Internet Engineering Task Force (IETF) R. Pazhyannur Request for Comments: 7563 S. Speicher Updates: 6757 S. Gundavelli Category: Standards Track Cisco Systems ISSN: 2070-1721 J. Korhonen Broadcom Corporation J. Kaippallimalil Huawei June 2015
Internet Engineering Task Force (IETF) R. Pazhyannur Request for Comments: 7563 S. Speicher Updates: 6757 S. Gundavelli Category: Standards Track Cisco Systems ISSN: 2070-1721 J. Korhonen Broadcom Corporation J. Kaippallimalil Huawei June 2015
Extensions to the Proxy Mobile IPv6 (PMIPv6) Access Network Identifier Option
代理移动IPv6(PMIPv6)访问网络标识符选项的扩展
Abstract
摘要
The Access Network Identifier (ANI) mobility option was introduced in RFC 6757, "Access Network Identifier (ANI) Option for Proxy Mobile IPv6". This enables a Mobile Access Gateway (MAG) to convey identifiers like the network identifier, geolocation, and operator identifier. This specification extends the Access Network Identifier mobility option with sub-options to carry the civic location and the MAG group identifier. This specification also defines an ANI Update-Timer sub-option that determines when and how often the ANI option will be updated.
RFC 6757“代理移动IPv6的接入网络标识符(ANI)选项”中引入了接入网络标识符(ANI)移动选项。这使得移动接入网关(MAG)能够传送诸如网络标识符、地理位置和运营商标识符之类的标识符。本规范使用子选项扩展接入网络标识符移动选项,以携带公民位置和MAG组标识符。本规范还定义了ANI更新计时器子选项,用于确定ANI选项的更新时间和频率。
Status of This Memo
关于下段备忘
This is an Internet Standards Track document.
这是一份互联网标准跟踪文件。
This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 5741.
本文件是互联网工程任务组(IETF)的产品。它代表了IETF社区的共识。它已经接受了公众审查,并已被互联网工程指导小组(IESG)批准出版。有关互联网标准的更多信息,请参见RFC 5741第2节。
Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc7563.
有关本文件当前状态、任何勘误表以及如何提供反馈的信息,请访问http://www.rfc-editor.org/info/rfc7563.
Copyright Notice
版权公告
Copyright (c) 2015 IETF Trust and the persons identified as the document authors. All rights reserved.
版权所有(c)2015 IETF信托基金和确定为文件作者的人员。版权所有。
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
本文件受BCP 78和IETF信托有关IETF文件的法律规定的约束(http://trustee.ietf.org/license-info)自本文件出版之日起生效。请仔细阅读这些文件,因为它们描述了您对本文件的权利和限制。从本文件中提取的代码组件必须包括信托法律条款第4.e节中所述的简化BSD许可证文本,并提供简化BSD许可证中所述的无担保。
Table of Contents
目录
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Conventions and Terminology . . . . . . . . . . . . . . . . . 4 2.1. Conventions . . . . . . . . . . . . . . . . . . . . . . . 4 2.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 4 3. Protocol Extension . . . . . . . . . . . . . . . . . . . . . 5 3.1. Civic-Location Sub-Option . . . . . . . . . . . . . . . . 5 3.2. MAG-Group-Identifier Sub-Option . . . . . . . . . . . . . 6 3.3. ANI Update-Timer Sub-Option . . . . . . . . . . . . . . . 6 4. Protocol Considerations . . . . . . . . . . . . . . . . . . . 7 4.1. MAG Considerations . . . . . . . . . . . . . . . . . . . 7 4.2. LMA Considerations . . . . . . . . . . . . . . . . . . . 8 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9 6. Security Considerations . . . . . . . . . . . . . . . . . . . 10 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 11 7.1. Normative References . . . . . . . . . . . . . . . . . . 11 7.2. Informative References . . . . . . . . . . . . . . . . . 11 Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 12 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 12
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Conventions and Terminology . . . . . . . . . . . . . . . . . 4 2.1. Conventions . . . . . . . . . . . . . . . . . . . . . . . 4 2.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 4 3. Protocol Extension . . . . . . . . . . . . . . . . . . . . . 5 3.1. Civic-Location Sub-Option . . . . . . . . . . . . . . . . 5 3.2. MAG-Group-Identifier Sub-Option . . . . . . . . . . . . . 6 3.3. ANI Update-Timer Sub-Option . . . . . . . . . . . . . . . 6 4. Protocol Considerations . . . . . . . . . . . . . . . . . . . 7 4.1. MAG Considerations . . . . . . . . . . . . . . . . . . . 7 4.2. LMA Considerations . . . . . . . . . . . . . . . . . . . 8 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9 6. Security Considerations . . . . . . . . . . . . . . . . . . . 10 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 11 7.1. Normative References . . . . . . . . . . . . . . . . . . 11 7.2. Informative References . . . . . . . . . . . . . . . . . 11 Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 12 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 12
"Access Network Identifier (ANI) Option for Proxy Mobile IPv6" [RFC6757] introduced the ANI mobility option. This enabled a Mobile Access Gateway (MAG) to provide the Network-Identifier, Geo-Location, and Operator-Identifier sub-options. When the access network is WLAN, the Network-Identifier sub-option may contain the Service Set Identifier (SSID) and the Basic Service Set Identifier (BSSID) of the Access Point (AP) and the geolocation of the AP, and the Operator-Identifier may contain the realm of the operator managing the WLAN. The MAG sends the above information to the Local Mobility Anchor (LMA). The LMA may use this information to determine access-network-specific policies (in terms of Quality of Service (QoS), Deep Packet Inspection (DPI), etc.). Further, the LMA may make this information available to location-based applications.
