PCP Flow Examples
draft-boucadair-pcp-flow-examples-02
The information below is for an old version of the document.
| Document | Type | Active Internet-Draft (individual) | |
|---|---|---|---|
| Author | Mohamed Boucadair | ||
| Last updated | 2013-06-10 | ||
| Stream | (None) | ||
| Formats | plain text xml htmlized pdfized bibtex | ||
| Stream | Stream state | (No stream defined) | |
| Consensus boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | I-D Exists | |
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
draft-boucadair-pcp-flow-examples-02
PCP WG M. Boucadair
Internet-Draft France Telecom
Intended status: Informational June 10, 2013
Expires: December 12, 2013
PCP Flow Examples
draft-boucadair-pcp-flow-examples-02
Abstract
This document provides a set of examples to illustrate PCP
operations. It is a companion document to the base PCP
specification.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on December 12, 2013.
Copyright Notice
Copyright (c) 2013 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Boucadair Expires December 12, 2013 [Page 1]
Internet-Draft PCP Flow Examples June 2013
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Basic MAP Operations . . . . . . . . . . . . . . . . . . . . 3
2.1. Suggested External Port Honored by the PCP Server . . . . 3
2.2. IPv6-enabled PCP Client . . . . . . . . . . . . . . . . . 4
2.3. Remove an Existing Mapping . . . . . . . . . . . . . . . 5
2.4. Suggested External Port Not Honored by the PCP Server . . 6
2.5. Suggested External IP Address . . . . . . . . . . . . . . 7
2.6. Create Mapping with Distinct External IP Addresses . . . 8
2.7. Mapping Nonce Doesn't Match . . . . . . . . . . . . . . . 9
2.8. PREFER_FAILURE Option: Requested Port is Honored . . . . 10
2.9. PREFER_FAILURE Option: Requested Port is not Honored . . 11
2.10. Negative Impact of PREFER_FAILURE Option . . . . . . . . 12
2.11. Existing Implicit Mapping . . . . . . . . . . . . . . . . 13
2.12. Shortening a Mapping Lifetime in the Presence of Client-
Originated Traffic . . . . . . . . . . . . . . . . . . . 15
2.13. Create a Mapping for All Incoming Traffic of a Given
Protocol . . . . . . . . . . . . . . . . . . . . . . . . 15
2.14. Create a Mapping for All Protocols . . . . . . . . . . . 16
2.15. Malformed Request . . . . . . . . . . . . . . . . . . . . 16
2.16. Exceeded Port Quota . . . . . . . . . . . . . . . . . . . 17
2.17. Unsupported Protocol . . . . . . . . . . . . . . . . . . 18
2.18. Unsolicited MAP Response . . . . . . . . . . . . . . . . 18
2.19. Mapping Repair . . . . . . . . . . . . . . . . . . . . . 19
3. NAT Detect Example . . . . . . . . . . . . . . . . . . . . . 20
4. Retrieve the External IP Address . . . . . . . . . . . . . . 21
5. THIRD_PARTY Examples . . . . . . . . . . . . . . . . . . . . 22
5.1. THIRD_PARTY Enabled at the Server Side . . . . . . . . . 22
5.2. THIRD_PARTY Disabled at the Server Side . . . . . . . . . 23
5.3. Malformed Request . . . . . . . . . . . . . . . . . . . . 23
6. MAP with FILTER Examples . . . . . . . . . . . . . . . . . . 24
6.1. Basic Filter Usage . . . . . . . . . . . . . . . . . . . 24
6.2. Remove All Filters . . . . . . . . . . . . . . . . . . . 25
6.3. Change an Existing Filter . . . . . . . . . . . . . . . . 26
7. Assess the Reachability of the PCP Server . . . . . . . . . . 26
8. PEER Operations . . . . . . . . . . . . . . . . . . . . . . . 27
8.1. No Mapping Exists for the Internal Port Number . . . . . 28
8.2. A Mapping Exists for the External Port Number . . . . . . 28
8.3. External IP Address Cannot be Honored . . . . . . . . . . 29
8.4. Extend the Lifetime . . . . . . . . . . . . . . . . . . . 30
8.5. Learn the Lifetime of a Mapping . . . . . . . . . . . . . 31
9. Version Negotiation . . . . . . . . . . . . . . . . . . . . . 32
10. Security Considerations . . . . . . . . . . . . . . . . . . . 32
11. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 32
12. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 32
13. Normative References . . . . . . . . . . . . . . . . . . . . 32
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 33
Boucadair Expires December 12, 2013 [Page 2]
Internet-Draft PCP Flow Examples June 2013
1. Introduction
As a companion document to [RFC6887], this document provides examples
to help understanding the PCP machinery and exchanged PCP messages in
various usage contexts.
