All,
Please find the proposed text for the IPv6/UDP-Lite issue
below.
<proposed text>
3. CAPWAP Transport
Communication between a WTP and an AC is established
using the
standard UDP client/server model. The CAPWAP protocol
supports both
UDP and UDP-Lite [11] transport protocols. When run over
IPv4, UDP
is used for the CAPWAP control and data channels.
When run over IPv6, the CAPWAP control channel always
uses UDP, while
the CAPWAP data channel may use either UDP or UDP-Lite.
UDP-Lite is
the default transport protocol for the CAPWAP data
channel. However,
if a middlebox or IPv4 to IPv6 gateway has been
discovered, UDP is
used for the CAPWAP data channel.
This section describes how the CAPWAP protocol is carried
over IP and
UDP/UDP-Lite transport protocols. The CAPWAP Transport
Protocol
message element Section 4.6.12 describes the rules to use
in
determing which transport protocol is to be used.
3.1. UDP Transport
One of the CAPWAP protocol requirements is to allow a WTP
to reside
behind a middlebox, firewall and/or Network Address
Translation (NAT)
device. Since a CAPWAP session is initiated by the WTP
(client) to
the well-known UDP port of the AC (server), the use of
UDP is a
logical choice. The UDP checksum field in CAPWAP packets
MUST be set
to zero.
CAPWAP protocol control packets sent from the WTP to the
AC use the
CAPWAP control channel, as defined in Section 1.4. The
CAPWAP
control port at the AC is the well known UDP port [to be
IANA
assigned]. The CAPWAP control port at the WTP can be any
port
selected by the WTP.
CAPWAP protocol data packets sent from the WTP to the AC
use the
CAPWAP data channel, as defined in Section 1.4. The
CAPWAP data port
at the AC is the well known UDP port [to be IANA
assigned]. The
CAPWAP data port at the WTP can be any port selected by
the WTP.
3.2. UDP-Lite Transport
When CAPWAP is run over IPv6, UDP-Lite is the default
transport
protocol, which reduces the checksum processing required
for each
packet (compared to the use of UDP over IPv6 [13]). When
UDP-Lite is
used, the checksum field MUST have a coverage of 8 [11].
UDP-Lite uses the same port assignments as UDP.
[...]
4.6. CAPWAP Protocol Message Elements
[...]
CAPWAP Message Element Type
Value
[...]
CAPWAP Transport Protocol TBD
CAPWAP Local IPV4 Address TBD
CAPWAP Local IPV6 Address TBD
[...]
4.6.12. CAPWAP Transport Protocol
When CAPWAP is run over IPv6, the UDP-Lite or UDP
transports MAY be
used (see Section 3). The CAPWAP IPv6 Transport Protocol
message
element is used by either the WTP or the AC to signal
which transport
protocol is to be used for the CAPWAP data channel.
Upon receiving the Join Request, the AC MAY set the
CAPWAP Transport
Protocol to UDP-Lite in the Configuration Status Request
or Image
Data Request message if the CAPWAP message was received
over IPv6,
and the CAPWAP Local IPv6 Address message element (see
Section 4.6.14) is present and the address matches the
packet's
source IP address.
Upon receiving the Configuration Status Request or Image
Data Request
message, the WTP MAY set the CAPWAP Transport Protocol to
UDP-Lite in
the Configuration Status Response or Image Data Response
message if
the message was received over IPv6, and the CAPWAP Local
IPv6 Address
message element (see Section 4.6.14) is present and the
address
matches the packet's source IP address.
For any other condition, the CAPWAP Transport Protocol
MUST be set to
UDP.
0
0 1 2 3 4 5 6 7
+-+-+-+-+-+-+-+-+
| Transport |
+-+-+-+-+-+-+-+-+
Type: TBD for CAPWAP Transport Protocol
Length: 1
Transport: The transport to use for the CAPWAP data
channel.
