No.32 Xuanwumen West Street Beijing 100053 China
惠登中国移动北京宣武门西街32号100053
EMail: denghui@chinamobile.com
EMail: denghui@chinamobile.com
Rajesh S. Pazhyannur Cisco Systems 170 West Tasman Drive San Jose, CA 95134 United States
美国加利福尼亚州圣何塞西塔斯曼大道170号Rajesh S.Pazhyannur思科系统公司,邮编95134
EMail: rpazhyan@cisco.com
EMail: rpazhyan@cisco.com
Farooq Bari AT&T 7277 164th Ave NE Redmond, WA 98052 United States
法鲁克巴里AT&T 7277美国华盛顿州雷德蒙东北大街164号,邮编:98052
EMail: farooq.bari@att.com
EMail: farooq.bari@att.com
Rong Zhang China Telecom No.109 Zhongshandadao avenue Guangzhou 510630 China
中国电信广州市中山大道109号荣章510630
EMail: zhangr@gsta.com
EMail: zhangr@gsta.com
Satoru Matsushima SoftBank Telecom 1-9-1 Higashi-Shinbashi, Munato-ku Tokyo Japan
松岛佐藤软银电信1-9-1东新桥,日本东京Munato区
EMail: satoru.matsushima@g.softbank.co.jp
EMail: satoru.matsushima@g.softbank.co.jp