“代理移动IPv6的接入网络标识符(ANI)选项”[RFC6757]引入了ANI移动选项。这使得移动接入网关(MAG)能够提供网络标识符、地理位置和运营商标识符子选项。当接入网络是WLAN时,网络标识符子选项可以包含接入点(AP)的服务集标识符(SSID)和基本服务集标识符(BSSID)以及AP的地理位置,并且运营商标识符可以包含管理WLAN的运营商的领域。MAG将上述信息发送到本地移动锚(LMA)。LMA可以使用该信息来确定接入网络特定策略(在服务质量(QoS)、深度分组检查(DPI)等方面)。此外,LMA可使该信息可用于基于位置的应用。
While the above mentioned sub-options provide a rich set of information, in this document we describe the need for extending the ANI sub-options that are particularly useful in WLAN deployments. In WLAN deployments (especially indoor AP deployments), it is difficult to provide geospatial coordinates of APs. At the same time, for many location-based applications the civic location is sufficient. This motivates the need for an ANI Civic-Location sub-option. In many deployments, operators tend to create groups of APs into "AP-Groups". These groups have a group identifier. The group identifier is used as a proxy for coarse location (such as the floor of a building or a small building). The group identifier may also be used to provide a common policy (e.g., QoS, charging, DPI) for all APs in that group. This specification provides a sub-option for the MAG to convey a group identifier to the LMA. The provisioning of the group identifier is outside the scope of this specification and is typically done via a configuration mechanism such as CLI (Command-line Interface) or via Control and Provisioning of Wireless Access Points (CAPWAP) [RFC5415] [RFC5416].
虽然上述子选项提供了丰富的信息,但在本文档中,我们描述了扩展ANI子选项的必要性,这些子选项在WLAN部署中特别有用。在WLAN部署(尤其是室内AP部署)中,很难提供AP的地理空间坐标。同时,对于许多基于位置的应用,城市位置就足够了。这促使人们需要ANI Civil Location子选项。在许多部署中,运营商倾向于将AP组创建为“AP组”。这些组具有组标识符。组标识符用作粗略位置(例如建筑物或小型建筑物的楼板)的代理。组标识符还可用于为该组中的所有ap提供公共策略(例如,QoS、计费、DPI)。该规范为MAG提供了一个子选项,用于向LMA传送组标识符。组标识符的设置不在本规范的范围内,通常通过配置机制(如CLI(命令行接口)或通过无线接入点的控制和设置(CAPWAP)[RFC5415][RFC5416]来完成。
This document also provides a new sub-option that determines how often the MAG will update the ANI. In typical deployments, it is expected that the MAG will update the ANI as soon as it changes. This is certainly true when the MAG is co-located with the AP. When a client roams from one AP to another AP, the MAG on the roamed (or sometimes referred to as the target) AP will provide the new ANI (for example, the network identifier and geolocation of the new AP). However, if the MAG is co-located with an Access Controller (also known as Wireless LAN Controller (WLC)), then a client roaming from one AP to another AP does not necessarily perform an ANI update. The WLC handles client mobility between APs and as a result, intra-WLC mobility is hidden from the LMA.