For more details about PCP protocol specification, the reader is
invited to refer to [RFC6887].
Examples included in this document make use of the IPv4 and IPv6
address blocks for documentation purposes defined in [RFC5737] and
[RFC3849].
2. Basic MAP Operations
The following figure illustrates the messages which are exchanged to
create a mapping in a PCP-controlled device with MAP OpCode.
+------+ +------+
| PCP | | PCP |
|Client| |Server|
+------+ +------+
| (1) PCP MAP Request |
|--------------------------------->|
| (2) PCP MAP Response |
|<---------------------------------|
| |
Figure 1: Example of creating a mapping
The following sub-sections provide several examples depending on the
content of the MAP request and the decision of the PCP Server.
2.1. Suggested External Port Honored by the PCP Server
This example illustrates the content of exchanged PCP messages when
the PCP Client does not include any PCP Option in its request. In
this example, the PCP Server assigns the suggested port number. In
reference to Figure 1, the content of exchanged PCP messages is as
follows:
Version: 2
R bit: Request (0)
Opcode: MAP (0x01)
Requested Lifetime: 36000 sec
PCP Client's IP Address: ::ffff:198.51.100.1
MAP Request:
Boucadair Expires December 12, 2013 [Page 3]
Internet-Draft PCP Flow Examples June 2013
Mapping Nonce: 15685
Protocol: UDP (17)
Internal Port: 3938
Suggested External Port: 3938
Suggested External IP Address: ::ffff:0.0.0.0
Figure 2: MAP request (suggested External Port Honored by the PCP
Server)
Version: 2
R bit: Response (1)
Opcode: MAP (0x01)
Result Code: 0
Lifetime: 20000 sec
Epoch Time: 1250
MAP Response:
Mapping Nonce: 15685
Protocol: UDP (17)
Internal Port: 3938
Assigned External Port: 3938
Assigned External IP Address: ::ffff:192.0.2.1
Figure 3: MAP Response (suggested External Port Honored by the PCP
Server)
2.2. IPv6-enabled PCP Client
This example illustrates the content of exchanged PCP messages when
the PCP Client is assigned with an IPv6 address but the remote server
controls a NAT44 device. In reference to Figure 1, the content of
exchanged PCP messages is as follows:
Version: 2
R bit: Request (0)
Opcode: MAP (0x01)
Requested Lifetime: 36000 sec
PCP Client's IP Address: 2001:db8:0:0:1::1
MAP Request:
Mapping Nonce: 15685
Protocol: UDP (17)
Internal Port: 3938
Suggested External Port: 3938
Suggested External IP Address: ::ffff:0.0.0.0
Figure 4: MAP request (suggested External Port Honored by the PCP
Server)
Boucadair Expires December 12, 2013 [Page 4]
Internet-Draft PCP Flow Examples June 2013
Version: 2
R bit: Response (1)
Opcode: MAP (0x01)
Result Code: 0
Lifetime: 20000 sec
Epoch Time: 1250
MAP Response:
Mapping Nonce: 15685
Protocol: UDP (17)
Internal Port: 3938
Assigned External Port: 3938
Assigned External IP Address: ::ffff:192.0.2.1
Figure 5: MAP Response (suggested External Port Honored by the PCP
Server)
2.3. Remove an Existing Mapping
This example illustrates the content of exchanged PCP messages when
the PCP Client request the removal of an existing mapping.
