Internet Engineering Task Force (IETF) S. Gundavelli, Ed.
Request for Comments: 6909 Cisco
Category: Standards Track X. Zhou
ISSN: 2070-1721 ZTE Corporation
J. Korhonen
Renesas Mobile
G. Feige
R. Koodli
Cisco
April 2013
Internet Engineering Task Force (IETF) S. Gundavelli, Ed.
Request for Comments: 6909 Cisco
Category: Standards Track X. Zhou
ISSN: 2070-1721 ZTE Corporation
J. Korhonen
Renesas Mobile
G. Feige
R. Koodli
Cisco
April 2013
IPv4 Traffic Offload Selector Option for Proxy Mobile IPv6
代理移动IPv6的IPv4流量卸载选择器选项
Abstract
摘要
This specification defines a new mobility option, the IPv4 Traffic Offload Selector option, for Proxy Mobile IPv6. This option can be used by the local mobility anchor and the mobile access gateway for negotiating IPv4 traffic offload policy for a mobility session. Based on the negotiated IPv4 traffic offload policy, a mobile access gateway can selectively offload some of the IPv4 traffic flows in the access network instead of tunneling back to the local mobility anchor in the home network.
此规范为代理移动IPv6定义了一个新的移动选项,即IPv4流量卸载选择器选项。本地移动锚和移动接入网关可使用此选项协商移动会话的IPv4流量卸载策略。基于协商的IPv4流量卸载策略,移动接入网关可以选择性地卸载接入网络中的一些IPv4流量,而不是通过隧道返回到家庭网络中的本地移动锚。
Status of This Memo
关于下段备忘
This is an Internet Standards Track document.
这是一份互联网标准跟踪文件。
This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 5741.
本文件是互联网工程任务组(IETF)的产品。它代表了IETF社区的共识。它已经接受了公众审查,并已被互联网工程指导小组(IESG)批准出版。有关互联网标准的更多信息,请参见RFC 5741第2节。
Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc6909.
有关本文件当前状态、任何勘误表以及如何提供反馈的信息,请访问http://www.rfc-editor.org/info/rfc6909.
Copyright Notice
版权公告
Copyright (c) 2013 IETF Trust and the persons identified as the document authors. All rights reserved.
版权所有(c)2013 IETF信托基金和确定为文件作者的人员。版权所有。
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
本文件受BCP 78和IETF信托有关IETF文件的法律规定的约束(http://trustee.ietf.org/license-info)自本文件出版之日起生效。请仔细阅读这些文件,因为它们描述了您对本文件的权利和限制。从本文件中提取的代码组件必须包括信托法律条款第4.e节中所述的简化BSD许可证文本,并提供简化BSD许可证中所述的无担保。
Table of Contents
目录
1. Introduction ....................................................2
2. Conventions and Terminology .....................................4
2.1. Conventions ................................................4
2.2. Terminology ................................................4
3. Solution Overview ...............................................4
3.1. IPv4 Traffic Offload Selector Option .......................6
3.2. MAG Considerations .........................................8
3.3. LMA Considerations .........................................9
4. Protocol Configuration Variables ...............................11
5. IANA Considerations ............................................11
6. Security Considerations ........................................12
7. Acknowledgements ...............................................12
8. References .....................................................13
8.1. Normative References ......................................13
8.2. Informative References ....................................13
1. Introduction ....................................................2
2. Conventions and Terminology .....................................4
2.1. Conventions ................................................4
2.2. Terminology ................................................4
3. Solution Overview ...............................................4
3.1. IPv4 Traffic Offload Selector Option .......................6
3.2. MAG Considerations .........................................8
3.3. LMA Considerations .........................................9
4. Protocol Configuration Variables ...............................11
5. IANA Considerations ............................................11
6. Security Considerations ........................................12
7. Acknowledgements ...............................................12
8. References .....................................................13
8.1. Normative References ......................................13
8.2. Informative References ....................................13
Mobile operators are expanding their network coverage by integrating various access technology domains (e.g., Wireless LAN, CDMA, and Long-Term Evolution (LTE)) into a common IP mobility core. The Third Generation Partnership Project (3GPP) S2a Proxy Mobile IPv6 [TS23402] reference point, specified by the 3GPP system architecture, defines the protocol interworking for building such integrated multi-access networks. In this scenario, the mobile node's IP traffic is always tunneled back from the mobile access gateway [RFC5213] in the access network to the local mobility anchor in the home network. Currently, there is no mechanism for allowing some of the subscriber's IP flows to be offloaded in the access network.
移动运营商正在通过将各种接入技术领域(如无线局域网、CDMA和长期演进(LTE))集成到一个通用的IP移动核心来扩大其网络覆盖范围。由3GPP系统架构指定的第三代合作伙伴计划(3GPP)S2a代理移动IPv6[TS23402]参考点定义了用于构建此类集成多址网络的协议互通。在这种情况下,移动节点的IP流量总是从接入网络中的移动接入网关[RFC5213]通过隧道传输回家庭网络中的本地移动锚。目前,没有允许用户的一些IP流在接入网络中卸载的机制。
With the exponential growth in mobile data traffic, mobile operators are exploring new ways to offload some of the IP traffic flows at the nearest access edge. The offload is intended either for local service access in the access network or for Internet offload through the access network when there is an Internet peering point. Not all IP traffic flows need to be routed back to the home network; the traffic that does not require IP mobility support can be offloaded at the mobile access gateway in the access network. This approach allows efficient usage of the mobile packet core, which helps in lowering transport costs. To identify the IP flows that need to be offloaded, the local mobility anchor in the home network can deliver the IP flow policy to the mobile access gateway in the access network. It is up to an operator's discretion to classify the traffic for offload. One operator might choose to offload everything except traffic (such as Voice over IP) that requires QoS services. Another might choose to offload only HTTP traffic. This specification is only concerned with matching IP traffic against a given flow selector and classification of IP traffic for offloading purposes. This approach has one limitation with respect to identifying encrypted traffic: IPsec-encrypted traffic with no visibility into the application payload cannot be selected for offload.