本文件还提供了一个新的子选项,用于确定MAG更新ANI的频率。在典型部署中,预计MAG将在ANI发生变化时立即更新ANI。当MAG与AP位于同一位置时,这当然是正确的。当客户端从一个AP漫游到另一个AP时,漫游(有时称为目标)AP上的MAG将提供新ANI(例如,新AP的网络标识符和地理位置)。然而,如果MAG与接入控制器(也称为无线LAN控制器(WLC))位于同一位置,则从一个AP漫游到另一AP的客户端不一定执行ANI更新。WLC处理ap之间的客户端移动性,因此,WLC内移动性对LMA是隐藏的。
In such deployments, the information conveyed in the ANI sub-options (e.g., location) becomes stale and is only refreshed at the time of lifetime expiry. The MAG could deal with this by sending a Proxy Binding Update (PBU) whenever a client moves between APs just for the purpose of updating the ANI sub-option. Alternately, this document allows the LMA to determine how often it wants to know about the changes in the ANI sub-option; for example, in some cases the LMA may not care about the ANI sub-option except at the time of initial binding, or in some cases it may care about every AP transition. The sub-option allows the LMA to tell the MAG the desired update frequency. As always, mobility events or re-registration events will update the ANI sub-options. The LMA can use the ANI Update-Timer option to set the maximum frequency at which it wants to receive ANI updates. This is particularly useful in environments where a MAG covers a large number of Wi-Fi APs and there is high client mobility between the APs; for example, in a stadium Wi-Fi deployment, if a LMA does not want ANI updates any more often than 100 seconds, then it can propose 100 seconds as the value for ANI Update-Timer.
在这种部署中,ANI子选项(例如,位置)中传递的信息变得陈旧,仅在生命周期到期时刷新。MAG可以通过发送代理绑定更新(PBU)来解决这一问题,只要客户端在AP之间移动,就可以更新ANI子选项。或者,本文件允许LMA确定其希望了解ANI子选项变更的频率;例如,在某些情况下,LMA可能不关心ANI子选项,除非在初始绑定时,或者在某些情况下,它可能关心每个AP转换。子选项允许LMA告知MAG所需的更新频率。一如既往,移动事件或重新注册事件将更新ANI子选项。LMA可以使用ANI更新定时器选项设置其希望接收ANI更新的最大频率。这在MAG覆盖大量Wi-Fi AP且AP之间存在高客户端移动性的环境中特别有用;例如,在体育场Wi-Fi部署中,如果LMA不希望ANI更新的频率超过100秒,则可以建议100秒作为ANI更新计时器的值。
[RFC6757] provides ANI sub-options to carry geolocation information. In this document, we provide additional sub-options to carry the civic location and group identifier. This document also defines an ANI sub-option to enable a MAG to communicate how often the MAG will update the ANI information.
[RFC6757]提供ANI子选项以携带地理位置信息。在本文档中,我们提供了附加的子选项来携带civic location和group identifier。本文件还定义了ANI子选项,以使MAG能够告知MAG更新ANI信息的频率。
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119].
本文件中的关键词“必须”、“不得”、“要求”、“应”、“不应”、“应”、“不应”、“建议”、“可”和“可选”应按照RFC 2119[RFC2119]中所述进行解释。
All of the mobility-related terms used in this document are to be interpreted as defined in [RFC5213] and [RFC5844]. In this document, Civic Location is defined as follows.
本文件中使用的所有移动性相关术语应按照[RFC5213]和[RFC5844]中的定义进行解释。在本文件中,城市位置的定义如下。
Civic Location: There are two common ways to identify the location of an object, either through geospatial coordinates or by so-called civic addresses. Geospatial coordinates indicate longitude, latitude, and altitude, while civic addresses indicate a street address or sometimes the location within a building (such as a room number). Civic location refers to the civic address.
城市位置:通过地理空间坐标或所谓的城市地址,有两种常用的方法来确定物体的位置。地理空间坐标表示经度、纬度和海拔,而城市地址表示街道地址,有时表示建筑物内的位置(例如房间号)。城市地址是指城市地址。
The Civic-Location is a mobility sub-option carried in the Access Network Identifier option defined in [RFC6757]. This sub-option carries the civic location information of the mobile node as known to the MAG. The format of this option is defined below.
Civic Location是[RFC6757]中定义的接入网络标识符选项中包含的移动性子选项。此子选项携带MAG已知的移动节点的公民位置信息。此选项的格式定义如下。
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |ANI Type=4 | ANI Length | Format | Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | civic location ~ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |ANI Type=4 | ANI Length | Format | Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | civic location ~ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 1: Civic-Location Sub-Option
图1:城市位置子选项
ANI Type: 4
ANI类型:4
ANI Length: Total length of this sub-option in octets, excluding the ANI Type and ANI Length fields.
ANI长度:此子选项的总长度(以八位字节为单位),不包括ANI类型和ANI长度字段。
Format: This specifies the encoding format of the civic location. The value 0 is defined in this specification as described below. The remaining values (1 through 255) are reserved.