Version: 2
R bit: Request (0)
Opcode: MAP (0x01)
Requested Lifetime: 0 sec
PCP Client's IP Address: ::ffff:198.51.100.1
MAP Request:
Mapping Nonce: 15685
Protocol: UDP (17)
Internal Port: 3938
Suggested External Port: 3938
Assigned External IP Address: ::ffff:192.0.2.1
Figure 6: MAP request (Remove an Existing Mapping)
Boucadair Expires December 12, 2013 [Page 5]
Internet-Draft PCP Flow Examples June 2013
Version: 2
R bit: Response (1)
Opcode: MAP (0x01)
Result Code: 0
Lifetime: 0 sec
Epoch Time: 1250
MAP Response:
Mapping Nonce: 15685
Protocol: UDP (17)
Internal Port: 3938
Assigned External Port: 3938
Assigned External IP Address: ::ffff:192.0.2.1
Figure 7: MAP Response (Remove an Existing Mapping)
2.4. Suggested External Port Not Honored by the PCP Server
This example illustrates the content of exchanged PCP messages when
the PCP Client does not include any PCP Option in its request. In
this example, the PCP Server does not assign the suggested external
port number. In reference to Figure 1, the content of exchanged PCP
messages is as follows:
Version: 2
R bit: Request (0)
Opcode: MAP (0x01)
Requested Lifetime: 36000 sec
PCP Client's IP Address: ::ffff:198.51.100.1
MAP Request:
Mapping Nonce: 15685
Protocol: UDP (17)
Internal Port: 11000
Suggested External Port: 11000
Suggested External IP Address: ::ffff:0.0.0.0
Figure 8: MAP request (Suggested External Port Not Honored by the PCP
Server)
Version: 2
R bit: Response (1)
Opcode: MAP (0x01)
Result Code: 0
Lifetime: 20000 sec
Epoch Time: 1250
MAP Response:
Mapping Nonce: 15685
Protocol: UDP (17)
Internal Port: 11000
Boucadair Expires December 12, 2013 [Page 6]
Internet-Draft PCP Flow Examples June 2013
Assigned External Port: 15200
Assigned External IP Address: ::ffff:192.0.2.1
Figure 9: MAP Response (Suggested External Port Not Honored by the
PCP Server)
2.5. Suggested External IP Address
This example illustrates the content of exchanged PCP messages when
the PCP Client does not include any PCP Option in its request. In
this example, the PCP Client indicates a hinted external IP address
honored by the PCP Server. In reference to Figure 1, the content of
exchanged PCP messages is as follows:
Version: 2
R bit: Request (0)
Opcode: MAP (0x01)
Requested Lifetime: 36000 sec
PCP Client's IP Address: ::ffff:198.51.100.1
MAP Request:
Mapping Nonce: 15685
Protocol: UDP (17)
Internal Port: 3938
Suggested External Port: 3938
Suggested External IP Address: ::ffff:192.0.2.1
Figure 10: MAP request (Suggested External IP Address)
Version: 2
R bit: Response (1)
Opcode: MAP (0x01)
Result Code: 0
Lifetime: 20000 sec
Epoch Time: 1250
MAP Response:
Mapping Nonce: 15685
Protocol: UDP (17)
Internal Port: 3938
Assigned External Port: 15200
Assigned External IP Address: ::ffff:192.0.2.1
Figure 11: MAP Response (Suggested External IP Address)
Boucadair Expires December 12, 2013 [Page 7]
Internet-Draft PCP Flow Examples June 2013
2.6. Create Mapping with Distinct External IP Addresses
Figure 12 shows a PCP Server with a pool of public IPv4 addresses
(192.0.2/24) and two PCP Clients associated with different
subscribers. The PCP Clients each make a port mapping request to the
PCP Server which creates the mapping from its 192.0.2/24 pool.
+--------+ +------+ +--------+
| PCP | | PCP | | PCP |
|Client 1| |Server| |Client 2|
+--------+ +------+ +--------+
| (1) PCP MAP Request | |
|---------------------------->| |
| (2) PCP MAP Response | |
|<----------------------------| (a) PCP MAP Request |
| |<---------------------------|
| | (b) PCP MAP Response |
| |--------------------------->|
| | |
Figure 12: Example of creating mappings with distinct external IP
addresses
In this example, the PCP Clients were mapped to different public
addresses as illustrated in the content of the PCP messages listed
below.
