PCP Deployment Models
draft-boucadair-pcp-deployment-cases-00
The information below is for an old version of the document.
| Document | Type |
This is an older version of an Internet-Draft whose latest revision state is "Expired".
|
|
|---|---|---|---|
| Author | Mohamed Boucadair | ||
| Last updated | 2013-08-19 | ||
| RFC stream | (None) | ||
| Formats | |||
| Stream | Stream state | (No stream defined) | |
| Consensus boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | I-D Exists | |
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
draft-boucadair-pcp-deployment-cases-00
PCP Working Group M. Boucadair
Internet-Draft France Telecom
Intended status: Informational August 19, 2013
Expires: February 20, 2014
PCP Deployment Models
draft-boucadair-pcp-deployment-cases-00
Abstract
This document lists a set of PCP deployment models.
Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119].
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on February 20, 2014.
Copyright Notice
Copyright (c) 2013 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
Boucadair Expires February 20, 2014 [Page 1]
Internet-Draft PCP Deployment Cases August 2013
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 2
3. Single Homed CPE Model: Local PCP Server . . . . . . . . . . 2
4. Single Homed CPE Model: Multiple PCP Servers . . . . . . . . 3
5. Hide PCP Servers Model . . . . . . . . . . . . . . . . . . . 4
5.1. PCP Proxy Model . . . . . . . . . . . . . . . . . . . . . 4
5.2. HTTP-Triggered PCP Client Model . . . . . . . . . . . . . 5
6. Separated PCP Server & PCP-controlled Device Model . . . . . 6
7. Cascaded PCP-controlled Nodes Model . . . . . . . . . . . . . 6
7.1. Single Homed CPE Model: PCP Proxy Model . . . . . . . . . 7
7.2. UPnP IGD-PCP Interworking Model . . . . . . . . . . . . . 8
8. Multi-Homed CPE Model: One Single PCP Server . . . . . . . . 9
9. Multi-Homed CPE Model: Multiple PCP Servers . . . . . . . . . 10
10. Security Considerations . . . . . . . . . . . . . . . . . . . 10
11. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10
12. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 10
13. References . . . . . . . . . . . . . . . . . . . . . . . . . 11
13.1. Normative References . . . . . . . . . . . . . . . . . . 11
13.2. Informative References . . . . . . . . . . . . . . . . . 11
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 11
1. Introduction
This document lists a set of PCP [RFC6887] deployment models.
2. Terminology
This document makes use of the following terms:
o PCP server denotes a functional element that receives and
processes PCP requests from a PCP client. A PCP server can be co-
located with or be separated from the function (e.g., NAT,
Firewall) it controls. Refer to [RFC6887].
o PCP client denotes a PCP software instance responsible for issuing
PCP requests to a PCP server. Refer to [RFC6887].
3. Single Homed CPE Model: Local PCP Server
This model assumes PCP is enabled in the LAN side to control
functions located in the CPE. The PCP server is reachable with the
IP address of the private-faced interface.
Boucadair Expires February 20, 2014 [Page 2]
Internet-Draft PCP Deployment Cases August 2013
+-------------+
| PCP |
| Client |----+ ,-----------.
+-------------+ | +------------+ ,' `--.
+---| CPE | / :
| PCP Server |_______; ISP |
+---| NAT+FW+.. | : |
+-------------+ | +------------+ \ |
| PCP |----+ -------------------.
| Client |
+-------------+
4. Single Homed CPE Model: Multiple PCP Servers
This model assumes a customer site is connected to the same ISP's
network. One or multiple PCP servers are deployed in the ISP's
domain; each of them manage distinct set of functions. In example
shown in the following figure:
o NAT64 device are used to interwork with IPv4-only devices.
o NPTv6 function is used for engineering motivation internal to the
ISP.
+-------------+
| PCP |
| Client |----+ ,-----------.
+-------------+ | +------------+ ,' ISP `--.
+---| CPE | / :
| |________; NAT64 |
+---| | : |
+-------------+ | +------------+ \ NPTv6 |
| PCP |----+ ----------------.
| Client |
+-------------+
Internal PCP client must discover both the external IPv4 address and
port numbers assigned by the NAT64 and the external IPv6 address
assigned by the NPTv6. These external addresses are used for example
in referrals to indicate to remote peers both the IPv4 address and
IPv6 address to reach an internal server deployed in an IPv6-only
domain.
Boucadair Expires February 20, 2014 [Page 3]
Internet-Draft PCP Deployment Cases August 2013
The use of anycast-based addressing model is not recommended for this
deployment case because two state entries are to be created in both
NAT64 and NPTv6.
The use of NAT64 and NPTv6 is for illustration purposes; other
functions can be enabled.