随着移动数据流量的指数增长,移动运营商正在探索新的方法,在最近的接入边缘卸载一些IP流量。卸载用于接入网络中的本地服务接入,或者在存在互联网对等点时通过接入网络进行互联网卸载。并非所有IP流量都需要路由回家庭网络;不需要IP移动性支持的流量可以在接入网络中的移动接入网关处卸载。这种方法允许有效使用移动分组核心,这有助于降低传输成本。为了识别需要卸载的IP流,家庭网络中的本地移动锚可以将IP流策略交付给接入网络中的移动接入网关。由运营商自行决定对卸载流量进行分类。一家运营商可能会选择卸载除需要QoS服务的流量(如IP语音)之外的所有内容。另一个可能会选择只卸载HTTP流量。本规范仅涉及将IP流量与给定的流选择器进行匹配,以及出于卸载目的对IP流量进行分类。这种方法在识别加密流量方面有一个限制:无法选择对应用程序负载不可见的IPsec加密流量进行卸载。
This document defines a new mobility option, the IPv4 Traffic Offload Selector option (see Section 3.1), for Proxy Mobile IPv6 (PMIPv6). This option can be used by the local mobility anchor and the mobile access gateway for negotiating IPv4 traffic offload policy for a mobility session. This IPv4 traffic offload policy identifies the flow selectors that can be used for selecting the flows that can be offloaded at the access edge. Since the mobile node's IP address topologically belongs to the home network, the offloaded IPv4 traffic flows may need to be NAT [RFC2663] translated. These offloaded flows will not have mobility support as the NAT becomes the anchor point for those flows. However, when the traffic is offloaded for local service access as opposed to Internet offload, NAT translation may not be needed if the mobile access gateway is in the path for the return traffic. The decision on when to apply NAT translation can be based on local configuration on the mobile access gateway. There are better ways to address the offload problem for IPv6, and with the goal not to create a NAT66 requirement, this specification therefore does not address traffic offload support for IPv6 flows.
本文档为代理移动IPv6(PMIPv6)定义了一个新的移动选项,即IPv4流量卸载选择器选项(见第3.1节)。本地移动锚和移动接入网关可使用此选项协商移动会话的IPv4流量卸载策略。此IPv4流量卸载策略标识可用于选择可在访问边缘卸载的流的流选择器。由于移动节点的IP地址在拓扑上属于家庭网络,因此卸载的IPv4通信流可能需要进行NAT[RFC2663]转换。由于NAT成为这些流的锚点,这些卸载流将不具有移动性支持。然而,当流量为本地服务访问而非互联网卸载时,如果移动接入网关位于返回流量的路径中,则可能不需要NAT转换。关于何时应用NAT转换的决定可以基于移动接入网关上的本地配置。有更好的方法来解决IPv6的卸载问题,并且为了不创建NAT66需求,因此本规范不解决IPv6流的流量卸载支持。
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119].
本文件中的关键词“必须”、“不得”、“要求”、“应”、“不应”、“应”、“不应”、“建议”、“可”和“可选”应按照RFC 2119[RFC2119]中所述进行解释。
All the mobility-related terms used in this document are to be interpreted as defined in the base Proxy Mobile IPv6 specifications [RFC5213] [RFC5844]. Additionally, this document uses the following terms:
本文档中使用的所有移动相关术语应按照基本代理移动IPv6规范[RFC5213][RFC5844]中的定义进行解释。此外,本文件使用以下术语:
IP Flow
IP流
IP flow [RFC5101] represents a set of IP packets that match a traffic selector (TS). The selector is typically based on the source IP address, destination IP address, source port, destination port, and other fields in upper-layer headers.
IP流[RFC5101]表示与流量选择器(TS)匹配的一组IP数据包。选择器通常基于上层标头中的源IP地址、目标IP地址、源端口、目标端口和其他字段。
IP Traffic Offload
IP流量卸载
IP traffic offload is the approach of selecting specific IP flows and routing them through the access network instead of tunneling them to the home network. Offload can also be between two access networks (e.g., moving some of the traffic from LTE access to WLAN access).