格式:指定civic位置的编码格式。值0在本规范中定义如下。其余值(1到255)保留。
0: This value denotes Binary Encoding. The location format is based on the encoding format defined in Section 3.1 of [RFC4776], whereby the first 3 octets are not put into the civic location field (i.e., the code for the DHCP option, the length of the DHCP option, and the 'what' element are not included). What is included is the two-octet country code field, followed by one or more civic address elements. The country-code is a two-letter ISO 3166 country code in capital ASCII letters, e.g., US. The structure of the civic address elements that follow the country code field is as defined in Section 3.3 of [RFC4776].
0:此值表示二进制编码。位置格式基于[RFC4776]第3.1节中定义的编码格式,其中前3个八位字节不放入civic位置字段(即,不包括DHCP选项的代码、DHCP选项的长度和“what”元素)。其中包括两个八位字节的国家代码字段,后跟一个或多个公民地址元素。国家代码是两个字母的ISO 3166国家代码,大写ASCII字母,例如美国。国家代码字段后面的公民地址元素的结构如[RFC4776]第3.3节所定义。
Reserved: This MUST be set to zero when sending and ignored when received.
保留:发送时必须设置为零,接收时忽略。
civic location: This field will contain the civic location. The format (encoding) type is specified in the format field of this sub-option. Note that the length SHALL NOT exceed 253 bytes.
城市位置:此字段将包含城市位置。格式(编码)类型在此子选项的格式字段中指定。请注意,长度不得超过253字节。
The MAG group identifier is a mobility sub-option carried in the Access Network Identifier option defined in [RFC6757]. The MAG group identifier identifies the group affiliation of the MAG within that Proxy Mobile IPv6 domain. The group identifier is not assumed to be globally unique across different network operators. However, the group identifier should be unique within an operator network. In domains spanning multiple operators, it is recommended that the Operator-Identifier sub-option (defined in [RFC6757]) be used in addition to the MAG-Group-Identifier sub-option to ensure uniqueness. When the MAG is configured with a group identifier, the MAG should send its group identifier in the PBU. Note that the configuration of this identifier is outside the scope of this specification; the usage of the identifier by the LMA is left to implementation. The format of this sub-option is defined below.
MAG组标识符是在[RFC6757]中定义的接入网络标识符选项中携带的移动性子选项。MAG组标识符标识该代理移动IPv6域内MAG的组从属关系。不假定组标识符在不同网络运营商之间是全局唯一的。但是,组标识符在运营商网络中应该是唯一的。在跨越多个操作员的域中,建议在MAG组标识符子选项之外使用操作员标识符子选项(在[RFC6757]中定义),以确保唯一性。当MAG配置有组标识符时,MAG应在PBU中发送其组标识符。注意,该标识符的配置不在本规范的范围内;LMA对标识符的使用留待实现。此子选项的格式定义如下。
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |ANI Type=5 | ANI Length | group identifier | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |ANI Type=5 | ANI Length | group identifier | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 2: MAG-Group-Identifier Sub-Option
图2:MAG组标识符子选项
ANI Type: 5
ANI类型:5
ANI Length: Total length of this sub-option in octets, excluding the ANI Type and ANI Length fields. The value is always 2.
ANI长度:此子选项的总长度(以八位字节为单位),不包括ANI类型和ANI长度字段。该值始终为2。
group identifier: This is a 3-octet unsigned integer value assigned to a group of MAGs.
组标识符:这是分配给一组MAG的3个八位无符号整数值。
The ANI Update-Timer is a mobility sub-option carried in the ANI option defined in [RFC6757]. Section 4 describes how the MAG and LMA use this sub-option.
ANI更新计时器是[RFC6757]中定义的ANI选项中包含的移动子选项。第4节描述了MAG和LMA如何使用此子选项。
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |ANI Type=6 | ANI Length | Update-Timer | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |ANI Type=6 | ANI Length | Update-Timer | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 3: ANI Update-Timer Sub-Option
图3:ANI更新定时器子选项
ANI Type: 6
ANI类型:6
ANI Length: Total length of this sub-option in octets, excluding the ANI Type and ANI Length fields. The value is always 2.
ANI长度:此子选项的总长度(以八位字节为单位),不包括ANI类型和ANI长度字段。该值始终为2。
Update-Timer: Update-Timer is a 16-bit unsigned integer. The unit of time is 4 seconds (time unit of 4 seconds ensures consistency with the time units for the binding lifetime). A value of 0 indicates that the MAG will send an updated ANI mobility option as soon as it discovers a change in ANI values. A non-zero value indicates that the MAG may not send ANI values immediately after they have changed but rather send ANI updates when the Update-Timer expires.