5. Hide PCP Servers Model
5.1. PCP Proxy Model
In order to hide PCP servers deployed within an administrative
domain, an administrative entity may decide to deploy in front of PCP
clients PCP Proxies that are responsible for relaying PCP requests to
appropriate PCP servers:
o In order to prevent single failure scenarios, multiple PCP proxies
can be hosted within an administrative domain.
o A PCP Proxy can be configured with one or multiple servers.
o Multiple PCP Proxies can be enabled; each of them manages a set of
PCP servers.
o A PCP Proxy can be configured with the logic indicating how it
should proceed to contact upstream PCP servers.
o Internal PCP clients are configured with the IP address(es) of the
appropriate PCP proxy.
* If all PCP Proxies interact with the same PCP Server(s), the
same IP address can be provisioned to PCP clients.
* If PCP Proxies do not interact with the same set of PCP
Server(s), appropriate IP address(es) are to be returned to
each requesting PCP Client.
Boucadair Expires February 20, 2014 [Page 4]
Internet-Draft PCP Deployment Cases August 2013
+------------------------------------+
| Administrative Domain |
+----------+ | +-------------------+ |
|PCP Client|---|----| PCP Proxy | |
+----------+ | +-------------------+ |
| | | |
| | | |
| +------+------+ +-+------------+ |
| | PCP Server | | PCP Server | |
| +-------------+ +--------------+ |
+------------------------------------+
5.2. HTTP-Triggered PCP Client Model
Another deployment model to hide deployed PCP servers is to relay on
HTTP to interact with the PCP service. This model can also be used
by operators to accommodate cases where the PCP client is not
available at the customer side.
The deployment model relies on the following:
o An HTTP administration based interface is provided to the user to
create flow-bases forwarding rules.
o The HTTP GUI can be part of a CPE management interface or be
provided as part of the customer care portal.
o HTTP requests are translated into appropriate PCP servers in order
to install the requested state. The HTTP server embeds also a PCP
client.
o The PCP client uses THIRD_PARTY option.
o The PCP Client should be configured with PCP server that controls
the on-path PCP-controlled device for that user.
o One or multiple PCP Servers can be deployed.
o The use of a well-known address to reach internal PCP servers may
not be convenient if all PCP server do not manage the same set of
states.
+------------------------------------+
| Administrative Domain |
+----------+ | +----------------------+ |
| Host |---|----|HTTP Server+PCP Client| |
+----------+ | +----------------------+ |
Boucadair Expires February 20, 2014 [Page 5]
Internet-Draft PCP Deployment Cases August 2013
| | | |
| | | |
| +------+------+ +-+------------+ |
| | PCP Server | | PCP Server | |
| +-------------+ +--------------+ |
+------------------------------------+
6. Separated PCP Server & PCP-controlled Device Model
This model assumes the PCP server is not co-located with the PCP-
controlled device. Moreover:
o In order to prevent single failure scenarios, multiple PCP servers
can be hosted within an administrative domain.
o A PCP server can be control one or many PCP-controlled devices.
o Multiple PCP servers can be enabled; each of them manages a set of
PCP-controlled devices.
o Internal PCP clients are configured with the IP address(es) of the
appropriate PCP server.
* If all PCP servers interact with the same PCP-controlled
devices., the same IP address can be provisioned to PCP
clients.
* If PCP servers do not interact with the same set of PCP-
controlled devices, appropriate IP address(es) are to be
returned to each requesting PCP Client.
Note, PCP is not used as interface between the PCP server and the
PCP-controlled device. Other protocols (e.g., H.248) can be used for
that purpose.
7. Cascaded PCP-controlled Nodes Model
This model assumes cascaded PCP-controlled devices are deployed. A
typical example is provided below.
,-----------.
PCP Server ,' `--.
+-------+ +------+ +----------+ / :
|PCP |____|Home |______|ISP CPE |________; Public |
|Client | |Router| |NAT Router| : Internet |
+-------+ +------+ +----------+ \ |
\ ;
Boucadair Expires February 20, 2014 [Page 6]
Internet-Draft PCP Deployment Cases August 2013
`------. ,-'
`-----'
,-----------.
PCP Server ,' `--.
+-------+ +------+ +-------+ / :
|PCP |____|CPE |______|CGN/FW |___________; Public |
|Client | | | | | : Internet |
+-------+ +------+ +-------+ \ |
\ ;
`------. ,-'
`-----'
,-----------.
PCP Proxy PCP Server ,' `--.
+-------+ +------+ +-------+ / :
|PCP |____|CPE |_______________|CGN/FW |__; Public |
|Client | | | | | : Internet |
+-------+ +------+ +-------+ \ |
\ ;
`------. ,-'
`-----'
,-----------.
PCP Server PCP Server ,' `--.
+-------+ +------+ +-------+ / :
|PCP |____|CPE |_______________|CGN/FW |__; Public |
|Client | | | | | : Internet |
+-------+ +------+ +-------+ \ |
\ ;
`------. ,-'
`-----'
This model requires a PCP Proxy function [I-D.ietf-pcp-proxy] be
deployed in intermediate PCP-controlled devices:
o The PCP client is not aware of the presence of more than one level
of PCP servers.
o Each intermediate PCP proxy must contact the appropriate next hop
PCP server.
o Because of the statefull nature of PCP, anycast-based addressing
model may not be appropriate when the PCP Server is co-located
with the PCP-controlled device.