IP流量卸载是一种选择特定IP流并通过接入网络路由它们的方法,而不是通过隧道将它们传输到家庭网络。卸载也可以在两个接入网络之间进行(例如,将部分流量从LTE接入转移到WLAN接入)。
Figure 1 illustrates the scenario where the mobile access gateway in an access network has enabled IPv4 traffic offload support for a mobility session. The offload decision is based on the IPv4 traffic offload policy that it negotiated with the local mobility anchor in the home network. For example, all the HTTP flows may be offloaded at the mobile access gateway, and all the other flows for that mobility session are tunneled back to the local mobility anchor. The offloaded flows typically have to be NAT translated, and this specification does not impose any restrictions on the location of the NAT function. It is possible for the NAT function to be co-located with the mobile access gateway or located somewhere at the edge of the access network. When the NAT function is not co-located with the mobile access gateway, offloaded traffic flows must be delivered through the local access network between the mobile access gateway and the NAT function, for example, through a VLAN or a point-to-point link. The exact means for this delivery are outside the scope of
图1说明了接入网络中的移动接入网关为移动会话启用IPv4流量卸载支持的场景。卸载决策基于与家庭网络中的本地移动锚协商的IPv4流量卸载策略。例如,可以在移动接入网关处卸载所有HTTP流,并且用于该移动会话的所有其他流通过隧道传回本地移动锚。卸载流通常必须进行NAT转换,并且本规范不对NAT功能的位置施加任何限制。NAT功能可能与移动接入网关位于同一位置,或者位于接入网络边缘的某处。当NAT功能与移动接入网关不在同一位置时,卸载的流量必须通过移动接入网关和NAT功能之间的本地接入网络(例如,通过VLAN或点对点链路)进行传输。此交付的确切方式不在本协议范围内
this document. If the offloaded IPv4 flows are for local service access and reverse traffic from the local service device can be routed to the mobile node through the mobile access gateway, the offloaded flows may be delivered directly to a local service device.
这份文件。如果卸载的IPv4流用于本地服务访问,并且来自本地服务设备的反向流量可以通过移动访问网关路由到移动节点,则卸载的流可以直接传送到本地服务设备。
The traffic selectors in the IPv4 traffic offload policy are used to classify the traffic, so it can be offloaded at the access network. These parameters include source IP address, destination IP address, TCP/UDP port numbers, and other fields. The format of the IPv4 binary traffic selector is specified in Section 3.1 of [RFC6088].
IPv4流量卸载策略中的流量选择器用于对流量进行分类,因此可以在接入网络上卸载流量。这些参数包括源IP地址、目标IP地址、TCP/UDP端口号和其他字段。[RFC6088]第3.1节规定了IPv4二进制流量选择器的格式。
_----_
_( )_
:-----------------( Internet )---------------:
| (_ _) |
| '----' |
| |
: |
(IPv4 Traffic Offload Point) |
: |
| |
........................................................|....
| | |
+--------+ | +---------------------+ |
| Local | | | Services requiring | |
|Services| | | mobility, or service| |
+--------+ | | treatment | |
| | +---------------------+ |
| +---+ | |
| |NAT| | |
| +---+ | |
+-----| _----_ | |
+-----+ _( )_ +-----+ |
[MN]----| MAG |======( IP )======| LMA |----------
+-----+ (_ _) +-----+ Internet
'----'
.
.
[Access Network] . [Home Network]
..........................................................
_----_
_( )_
:-----------------( Internet )---------------:
| (_ _) |
| '----' |
| |
: |
(IPv4 Traffic Offload Point) |
: |
| |
........................................................|....
| | |
+--------+ | +---------------------+ |
| Local | | | Services requiring | |
|Services| | | mobility, or service| |
+--------+ | | treatment | |
| | +---------------------+ |
| +---+ | |
| |NAT| | |
| +---+ | |
+-----| _----_ | |
+-----+ _( )_ +-----+ |
[MN]----| MAG |======( IP )======| LMA |----------
+-----+ (_ _) +-----+ Internet
'----'
.
.
[Access Network] . [Home Network]
..........................................................
Figure 1: IPv4 Traffic Offload Support at the MAG
图1:MAG上的IPv4流量卸载支持
Figure 2 explains the operational sequence of the Proxy Mobile IPv6 protocol signaling message exchange between the mobile access gateway (MAG) and the local mobility anchor (LMA) for negotiating the IPv4 traffic offload selectors. The details related to DHCP transactions or Router Advertisements on the access link are not shown here as
图2解释了移动接入网关(MAG)和本地移动锚(LMA)之间的代理移动IPv6协议信令消息交换的操作顺序,以协商IPv4流量卸载选择器。与访问链路上的DHCP事务或路由器播发相关的详细信息在此不显示为
that is not the key focus of this specification. The use of IPv4 Traffic Selector option in the Proxy Binding Update is for allowing the MAG to request the LMA for the IPv4 traffic offload policy.
这不是本规范的重点。在代理绑定更新中使用IPv4流量选择器选项是为了允许MAG向LMA请求IPv4流量卸载策略。
MN MAG(NAT) LMA
|------>| | 1. Mobile Node Attach
| |------->| 2. Proxy Binding Update (IPv4TS)
| |<-------| 3. Proxy Binding Acknowledgement (IPv4TS)
| |========| 4. Tunnel/Route Setup
| + | 5. Installing the traffic offload rules
|------>| | 6. IPv4 packet from mobile node
| + | 7. Offload rule applied (Tunnel/offload)
| | |
MN MAG(NAT) LMA
|------>| | 1. Mobile Node Attach
| |------->| 2. Proxy Binding Update (IPv4TS)
| |<-------| 3. Proxy Binding Acknowledgement (IPv4TS)
| |========| 4. Tunnel/Route Setup
| + | 5. Installing the traffic offload rules
|------>| | 6. IPv4 packet from mobile node
| + | 7. Offload rule applied (Tunnel/offload)
| | |
Figure 2: Exchange of IPv4 Traffic Offload Selectors
图2:IPv4流量卸载选择器的交换
A new mobility option, the IPv4 Traffic Offload Selector option (53), is defined for use in Proxy Binding Update (PBU) and Proxy Binding Acknowledgement (PBA) messages exchanged between a mobile access gateway and a local mobility anchor. This option is used for carrying the IPv4 traffic offload policy. This policy identifies the IPv4 traffic flow selectors that can be used by the mobile access gateway for enforcing the offload policy.