更新计时器:更新计时器是一个16位无符号整数。时间单位为4秒(4秒的时间单位确保与绑定生存期的时间单位一致)。值为0表示一旦发现ANI值发生变化,MAG将立即发送更新的ANI移动选项。非零值表示MAG可能不会在ANI值更改后立即发送ANI值,而是在更新计时器过期时发送ANI更新。
The following considerations apply to the LMA and the MAG.
以下注意事项适用于LMA和MAG。
o The conceptual Binding Update List entry data structure maintained by the mobile access gateway, described in Section 6.1 of [RFC5213], is extended to store the access-network-related information elements associated with the current session. Specifically, the following parameters are defined:
o [RFC5213]第6.1节中描述的由移动接入网关维护的概念绑定更新列表条目数据结构被扩展以存储与当前会话相关的接入网络相关信息元素。具体而言,定义了以下参数:
* civic location
* 城市位置
* MAG group identifier
* MAG组标识符
* ANI Update-Timer
* ANI更新定时器
o If the mobile access gateway is configured to support the Access Network Information sub-options defined in this specification, it includes this option with the specific sub-options in all PBU messages (including PBUs for lifetime extension and for deregistration) that it sends to the LMA. The Access Network Information option is constructed as specified in Section 3.
o 如果移动接入网关被配置为支持本规范中定义的接入网络信息子选项,则其在发送给LMA的所有PBU消息(包括用于延长生存期和取消注册的PBU)中包括该选项和特定子选项。接入网络信息选项的构造如第3节所述。
o ANI Update-Timer Considerations: The MAG sets the Update-Timer based on an exchange of timer values with the LMA. When the ANI Update-Timer sub-option is carried in a PBU, it is considered as a proposed value for the Update-Timer. The LMA may change the value of the Update-Timer received in the PBU. When the LMA-provided value for the Update-Timer is different than what is sent by the MAG, the MAG should use the LMA-provided value. If the MAG does not receive an ANI Update-Timer sub-option in the Proxy Binding Acknowledgement (PBA) (in response to sending the sub-option in
o ANI更新定时器注意事项:MAG基于与LMA交换定时器值来设置更新定时器。当在PBU中携带ANI更新计时器子选项时,它被视为更新计时器的建议值。LMA可以改变在PBU中接收的更新定时器的值。当LMA为更新计时器提供的值与MAG发送的值不同时,MAG应使用LMA提供的值。如果MAG在代理绑定确认(PBA)中未收到ANI更新定时器子选项(响应于在
the PBU), then MAG behavior is in accordance to [RFC6757]. When ANI parameters of a mobility session change, the MAG checks whether the Update-Timer has expired. If the Update-Timer has expired, the MAG sends a PBU with the ANI option. The ANI option reflects the updated access network parameters for that mobility session. If the Update-Timer has not expired, the MAG does not send a PBU. When the Update-Timer for a mobility session expires, the MAG checks whether the ANI parameters have changed. If the parameters have changed from the last reported values, the MAG sends a PBU with an ANI option. If the parameters have not changed, the MAG does not send a PBU (and the Update-Timer remains expired). Note that the MAG may send a PBU even before the Update-Timer expires. This could be, for example, to initiate a QoS service request to the LMA (see [RFC7222]). In such cases, the MAG must reset the Update-Timer when it sends a PBU.
PBU),则MAG行为符合[RFC6757]。当移动会话的ANI参数改变时,MAG检查更新计时器是否已过期。如果更新计时器已过期,MAG将发送带有ANI选项的PBU。ANI选项反映了该移动会话的更新接入网络参数。如果更新计时器未过期,MAG不会发送PBU。当移动会话的更新计时器过期时,MAG检查ANI参数是否已更改。如果参数与上次报告的值不同,MAG将发送一个带有ANI选项的PBU。如果参数没有改变,MAG不会发送PBU(更新计时器仍然过期)。请注意,即使在更新计时器到期之前,MAG也可能发送PBU。例如,这可以是发起对LMA的QoS服务请求(参见[RFC7222])。在这种情况下,MAG在发送PBU时必须重置更新计时器。
o If the mobile access gateway had any of the Access Network Information mobility options included in the PBU sent to an LMA, then the PBA received from the LMA should contain the Access Network Information mobility option with the specific sub-options. If the mobile access gateway receives a PBA with a successful Status Value but without an Access Network Information mobility option, then the mobile access gateway may log the event and, based on its local policy, even proceed to terminate the mobility session. In this case, the mobile access gateway knows the LMA does not understand the Access Network Information mobility option.