The content of PCP messages exchanged between PCP Client 1 and the
PCP Server is as follows:
Version: 2
R bit: Request (0)
Opcode: MAP (0x01)
Requested Lifetime: 36000 sec
PCP Client's IP Address: ::ffff:198.51.100.1
MAP Request:
Mapping Nonce: 15685
Protocol: TCP (6)
Internal Port: 15333
Suggested External Port: 15333
Suggested External IP Address: ::ffff:0.0.0.0
Figure 13: MAP request (PCP Client 1)
Version: 2
R bit: Response (1)
Opcode: MAP (0x01)
Boucadair Expires December 12, 2013 [Page 8]
Internet-Draft PCP Flow Examples June 2013
Result Code: 0
Lifetime: 20000 sec
Epoch Time: 1250
MAP Response:
Mapping Nonce: 15685
Protocol: TCP (6)
Internal Port: 15333
Assigned External Port: 12000
Assigned External IP Address: ::ffff:192.0.2.1
Figure 14: MAP Response (PCP Client 1)
The content of PCP messages exchanged between PCP Client 2 and the
PCP Server is as follows:
Version: 2
R bit: Request (0)
Opcode: MAP (0x01)
Requested Lifetime: 36000 sec
PCP Client's IP Address: ::ffff:198.51.100.2
MAP Request:
Mapping Nonce: 59869
Protocol: UDP (17)
Internal Port: 12000
Suggested External Port: 12000
Suggested External IP Address: ::ffff:0.0.0.0
Figure 15: MAP request (PCP Client 2)
Version: 2
R bit: Response (1)
Opcode: MAP (0x01)
Result Code: 0
Lifetime: 20000 sec
Epoch Time: 1250
MAP Response:
Mapping Nonce: 59869
Protocol: UDP (17)
Internal Port: 12000
Assigned External Port: 6000
Assigned External IP Address: ::ffff:192.0.2.2
Figure 16: MAP Response (PCP Client 2)
2.7. Mapping Nonce Doesn't Match
This example illustrates the content of exchanged PCP messages when
the PCP Client does not include any PCP Option in its request. In
Boucadair Expires December 12, 2013 [Page 9]
Internet-Draft PCP Flow Examples June 2013
this example, the PCP Client indicates a distinct Mapping Nonce than
the one stored by the PCP Server. In reference to Figure 1, the
content of exchanged PCP messages is as follows:
Version: 2
R bit: Request (0)
Opcode: MAP (0x01)
Requested Lifetime: 36000 sec
PCP Client's IP Address: ::ffff:198.51.100.1
MAP Request:
Mapping Nonce: 45687
Protocol: UDP (17)
Internal Port: 3938
Suggested External Port: 3938
Suggested External IP Address: ::ffff:192.0.2.1
Figure 17: MAP request (Mapping Nonce Doesn't Match)
Version: 2
R bit: Response (1)
Opcode: MAP (0x01)
Result Code: NOT_AUTHORIZED (0x02)
Lifetime: 35550 sec
Epoch Time: 1300
Figure 18: MAP Response (Mapping Nonce Doesn't Match)
2.8. PREFER_FAILURE Option: Requested Port is Honored
This flow shows an example of the content of PCP messages that will
be exchanged to create a mapping in a PCP-controlled device. In this
example, the PCP Client indicates a requested external UDP port
number and also a PREFER_FAILURE Option. In this example, we suppose
the requested port can be honored by the PCP Server. In reference to
Figure 1, the content of exchanged PCP messages is as follows:
Version: 2
R bit: Request (0)
Opcode: MAP (0x01)
Requested Lifetime: 36000 sec
PCP Client's IP Address: ::ffff:198.51.100.1
MAP Request:
Mapping Nonce: 15685
Protocol: UDP (17)
Internal Port: 1234
Suggested External Port: 12536
Suggested External IP Address: ::ffff:0.0.0.0
Option Code: PREFER_FAILURE (0x02) Option Length: 0 bytes Data: (NULL)
Boucadair Expires December 12, 2013 [Page 10]
Internet-Draft PCP Flow Examples June 2013
Figure 19: MAP request ( PREFER_FAILURE Option: Requested Port is
Honored)
Version: 2
R bit: Response (1)
Opcode: MAP (0x01)
Result Code: 0
Lifetime: 36000 sec
Epoch Time: 1250
MAP Response:
Mapping Nonce: 15685
Protocol: UDP (17)
Internal Port: 1234
Assigned External Port: 12536
Assigned External IP Address: ::ffff:192.0.2.1
Figure 20: MAP Response ( PREFER_FAILURE Option: Requested Port is
Honored)
2.9. PREFER_FAILURE Option: Requested Port is not Honored
This flow shows an example of the content of PCP messages that will
be exchanged to create a mapping in a PCP-controlled device. In this
example, the PCP Client indicates a requested external UDP port
number and also a PREFER_FAILURE Option. In this example, we suppose
the requested port cannot be honored by the PCP Server. In reference
to Figure 1, the content of exchanged PCP messages is as follows:
Version: 2
R bit: Request (0)
Opcode: MAP (0x01)
Requested Lifetime: 36000 sec
PCP Client's IP Address: ::ffff:198.51.100.1
MAP Request:
Mapping Nonce: 15685
Protocol: UDP (17)
Internal Port: 1234
Suggested External Port: 1234
Suggested External IP Address: ::ffff:0.0.0.0
Option Code: PREFER_FAILURE (0x02) Option Length: 0 bytes Data: (NULL)
Figure 21: MAP request (PREFER_FAILURE Option: Requested Port is not
Honored)
Version: 2
R bit: Response (1)
Opcode: MAP (0x01)
Result Code: CANNOT_PROVIDE_EXTERNAL (0x11)
Boucadair Expires December 12, 2013 [Page 11]
Internet-Draft PCP Flow Examples June 2013
Lifetime: 1560 sec
Epoch Time: 1300
Figure 22: MAP Response (PREFER_FAILURE Option: Requested Port is not
Honored)
2.10. Negative Impact of PREFER_FAILURE Option
The presence of PREFER_FAILURE option in a request may have negative
impact on an application which does not require it. Figure 23 shows
two examples:
1. With PREFER_FAILURE option: several round trips are needed for
the client to retrieve the requested mapping.