定义了一个新的移动选项,即IPv4流量卸载选择器选项(53),用于在移动接入网关和本地移动锚之间交换的代理绑定更新(PBU)和代理绑定确认(PBA)消息中。此选项用于承载IPv4流量卸载策略。此策略标识移动访问网关可用于实施卸载策略的IPv4流量选择器。
The alignment requirement for this option is 4n.
该选项的对齐要求为4n。
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|M| Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Traffic Selector Sub-option ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|M| Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Traffic Selector Sub-option ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 3: IPv4 Traffic Offload Selector Option
图3:IPv4流量卸载选择器选项
Type 53
53型
Length 8-bit unsigned integer indicating the length in octets of the option, excluding the type and length fields.
长度8位无符号整数,指示选项的长度(以八位字节为单位),不包括类型和长度字段。
Offload Mode (M) Flag This field indicates the offload mode.
卸载模式(M)标志此字段指示卸载模式。
If the (M) flag value is set to a value of (0), it is an indication that the IPv4 flow(s) that match the traffic selectors in the Traffic Selector sub-option [RFC6089] and that are associated to that mobility session have to be offloaded at the mobile access gateway. All the other IPv4 flows associated with that mobility session and not matching the traffic selectors have to be tunneled to the local mobility anchor.
如果(M)标志值设置为(0)值,则表示必须在移动接入网关卸载与流量选择器子选项[RFC6089]中的流量选择器匹配且与该移动会话关联的IPv4流。与该移动性会话关联且与流量选择器不匹配的所有其他IPv4流必须通过隧道传输到本地移动性锚。
If the (M) flag value is set to a value of (1), it is an indication that all the IPv4 flows associated to that mobility session except the IPv4 flow(s) matching the traffic selectors in the Traffic Selector sub-option have to be offloaded at the mobile access gateway. All the IPv4 flows associated with that mobility session and matching the traffic selectors have to be tunneled back to the local mobility anchor.
如果(M)标志值设置为(1)值,则表示必须在移动接入网关卸载与该移动会话相关联的所有IPv4流,但与流量选择器子选项中的流量选择器匹配的IPv4流除外。所有与该移动会话关联并匹配流量选择器的IPv4流都必须通过隧道传输回本地移动锚。
Reserved This field is unused for now. The value MUST be initialized to 0 by the sender and MUST be ignored by the receiver.
保留此字段目前未使用。发送方必须将该值初始化为0,接收方必须忽略该值。
Traffic Selector Sub-option The Traffic Selector sub-option includes the parameters used to match packets for a specific flow binding. This is an optional sub-option when the IPv4 Traffic Selector option is carried in a Proxy Binding Update message but is a mandatory sub-option when the IPv4 Traffic Selector option is carried in a Proxy Binding Acknowledgement message. The format of the Traffic Selector sub-option is defined in Section 4.2.1.4 of [RFC6089]. This sub-option includes a TS Format field, which identifies the format of the flow specification included in that sub-option. The values for that field are defined in Section 3 of [RFC6088] and are repeated here for completeness. When the value of the TS Format field is set to (1), the format that follows is the IPv4 binary traffic selector specified in Section 3.1 of [RFC6088], and that support is mandatory for this specification. The text specified in this section takes precedence over what is specified in [RFC6088] and [RFC6089].
流量选择器子选项流量选择器子选项包括用于匹配特定流绑定的数据包的参数。当代理绑定更新消息中包含IPv4流量选择器选项时,这是一个可选子选项,但当代理绑定确认消息中包含IPv4流量选择器选项时,这是一个强制子选项。[RFC6089]第4.2.1.4节定义了交通选择器子选项的格式。此子选项包括TS格式字段,该字段标识该子选项中包含的流规范的格式。该字段的值在[RFC6088]的第3节中定义,为完整起见,在此重复。当TS Format字段的值设置为(1)时,以下格式为[RFC6088]第3.1节中指定的IPv4二进制流量选择器,该支持对于本规范是强制性的。本节规定的文本优先于[RFC6088]和[RFC6089]中规定的文本。
1: IPv4 binary traffic selector
1:IPv4二进制流量选择器
2: IPv6 binary traffic selector (not used by this specification)
2:IPv6二进制流量选择器(本规范未使用)
o If the mobile access gateway is configured to enable IPv4 traffic offload support, then it includes the IPv4 Traffic Offload Selector option (Section 3.1) in the Proxy Binding Update message that it sends to the local mobility anchor. Optionally, the mobile access gateway can also propose a specific offload policy.
o 如果移动接入网关配置为启用IPv4流量卸载支持,则它在发送给本地移动锚的代理绑定更新消息中包含IPv4流量卸载选择器选项(第3.1节)。可选地,移动接入网关还可以提出特定的卸载策略。
* The mobile access gateway MAY choose not to propose any specific IPv4 traffic offload policy but request the local mobility anchor for the offload policy. In this scenario, the IPv4 Traffic Offload Selector option that is carried in the Proxy Binding Update message does not include the Traffic Selector sub-option (see Section 3.1), and the (M) flag (see Section 3.1) in the option MUST be set to a value of (0). Including the IPv4 Traffic Offload Selector option in the Proxy Binding Update without the Traffic Selector sub-option serves as an indication that the mobile access gateway is not proposing any specific offload policy for that mobility session, but rather it makes a request to the local mobility anchor to provide the offload policy.