1 - UDP-Lite The UDP-Lite transport protocol is to be
used for
the CAPWAP data channel. Note that this option is
illegal is
either the WTP or the AC uses IPv4.
2 - UDP The UDP transport protocol is to be used for
the CAPWAP
data channel.
4.6.13. CAPWAP Local IPv4 Address
The CAPWAP Local IPv4 Address message element is sent by
either the
WTP or the AC in the Join Request, Configuration Status
Request or
Image Data Request message in order to communicate the IP
Address of
the transmitter. The receiver uses this to determine
whether a
middlebox exists between the two peers, by comparing the
source IP
address of the packet against the value of the message
element.
0 1 2
3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6
7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
+-+-+
| IP Address
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
+-+-+
Type: TBD for CAPWAP Local IPv4 Address
Length: 4
IP Address: The IP Address of the sender.
4.6.14. CAPWAP Local IPv6 Address
The CAPWAP Local IPv6 Address message element is sent by
either the
WTP or the AC in the Discovery Response or Join Request
in order to
communicate the IP Address of the transmitter. The
receiver uses
this to determine whether a middlebox exists between the
two peers,
by comparing the source IP address of the packet against
the value of
the message element.
0 1 2
3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6
7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
+-+-+
| IP Address
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
+-+-+
| IP Address
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
+-+-+
| IP Address
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
+-+-+
| IP Address
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
+-+-+
Type: TBD for CAPWAP Local IPv6 Address
Length: 16
IP Address: The IP Address of the sender.
[...]
11. NAT Considerations
There are three specific situations in which a NAT
deployment may be
used in conjunction with a CAPWAP-enabled deployment.
The first
consists of a configuration in which a single WTP is
behind a NAT
system. Since all communication is initiated by the WTP,
and all
communication is performed over IP using two UDP ports,
the protocol
easily traverses NAT systems in this configuration.
In the second case, two or more WTPs are deployed behind
the same NAT
system. Here, the AC would receive multiple connection
requests from
the same IP address, and cannot differentiate the
originating WTP of
the connection requests. The CAPWAP Data Check state,
which
establishes the data plane connection and communicates
the Data
Keepalive, includes the Session Identifier message
element, which is
used to bind the control and data plane. Use of the
Session
Identifier message element enables the AC to match the
control and
data plane flows from multiple WTPs behind the same NAT
system
(multiple WTPs sharing the same IP address).
In the third configuration, the AC is deployed behind a
NAT. Two
issues exist in this situation. First, an AC
communicates its
interfaces and corresponding WTP load using the CAPWAP
Control IPv4
Address and CAPWAP Control IPv6 Address message elements.
This
message element is mandatory, but contains invalid
information if a
middlebox is present between the AC and WTP. The WTP
MUST NOT
utilize the information in these message elements if it
detects a NAT
(as described in the CAPWAP Transport Protocol message
element).
Note this would disable the load balancing capabilities
of the CAPWAP
protocol. Alternatively, the AC could have a configured
NAT'ed
address, which it would include in either of the two
control address
message elements.
The CAPWAP protocol allows for all of the AC identities
supporting a
group of WTPs to be communicated through the AC List
message element.
This feature MUST be ignored by the WTP when it detects
the AC is
behind a middlebox.
The CAPWAP protocol allows an AC to configure a static IP
address on
a WTP using the WTP Static IP Address Information message
element.
This message element SHOULD NOT be used in NAT'ed
environments,
unless the administrator is familiar with the internal IP
addressing
scheme within the WTP's private network, and does not
rely on the
public address seen by the AC.
When a WTP detects the duplicate address condition, it
generates a
message to the AC, which includes the Duplicate IP
Address message
element. The IP Address embedded within this message
element is
different from the public IP address seen by the AC.
____________________________________________________________
_____
To unsubscribe or modify your subscription options, please
visit:
htt
p://lists.frascone.com/mailman/listinfo/capwap
Archives: http://lis
ts.frascone.com/pipermail/capwap
|