o 如果移动接入网关具有包括在发送到LMA的PBU中的任何接入网络信息移动选项,则从LMA接收的PBA应包含具有特定子选项的接入网络信息移动选项。如果移动接入网关接收到具有成功状态值但没有接入网络信息移动选项的PBA,则移动接入网关可以记录该事件,并且基于其本地策略,甚至继续终止移动会话。在这种情况下,移动接入网关知道LMA不理解接入网络信息移动选项。
o The conceptual Binding Cache entry data structure maintained by the LMA, described in Section 5.1 of [RFC5213], is extended to store the access-network-related information elements associated with the current session. Specifically, the following parameters are defined:
o [RFC5213]第5.1节中描述的由LMA维护的概念绑定缓存条目数据结构被扩展以存储与当前会话相关的接入网络相关信息元素。具体而言,定义了以下参数:
* civic location
* 城市位置
* MAG group identifier
* MAG组标识符
* ANI Update-Timer
* ANI更新定时器
o On receiving a PBU message from a MAG with the ANI option, the LMA must process the option and update the corresponding fields in the Binding Cache entry. If the option is not understood by that LMA implementation, it will skip the option and process the PBU without these options.
o 在接收到来自具有ANI选项的MAG的PBU消息时,LMA必须处理该选项并更新绑定缓存条目中的相应字段。如果LMA实现不理解该选项,它将跳过该选项并在没有这些选项的情况下处理PBU。
o If the received PBU message does not include the Access Network Information option, then the mobility session associated with that PBU is updated to remove any access network information elements.
o 如果接收到的PBU消息不包括接入网络信息选项,则更新与该PBU相关联的移动会话以移除任何接入网络信息元素。
o If the LMA understands/supports the Access Network Identifier mobility sub-options defined in this specification, then the LMA echoes the Access Network Identifier mobility option with the specific sub-option(s) that it accepted back to the mobile access gateway in a PBA. The Civic-Location and MAG-Group-Identifier sub-options defined in this specification should not be altered by the LMA. The LMA may change the value of the ANI Update-Timer sub-option. It may choose to either echo the same value or increase or decrease the timer value. For example, if the LMA does not want to receive frequent updates (as implied by the timer value), it may choose to increase the value. Similarly, if the LMA needs to receive ANI updates as soon as possible, then it may set the value to zero (0) in the PBA.
o 如果LMA理解/支持本规范中定义的接入网络标识符移动性子选项,则LMA将接入网络标识符移动性选项与其在PBA中接受回移动接入网关的特定子选项相呼应。LMA不得更改本规范中定义的Civic Location和MAG Group Identifier子选项。LMA可能会更改ANI更新定时器子选项的值。它可以选择回显相同的值或增加或减少计时器值。例如,如果LMA不希望接收频繁的更新(如计时器值所暗示的),它可以选择增加该值。类似地,如果LMA需要尽快接收ANI更新,那么它可以在PBA中将该值设置为零(0)。
IANA has registered the values described below.
IANA已注册以下所述的值。
o This specification defines a new Access Network Identifier sub-option called the Civic-Location sub-option. This mobility sub-option is described in Section 3.1 and this sub-option can be carried in the Access Network Identifier mobility option. The type value <4> has been allocated from the registry "Access Network Information (ANI) Sub-Option Type Values".
o 本规范定义了一个新的接入网络标识符子选项,称为Civic Location子选项。该移动性子选项在第3.1节中描述,并且该子选项可以在接入网络标识符移动性选项中携带。类型值<4>已从注册表“访问网络信息(ANI)子选项类型值”中分配。
o This specification defines a new Access Network Identifier sub-option called the MAG-Group-Identifier sub-option. This mobility sub-option is described in Section 3.2 and this sub-option can be carried in Access Network Identifier mobility option. The type value <5> has been allocated from the registry "Access Network Information (ANI) Sub-Option Type Values".
o 本规范定义了一个新的接入网络标识符子选项,称为MAG组标识符子选项。第3.2节描述了该移动性子选项,该子选项可在接入网络标识符移动性选项中携带。类型值<5>已从注册表“访问网络信息(ANI)子选项类型值”中分配。
o This specification defines a new Access Network Identifier sub-option called the ANI Update-Timer sub-option. This sub-option is described in Section 3.3 and this sub-option can be carried in the Access Network Identifier mobility option. The type value <6> has been allocated from the registry "Access Network Information (ANI) Sub-Option Type Values".
o 本规范定义了一个新的接入网络标识符子选项,称为ANI更新定时器子选项。该子选项在第3.3节中描述,该子选项可在接入网络标识符移动选项中携带。类型值<6>已从注册表“访问网络信息(ANI)子选项类型值”中分配。
The Civic-Location sub-option defined in this specification is carried in the Access Network Identifier option defined in [RFC6757]. This sub-option is carried in PBU and PBA messages. This sub-option is carried like any other Access Network Identifier sub-option as defined in [RFC6757]. Therefore, it inherits its security guidelines from [RFC5213] and [RFC6757] and does not require any additional security considerations.