* 移动接入网关可以选择不提出任何特定的IPv4流量卸载策略,而是请求本地移动锚以获得卸载策略。在此场景中,代理绑定更新消息中携带的IPv4流量卸载选择器选项不包括流量选择器子选项(请参见第3.1节),并且该选项中的(M)标志(请参见第3.1节)必须设置为(0)值。在代理绑定更新中包括IPv4流量卸载选择器选项,而不包括流量选择器子选项,这表明移动接入网关没有为该移动会话提出任何特定的卸载策略,而是向本地移动锚发出请求以提供卸载策略。
* The mobile access gateway MAY choose to propose a specific IPv4 traffic offload policy by including the Traffic Selector sub-option in the IPv4 Traffic Offload Selector option (see Section 3.1). The specific details on how the mobile access gateway obtains the mobile node's IPv4 traffic offload policy are outside the scope of this document. When this offload policy is included in the Proxy Binding Update message, it serves as a proposal to the local mobility anchor. The local mobility anchor can override with its own offload policy, or it can agree to the proposed policy. The offload policy has to be translated to a set of selectors that can be used to match the mobile node's IP flows, and these selectors have to be carried in the Traffic Selector sub-option. The Traffic Selector sub-option MUST be constructed as specified in Section 4.2.1.4 of [RFC6089]. This sub-option includes a TS Format field, which identifies the format of the flow specification included in the sub-option. The values for that field and the corresponding message format are defined in Section 3.1 of [RFC6088]. Considerations from Section 3.1 apply with respect to setting the Offload Mode (M) flag.
* 移动接入网关可以通过在IPv4流量卸载选择器选项中包含流量选择器子选项来选择提出特定的IPv4流量卸载策略(参见第3.1节)。有关移动访问网关如何获得移动节点的IPv4流量卸载策略的具体详细信息不在本文档的范围内。当此卸载策略包含在代理绑定更新消息中时,它将作为对本地移动锚的建议。本地移动锚可以使用自己的卸载策略覆盖,也可以同意提议的策略。卸载策略必须转换为一组选择器,用于匹配移动节点的IP流,并且这些选择器必须包含在流量选择器子选项中。交通选择器子选项必须按照[RFC6089]第4.2.1.4节的规定构造。此子选项包括TS格式字段,该字段标识子选项中包含的流规范的格式。[RFC6088]第3.1节定义了该字段的值和相应的消息格式。第3.1节中的注意事项适用于卸载模式(M)标志的设置。
o When sending a Proxy Binding Update either for Binding Lifetime Extension or for Binding De-Registration, the mobile access gateway SHOULD copy the IPv4 Traffic Offload Selector option from the initial Proxy Binding Update message. Considerations from Sections 6.9.1.3 and 6.9.1.4 of [RFC5213] MUST be applied.
o 当发送用于绑定生存期延长或绑定注销的代理绑定更新时,移动访问网关应从初始代理绑定更新消息复制IPv4流量卸载选择器选项。必须应用[RFC5213]第6.9.1.3节和第6.9.1.4节中的注意事项。
o If the mobile access gateway is not configured to support IPv4 traffic offload support as specified in this specification, but if the received Proxy Binding Acknowledgement message has the IPv4 Traffic Offload Selector option, then the mobile access gateway MUST ignore the option and process the rest of the message as per [RFC5213].
o 如果移动接入网关未按照本规范的规定配置为支持IPv4流量卸载支持,但如果收到的代理绑定确认消息具有IPv4流量卸载选择器选项,则移动接入网关必须忽略该选项,并按照[RFC5213]处理消息的其余部分。
o If there is no IPv4 Traffic Offload Selector option in the Proxy Binding Acknowledgement message received from the local mobility anchor, it is an indication that the local mobility anchor did not enable IPv4 traffic offload support for that mobility session. Upon accepting the Proxy Binding Acknowledgement message, the mobile access gateway SHOULD NOT enable IPv4 traffic offload support for that mobility session.
o 如果从本地移动锚接收的代理绑定确认消息中没有IPv4流量卸载选择器选项,则表示本地移动锚未为该移动会话启用IPv4流量卸载支持。在接受代理绑定确认消息后,移动访问网关不应为该移动会话启用IPv4流量卸载支持。
o If there is an IPv4 Traffic Offload Selector option in the Proxy Binding Acknowledgement message, then the mobile access gateway SHOULD enable IPv4 traffic offload support for that mobility session. The mobility access gateway has to provision the data plane using the flow selectors present in the Traffic Selector sub-option. The IPv4 flows matching the flow selectors have to be offloaded or tunneled back based to the local mobility anchor based on the value of the Offload Mode (M) flag (see Section 3.1).
o 如果代理绑定确认消息中有IPv4流量卸载选择器选项,则移动访问网关应为该移动会话启用IPv4流量卸载支持。移动接入网关必须使用流量选择器子选项中的流量选择器来提供数据平面。必须根据卸载模式(M)标志的值将与流选择器匹配的IPv4流卸载或通过隧道传输回本地移动锚(见第3.1节)。
o If the received Proxy Binding Update message does not include the IPv4 Traffic Offload Selector option (Section 3.1), then the local mobility anchor MUST NOT enable IPv4 traffic offload support for that mobility session, and the Proxy Binding Acknowledgement message that will be sent in response MUST NOT contain the IPv4 Traffic Offload Selector option.