7.1. Single Homed CPE Model: PCP Proxy Model
This model assumes no PCP-controlled function is located in the CPE
(e.g., DS-Lite case). The ultimate PCP server is located in ISP
Boucadair Expires February 20, 2014 [Page 7]
Internet-Draft PCP Deployment Cases August 2013
side. The PCP server can be deduced from other provisioning
parameters (e.g., use the IP address of the AFTR as PCP server);
otherwise the IP address (s) must be discovered by other means.
The use of an anycast-based model may not be convenient in some cases
(e.g., multiple PCP-controlled devices are deployed; each of them
manage a subset of services and state).
+-------------+
| Host |
| |----+ ,-----------.
+-------------+ | +------------+ ,' `--.
+---| CPE | / ISP :
| PCP Proxy |_____; PCP Server 1 |
+---| PCP Client | : PCP Server i |
+-------------+ | +------------+ \ |
| PCP |----+ -------------------.
| Client |
+-------------+
7.2. UPnP IGD-PCP Interworking Model
This model is specified in [RFC6970]. The interworking function must
be provisioned with the IP address(es) of remote PCP server(s).
(a)
+-------------+
| IGD Control |
| Point |----+
+-------------+ | +-----+ +--------+ +------+
+---| IGD-| |Provider| |Remote|
| PCP |--| NAT |--<Internet>---| Host |
+---| IWF | | | | |
+-------------+ | +-----+ +--------+ +------+
| Local Host |----+
+-------------+
LAN Side External Side
<======UPnP IGD==============><=====PCP=====>
(b)
+-------------+
| IGD Control |
| Point |----+
+-------------+ | +-----+ +--------+ +------+
+---| IGD-| |Provider| |Remote|
| PCP |--| NAT |--<Internet>---| Host |
Boucadair Expires February 20, 2014 [Page 8]
Internet-Draft PCP Deployment Cases August 2013
+---| IWF | | | | |
+-------------+ | +-----+ +--------+ +------+
| Local Host |----+ NAT1 NAT2
+-------------+
8. Multi-Homed CPE Model: One Single PCP Server
A typical example of this model is shown in the following figure:
====================
| Internet |
=====================
| |
| |
+----+--------+ +-+------------+
| ISP1 | | ISP2 |
| | | |
+----+--------+ +-+------------+
| |
| |
..............................................................
| |
| Port1 | Port2 Subscriber Network
| |
+----------------------+
| NAT & PCP servers |
| GW Router |
+----+-----------------+
|
|
|
-----+--------------
|
+-+-----+
| Hosts | (private address space)
+-------+
Internal PCP clients can interact with one single PCP servers.
Boucadair Expires February 20, 2014 [Page 9]
Internet-Draft PCP Deployment Cases August 2013
9. Multi-Homed CPE Model: Multiple PCP Servers
A typical example of this model is shown in the following figure:
==================
| Internet |
==================
| |
| |
+----+-+ +-+----+
| ISP1 | | ISP2 |
+----+-+ +-+----+
| |
.........................................................
| |
| | Subscriber Network
+-------+---+ +----+------+
| rtr1 with | | rtr2 with |
| FW1 | | FW2 |
+-------+---+ +----+------+
| |
| |
| |
-------+----------+------
|
+-+-----+
| Hosts |
+-------+
The PCP client must interact with all PCP servers; otherwise
complications arise to communicate with remote peers. The use of
anycast-based model will induce failures in communicating with
external peers (e.g., incoming packets will be dropped by one of the
firewalls).
10. Security Considerations
PCP-related security considerations are discussed in [RFC6887].
11. IANA Considerations
This document does not require any action from IANA.
12. Acknowledgements
TBC.
Boucadair Expires February 20, 2014 [Page 10]
Internet-Draft PCP Deployment Cases August 2013
13. References
13.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC6887] Wing, D., Cheshire, S., Boucadair, M., Penno, R., and P.
Selkirk, "Port Control Protocol (PCP)", RFC 6887, April
2013.
13.2. Informative References
[I-D.ietf-pcp-proxy]
Boucadair, M., Penno, R., and D. Wing, "Port Control
Protocol (PCP) Proxy Function", draft-ietf-pcp-proxy-04
(work in progress), July 2013.
[RFC6970] Boucadair, M., Penno, R., and D. Wing, "Universal Plug and
Play (UPnP) Internet Gateway Device - Port Control
Protocol Interworking Function (IGD-PCP IWF)", RFC 6970,
July 2013.
Author's Address
Mohamed Boucadair
France Telecom
Rennes 35000
France
Email: mohamed.boucadair@orange.com
Boucadair Expires February 20, 2014 [Page 11]