本规范中定义的Civic Location子选项包含在[RFC6757]中定义的接入网络标识符选项中。此子选项包含在PBU和PBA消息中。此子选项与[RFC6757]中定义的任何其他接入网络标识符子选项一样。因此,它继承了[RFC5213]和[RFC6757]的安全准则,不需要任何额外的安全考虑。
The Civic-Location sub-option exposes the civic location of the network to which the mobile node is attached. This information is considered to be very sensitive, so care must be taken to secure the Proxy Mobile IPv6 signaling messages when carrying this sub-option. The base Proxy Mobile IPv6 specification [RFC5213] specifies the use of IPsec for securing the signaling messages, and those mechanisms can be enabled for protecting this information. Operators can potentially apply IPsec Encapsulating Security Payload (ESP) with confidentiality and integrity protection for protecting the location information. The other way to protect the sensitive location information of network users is of course to not send it in the first place. Users of the Civic-Location sub-option should provision location values with the highest possible level of granularity, e.g., to the province or city level rather than provisioning specific addresses.
Civic Location子选项公开移动节点所连接的网络的Civic位置。此信息被认为是非常敏感的,因此在携带此子选项时,必须注意保护代理移动IPv6信令消息的安全。基本代理移动IPv6规范[RFC5213]指定使用IPsec来保护信令消息,并且可以启用这些机制来保护此信息。运营商可以潜在地应用具有机密性和完整性保护的IPsec封装安全负载(ESP)来保护位置信息。另一种保护网络用户敏感位置信息的方法当然是首先不发送它。Civic Location子选项的用户应提供具有最高粒度级别的位置值,例如省或市级别的位置值,而不是提供特定地址。
Access-network-specific information elements that the mobile access gateway sends may have been dynamically learned over DHCP or using other protocols. If proper security mechanisms are not in place, the exchanged information between the MAG and LMA may be compromised. This situation may result in incorrect service policy enforcement at the LMA and impact other services that depend on this access network information. This threat can be mitigated by ensuring the communication path between the mobile access gateway and the access points is properly secured by the use of IPsec, Transport Layer Security (TLS), or other security protocols.
移动接入网关发送的接入网络特定信息元素可能已经通过DHCP或使用其他协议动态地学习。如果没有适当的安全机制,MAG和LMA之间交换的信息可能会受到损害。这种情况可能导致在LMA处执行不正确的服务策略,并影响依赖于该接入网络信息的其他服务。通过使用IPsec、传输层安全(TLS)或其他安全协议,确保移动接入网关和接入点之间的通信路径得到适当保护,可以减轻这种威胁。
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, <http://www.rfc-editor.org/info/rfc2119>.
[RFC2119]Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,DOI 10.17487/RFC2119,1997年3月<http://www.rfc-editor.org/info/rfc2119>.
[RFC4776] Schulzrinne, H., "Dynamic Host Configuration Protocol (DHCPv4 and DHCPv6) Option for Civic Addresses Configuration Information", RFC 4776, DOI 10.17487/RFC4776, November 2006, <http://www.rfc-editor.org/info/rfc4776>.
[RFC4776]Schulzrinne,H.,“公民地址配置信息的动态主机配置协议(DHCPv4和DHCPv6)选项”,RFC 4776,DOI 10.17487/RFC4776,2006年11月<http://www.rfc-editor.org/info/rfc4776>.
[RFC5213] Gundavelli, S., Ed., Leung, K., Devarapalli, V., Chowdhury, K., and B. Patil, "Proxy Mobile IPv6", RFC 5213, DOI 10.17487/RFC5213, August 2008, <http://www.rfc-editor.org/info/rfc5213>.
[RFC5213]Gundavelli,S.,Ed.,Leung,K.,Devarapalli,V.,Chowdhury,K.,和B.Patil,“代理移动IPv6”,RFC 5213,DOI 10.17487/RFC5213,2008年8月<http://www.rfc-editor.org/info/rfc5213>.
[RFC5844] Wakikawa, R. and S. Gundavelli, "IPv4 Support for Proxy Mobile IPv6", RFC 5844, DOI 10.17487/RFC5844, May 2010, <http://www.rfc-editor.org/info/rfc5844>.