o 如果收到的代理绑定更新消息不包括IPv4流量卸载选择器选项(第3.1节),则本地移动锚不得为该移动会话启用IPv4流量卸载支持,并且将作为响应发送的代理绑定确认消息不得包含IPv4流量卸载选择器选项。
o If the Proxy Binding Update message includes the IPv4 Traffic Offload Selector option, but the local mobility anchor is not configured to support IPv4 traffic offload support, then the local mobility anchor will ignore the option and process the rest of the message as per [RFC5213]. This would have no effect on the operation of the rest of the protocol.
o 如果代理绑定更新消息包括IPv4流量卸载选择器选项,但本地移动锚未配置为支持IPv4流量卸载支持,则本地移动锚将忽略该选项,并按照[RFC5213]处理消息的其余部分。这对协议其余部分的操作没有影响。
o If the Proxy Binding Update message has the IPv4 Traffic Offload Selector option and if the local mobility anchor is configured to support IPv4 traffic offload support, then the local mobility anchor MUST enable IPv4 traffic offload support for that mobility session. The Proxy Binding Acknowledgement message that will be sent in response MUST include the IPv4 Traffic Offload Selector option. The following considerations apply with respect to constructing the IPv4 Traffic Offload Selector option.
o 如果代理绑定更新消息具有IPv4流量卸载选择器选项,并且如果本地移动锚配置为支持IPv4流量卸载支持,则本地移动锚必须为该移动会话启用IPv4流量卸载支持。将作为响应发送的代理绑定确认消息必须包括IPv4流量卸载选择器选项。以下注意事项适用于构造IPv4流量卸载选择器选项。
* The local mobility anchor can obtain the offload policy from the local configuration store or from a network function such as AAA (Authentication, Authorization, and Accounting) or PCRF (Policy and Charging Rule Function). The offload policy has to be translated to a set of selectors that can be used to match the mobile node's IP flows, and these selectors have to be carried in the Traffic Selector sub-option. The Traffic Selector sub-option MUST be constructed as specified in Section 4.2.1.4 of [RFC6089]. Considerations from Section 3.1 apply with respect to the Offload Mode (M) flag setting.
* 本地移动锚可从本地配置存储或从诸如AAA(认证、授权和计费)或PCRF(策略和计费规则功能)等网络功能获得卸载策略。卸载策略必须转换为一组选择器,用于匹配移动节点的IP流,并且这些选择器必须包含在流量选择器子选项中。交通选择器子选项必须按照[RFC6089]第4.2.1.4节的规定构造。第3.1节中的注意事项适用于卸载模式(M)标志设置。
* If the Proxy Binding Update message includes a specific IPv4 traffic offload policy proposal in the form of the Traffic Selector sub-option [RFC6089], then the local mobility anchor MAY choose to agree to that request by including the same IPv4 traffic offload policy in the Proxy Binding Acknowledgement message. This implies the local mobility anchor has agreed to the IPv4 traffic offload policy provided by the mobile access gateway. The local mobility anchor MAY also choose to override the request by including a different IPv4 traffic offload policy that it wants the mobile access gateway to enforce for that mobility session. This is entirely based on the policy configuration on the local mobility anchor.
* 如果代理绑定更新消息包括以流量选择器子选项[RFC6089]的形式的特定IPv4流量卸载策略建议,则本地移动锚可以选择通过在代理绑定确认消息中包括相同的IPv4流量卸载策略来同意该请求。这意味着本地移动锚已同意移动接入网关提供的IPv4流量卸载策略。本地移动锚还可以选择通过包括它希望移动接入网关为该移动会话强制实施的不同IPv4流量卸载策略来覆盖该请求。这完全基于本地移动锚上的策略配置。
* The IPv4 traffic offload policy that is sent to the mobile access gateway has to be specific to the mobility session identified using the Mobile Node Identifier option [RFC5213]. The offload policy MUST be specific to a mobile node's application traffic. The traffic selectors have to match only the mobile node's application traffic and MUST NOT match any other mobile node's IP traffic. Furthermore, control-plane traffic such as DHCP, Neighbor Discovery (ND), or any other IP traffic that is used for IP address configuration, mobility management, or other control-plane functions MUST NOT be subject to offload.
* 发送到移动接入网关的IPv4流量卸载策略必须特定于使用移动节点标识符选项[RFC5213]标识的移动会话。卸载策略必须特定于移动节点的应用程序流量。流量选择器必须仅匹配移动节点的应用程序流量,并且不得匹配任何其他移动节点的IP流量。此外,控制平面流量,如DHCP、邻居发现(ND)或用于IP地址配置、移动性管理或其他控制平面功能的任何其他IP流量,不得进行卸载。
* The local mobility anchor MUST NOT make any changes to the mobile node's offload policy during the middle of a mobility session, as long as the mobile node continues to attach to the mobile access gateway that negotiated the offload policy. However, when the mobile node performs an inter-MAG handover, the new mobile access gateway may not be capable of supporting IP Traffic offload and in this scenario, the offload policy may change. Therefore, the IPv4 Traffic Selector option with the Traffic Selector sub-option that is delivered during the initial mobility signaling MUST be the same as the one that is delivered as part of the mobility signaling related to lifetime extension from the same mobile access gateway.
* 只要移动节点继续连接到协商卸载策略的移动接入网关,本地移动锚就不能在移动会话的中间对移动节点的卸载策略进行任何更改。然而,当移动节点执行MAG间切换时,新的移动接入网关可能无法支持IP业务卸载,并且在这种情况下,卸载策略可能会改变。因此,在初始移动性信令期间交付的具有话务选择器子选项的IPv4话务选择器选项必须与作为与来自同一移动接入网关的寿命延长相关的移动性信令的一部分交付的选项相同。
This specification defines the following configuration variable that controls the IPv4 traffic offload support feature. This configuration variable is internal to the system and has no bearing on interoperability across different implementations.
此规范定义了以下配置变量,用于控制IPv4流量卸载支持功能。此配置变量是系统内部变量,与不同实现之间的互操作性无关。
The mobility entities, local mobility anchor, and the mobile access gateway have to allow these variables to be configured by the system management. The configured values for these protocol variables have to survive server reboots and service restarts.
移动实体、本地移动锚和移动接入网关必须允许系统管理层配置这些变量。这些协议变量的配置值必须在服务器重新启动和服务重新启动后仍然有效。
EnableIPv4TrafficOffloadSupport
启用IPV4流量卸载支持
This flag indicates whether or not IPv4 traffic offload support needs to be enabled. This configuration variable is available at both the mobile access gateway and the local mobility anchor. The default value for this flag is set to (0), indicating that IPv4 traffic offload support is disabled.
此标志指示是否需要启用IPv4流量卸载支持。此配置变量在移动接入网关和本地移动锚都可用。此标志的默认值设置为(0),表示已禁用IPv4流量卸载支持。
When this flag on the mobile access gateway is set to a value of (1), the mobile access gateway has to enable IPv4 traffic offload support for all mobility sessions, by specifically requesting the IPv4 traffic offload policy from the local mobility anchor by including the IPv4 Traffic Offload Selector option in the Proxy Binding Update message. If the flag is set to a value of (0), the mobile access gateway has to disable IPv4 traffic offload support for all mobility sessions.
当移动接入网关上的此标志设置为值(1)时,移动接入网关必须通过在代理绑定更新消息中包括IPv4流量卸载选择器选项,从本地移动锚明确请求IPv4流量卸载策略,从而为所有移动会话启用IPv4流量卸载支持。如果该标志设置为值(0),则移动访问网关必须禁用所有移动会话的IPv4流量卸载支持。
Similarly, when this flag on the local mobility anchor is set to a value of (1), the local mobility anchor has to enable IPv4 traffic offload support. If the local mobility anchor chooses to enable IPv4 traffic offload support when there is an offload policy specified for a mobile node, it has to deliver the IPv4 traffic offload policy to the mobile access gateway by including the IPv4 Traffic Offload Selector option in the Proxy Binding Acknowledgement message.
类似地,当本地移动锚上的该标志设置为值(1)时,本地移动锚必须启用IPv4流量卸载支持。如果本地移动锚在为移动节点指定卸载策略时选择启用IPv4流量卸载支持,则它必须通过在代理绑定确认消息中包括IPv4流量卸载选择器选项,将IPv4流量卸载策略传递给移动接入网关。
Per this specification, IANA has assigned a new mobility option: the IPv4 Traffic Offload Selector option (53). This option is described in Section 3.1. The Type value for this option has been assigned from the same numbering space as allocated for the other mobility options [RFC6275].
根据该规范,IANA分配了一个新的移动性选项:IPv4流量卸载选择器选项(53)。第3.1节介绍了该选项。此选项的类型值已从分配给其他移动选项的相同编号空间分配[RFC6275]。
The IPv4 Traffic Offload Selector option defined in this specification is for use in Proxy Binding Update and Proxy Binding Acknowledgement messages. This option is carried like any other mobility header option as specified in [RFC5213]. Therefore, it inherits from [RFC5213] its security guidelines and does not require any additional security considerations. Carrying IPv4 traffic offload selectors does not introduce any new security vulnerabilities.
本规范中定义的IPv4流量卸载选择器选项用于代理绑定更新和代理绑定确认消息。该选项与[RFC5213]中规定的任何其他移动报头选项相同。因此,它继承了[RFC5213]的安全准则,不需要任何额外的安全考虑。携带IPv4流量卸载选择器不会引入任何新的安全漏洞。
When IPv4 traffic offload support is enabled for a mobile node, the mobile access gateway selectively offloads some of the mobile node's IPv4 traffic flows to the access network. Typically, these offloaded flows get NAT translated, which essentially introduces certain vulnerabilities that are common to any NAT deployment. These vulnerabilities and the related considerations have been well documented in the NAT specification [RFC2663]. There are no additional considerations above and beyond what has already been documented by the NAT specifications and that are unique to the approach specified in this document.
当为移动节点启用IPv4流量卸载支持时,移动接入网关选择性地将移动节点的一些IPv4流量卸载到接入网络。通常,这些卸载流会转换NAT,这本质上会引入某些NAT部署中常见的漏洞。NAT规范[RFC2663]中详细记录了这些漏洞和相关注意事项。除NAT规范已记录的内容外,本文件中规定的方法没有其他独特的注意事项。
The mobile node's home network may be equipped with firewall and other security devices to guard against any security threats. When IPv4 traffic offload support is enabled, it potentially exposes the mobile node to some security risks in the access network. This threat can be mitigated by deploying the security features both in the access network and in the home network.
移动节点的家庭网络可以配备防火墙和其他安全设备,以防范任何安全威胁。启用IPv4流量卸载支持后,移动节点可能会面临接入网络中的某些安全风险。通过在接入网络和家庭网络中部署安全功能,可以缓解这种威胁。
When IPv4 traffic offload support is enabled for a mobile node, some of the IP flows are sent through the home network, and some other IP flows are routed through the access network. This potentially introduces some complexity with respect to enabling diagnostics or monitoring on the user traffic. The tools that are used for such diagnostics have to be aware of the offload policy that in enabled in the network.