[RFC5844]Wakikawa,R.和S.Gundavelli,“代理移动IPv6的IPv4支持”,RFC 5844,DOI 10.17487/RFC5844,2010年5月<http://www.rfc-editor.org/info/rfc5844>.
[RFC6757] Gundavelli, S., Ed., Korhonen, J., Ed., Grayson, M., Leung, K., and R. Pazhyannur, "Access Network Identifier (ANI) Option for Proxy Mobile IPv6", RFC 6757, DOI 10.17487/RFC6757, October 2012, <http://www.rfc-editor.org/info/rfc6757>.
[RFC6757]Gundavelli,S.,Ed.,Korhonen,J.,Ed.,Grayson,M.,Leung,K.,和R.Pazhyannur,“代理移动IPv6的接入网络标识符(ANI)选项”,RFC 6757,DOI 10.17487/RFC6757,2012年10月<http://www.rfc-editor.org/info/rfc6757>.
[RFC7222] Liebsch, M., Seite, P., Yokota, H., Korhonen, J., and S. Gundavelli, "Quality-of-Service Option for Proxy Mobile IPv6", RFC 7222, DOI 10.17487/RFC7222, May 2014, <http://www.rfc-editor.org/info/rfc7222>.
[RFC7222]Liebsch,M.,Seite,P.,Yokota,H.,Korhonen,J.,和S.Gundavelli,“代理移动IPv6的服务质量选项”,RFC 7222,DOI 10.17487/RFC7222,2014年5月<http://www.rfc-editor.org/info/rfc7222>.
[RFC5415] Calhoun, P., Ed., Montemurro, M., Ed., and D. Stanley, Ed., "Control And Provisioning of Wireless Access Points (CAPWAP) Protocol Specification", RFC 5415, DOI 10.17487/RFC5415, March 2009, <http://www.rfc-editor.org/info/rfc5415>.
[RFC5415]Calhoun,P.,Ed.,Montemurro,M.,Ed.,和D.Stanley,Ed.,“无线接入点的控制和供应(CAPWAP)协议规范”,RFC 5415,DOI 10.17487/RFC5415,2009年3月<http://www.rfc-editor.org/info/rfc5415>.
[RFC5416] Calhoun, P., Ed., Montemurro, M., Ed., and D. Stanley, Ed., "Control and Provisioning of Wireless Access Points (CAPWAP) Protocol Binding for IEEE 802.11", RFC 5416, DOI 10.17487/RFC5416, March 2009, <http://www.rfc-editor.org/info/rfc5416>.
[RFC5416]Calhoun,P.,Ed.,Montemurro,M.,Ed.,和D.Stanley,Ed.,“IEEE 802.11无线接入点(CAPWAP)协议绑定的控制和供应”,RFC 5416,DOI 10.17487/RFC5416,2009年3月<http://www.rfc-editor.org/info/rfc5416>.
Acknowledgements
致谢
This document benefited considerably from the numerous improvements proposed by Kent Leung.
这份文件从梁建邦提出的众多改进中受益匪浅。
Authors' Addresses
作者地址
Rajesh S. Pazhyannur Cisco Systems 170 West Tasman Drive San Jose, California 95134 United States EMail: rpazhyan@cisco.com
Rajesh S.Pazhyannur Cisco Systems 170美国加利福尼亚州圣何塞西塔斯曼大道95134号电子邮件:rpazhyan@cisco.com
Sebastian Speicher Cisco Systems Richtistrasse 7 Wallisellen, Zurich 8304 Switzerland EMail: sespeich@cisco.com
Sebastian Speicher Cisco Systems Richtistrasse 7 Wallisellen,苏黎世8304瑞士电子邮件:sespeich@cisco.com
Sri Gundavelli Cisco Systems 170 West Tasman Drive San Jose, California 95134 United States EMail: sgundave@cisco.com
Sri Gundavelli Cisco Systems 170加利福尼亚州圣何塞西塔斯曼大道95134美国电子邮件:sgundave@cisco.com
Jouni Korhonen Broadcom Corporation 3151 Zanker Road San Jose, California 95134 United States EMail: jouni.nospam@gmail.com
Jouni Korhonen Broadcom Corporation加利福尼亚州圣何塞市赞克路3151号95134美国电子邮件:Jouni。nospam@gmail.com
John Kaippallimalil Huawei 5340 Legacy Drive, Suite 175 Plano, Texas 75024 United States EMail: john.kaippallimalil@huawei.com
John Kaippallimalil华为5340 Legacy Drive,美国德克萨斯州普莱诺175号套房75024电子邮件:John。kaippallimalil@huawei.com