当为移动节点启用IPv4流量卸载支持时,一些IP流通过家庭网络发送,一些其他IP流通过接入网络路由。这可能会在启用对用户流量的诊断或监控方面引入一些复杂性。用于此类诊断的工具必须了解网络中启用的卸载策略。
The authors would like to thank Ahmad Muhanna, Basavaraj Patil, Carlos Bernardos, Eric Voit, Frank Brockners, Hidetoshi Yokota, Marco Liebsch, Mark Grayson, Pierrick Seite, Ryuji Wakikawa, Steve Wood, Barry Leiba, Sean Turner, Pete Resnick, Wesley Eddy, Mary Barnes, Vincent Roca, Ralph Droms, Scott Bradner, Stephen Farrell, Adrian Farrel, Benoit Claise, and Brian Haberman for all the reviews and discussions related to the topic of IPv4 traffic offload.
作者要感谢艾哈迈德·穆哈纳、巴萨瓦拉吉·帕蒂尔、卡洛斯·贝尔纳多斯、埃里克·沃伊特、弗兰克·布罗克内斯、横田英寿、马可·利布希、马克·格雷森、皮埃里克·塞特、琉球川、史蒂夫·伍德、巴里·莱巴、肖恩·特纳、皮特·雷斯尼克、韦斯利·艾迪、玛丽·巴恩斯、文森特·罗卡、拉尔夫·德罗斯、斯科特·布拉德纳、斯蒂芬·法雷尔、阿德里安·法雷尔、,Benoit Claise和Brian Haberman参与了与IPv4流量卸载主题相关的所有审查和讨论。
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2119]Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,1997年3月。
[RFC5213] Gundavelli, S., Leung, K., Devarapalli, V., Chowdhury, K., and B. Patil, "Proxy Mobile IPv6", RFC 5213, August 2008.
[RFC5213]Gundavelli,S.,Leung,K.,Devarapalli,V.,Chowdhury,K.,和B.Patil,“代理移动IPv6”,RFC 5213,2008年8月。
[RFC5844] Wakikawa, R. and S. Gundavelli, "IPv4 Support for Proxy Mobile IPv6", RFC 5844, May 2010.
[RFC5844]Wakikawa,R.和S.Gundavelli,“代理移动IPv6的IPv4支持”,RFC 5844,2010年5月。
[RFC6088] Tsirtsis, G., Giarreta, G., Soliman, H., and N. Montavont, "Traffic Selectors for Flow Bindings", RFC 6088, January 2011.
[RFC6088]Tsirtsis,G.,Giarreta,G.,Soliman,H.,和N.Montavont,“流绑定的流量选择器”,RFC 6088,2011年1月。
[RFC6089] Tsirtsis, G., Soliman, H., Montavont, N., Giaretta, G., and K. Kuladinithi, "Flow Bindings in Mobile IPv6 and Network Mobility (NEMO) Basic Support", RFC 6089, January 2011.
[RFC6089]Tsirtsis,G.,Soliman,H.,Montavont,N.,Giaretta,G.,和K.Kuladinhi,“移动IPv6和网络移动(NEMO)基本支持中的流绑定”,RFC 60892011年1月。
[RFC6275] Perkins, C., Johnson, D., and J. Arkko, "Mobility Support in IPv6", RFC 6275, July 2011.
[RFC6275]Perkins,C.,Johnson,D.,和J.Arkko,“IPv6中的移动支持”,RFC 62752011年7月。
[RFC2663] Srisuresh, P. and M. Holdrege, "IP Network Address Translator (NAT) Terminology and Considerations", RFC 2663, August 1999.
[RFC2663]Srisuresh,P.和M.Holdrege,“IP网络地址转换器(NAT)术语和注意事项”,RFC 2663,1999年8月。
[RFC5101] Claise, B., "Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of IP Traffic Flow Information", RFC 5101, January 2008.
[RFC5101]Claise,B.,“用于交换IP流量信息的IP流量信息导出(IPFIX)协议规范”,RFC 5101,2008年1月。
[TS23402] 3GPP, "Architecture enhancements for non-3GPP accesses", 2010.
[TS23402]3GPP,“非3GPP接入的架构增强”,2010年。
Authors' Addresses
作者地址
Sri Gundavelli (editor) Cisco 170 West Tasman Drive San Jose, CA 95134 USA
Sri Gundavelli(编辑)思科170西塔斯曼大道圣何塞,加利福尼亚州95134
EMail: sgundave@cisco.com
EMail: sgundave@cisco.com
Xingyue Zhou ZTE Corporation No.68 Zijinghua Rd Nanjing China
中国南京紫荆华路68号星月周中兴通讯股份有限公司
EMail: zhou.xingyue@zte.com.cn
EMail: zhou.xingyue@zte.com.cn
Jouni Korhonen Renesas Mobile Porkkalankatu 24 Helsinki FIN-00180 Finland
Jouni Korhonen Renesas Mobile Porkkalankatu 24赫尔辛基FIN-00180芬兰
EMail: jouni.nospam@gmail.com
EMail: jouni.nospam@gmail.com
Gaetan Feige Cisco France
法国思科公司
EMail: gfeige@cisco.com
EMail: gfeige@cisco.com
Rajeev Koodli Cisco 3650 Cisco Way San Jose, CA 95134 USA
美国加利福尼亚州圣何塞市思科路3650号,邮编95134
EMail: rkoodli@cisco.com
EMail: rkoodli@cisco.com