2. Without PREFER_FAILURE option: the client retrieves a mapping
without any extra delay.
Boucadair Expires December 12, 2013 [Page 12]
Internet-Draft PCP Flow Examples June 2013
(1) PREFER_FAILURE Option (2) No PREFER_FAILURE Option
+------+ +------+ +------+ +------+
| PCP | | PCP | | PCP | | PCP |
|Client| |Server| |Client| |Server|
+------+ +------+ +------+ +------+
| PCP MAP Request | | PCP MAP Request |
|Suggested External Port=8080| |Suggested External Port=8080|
| PREFER_FAILURE | |--------------------------->|
|--------------------------->| | |
| PCP MAP Response | | PCP MAP Response |
| CANNOT_PROVIDE_EXTERNAL | |Assigned External Port=6598 |
|<---------------------------| |<---------------------------|
| | | TCP SYN |
| PCP MAP Request | |--------------------------->|
|Suggested External Port=5485|
| PREFER_FAILURE |
|--------------------------->|
| PCP MAP Response |
| CANNOT_PROVIDE_EXTERNAL |
|<---------------------------|
....
| PCP MAP Request |
|Suggested External Port=6591|
| PREFER_FAILURE |
|--------------------------->|
| PCP MAP Response |
| CANNOT_PROVIDE_EXTERNAL |
|<---------------------------|
Figure 23: Negative Impact of the mis-usage of PREFER_FAILURE option
2.11. Existing Implicit Mapping
This example illustrates the content of exchanged PCP messages when
the PCP Client requests a mapping which matches an existing implicit
dynamic mapping (see Figure 24). In this example, the PCP-Controlled
device assigns 10000 as external port number when translating the
packet from the client having with source port set to 1234.
This behavior is specified in Section 11.3 of [RFC6887].
+------+ +------+
| PCP | | PCP |
|Client| |Server|
+------+ +------+
| (a) TCP SYN(src:1234) |
Boucadair Expires December 12, 2013 [Page 13]
Internet-Draft PCP Flow Examples June 2013
|--------------------------------->|
| (1) PCP MAP Request |
|--------------------------------->|
| (2) PCP MAP Response |
|<---------------------------------|
| |
Figure 24: Example of creating a mapping
In reference to Figure 1, the content of exchanged PCP messages is as
follows:
Version: 2
R bit: Request (0)
Opcode: MAP (0x01)
Requested Lifetime: 36000 sec
PCP Client's IP Address: ::ffff:198.51.100.1
MAP Request:
Mapping Nonce: 15685
Protocol: TCP (0x06)
Internal Port: 1234
Suggested External Port: 3938
Suggested External IP Address: ::ffff:0.0.0.0
Figure 25: MAP request (Existing Implicit Mapping)
Version: 2
R bit: Response (1)
Opcode: MAP (0x01)
Result Code: 0
Lifetime: 20000 sec
Epoch Time: 1250
MAP Response:
Mapping Nonce: 15685
Protocol: TCP (0x06)
Internal Port: 1234
Assigned External Port: 10000
Assigned External IP Address: ::ffff:192.0.2.1
Figure 26: MAP Response (Existing Implicit Mapping)
Boucadair Expires December 12, 2013 [Page 14]
Internet-Draft PCP Flow Examples June 2013
2.12. Shortening a Mapping Lifetime in the Presence of Client-
Originated Traffic
Figure 27 shows an example illustrating the impact of requesting the
deletion of a mapping in the presence of traffic originated from the
client. In this example, the PCP server does not remove the
requested mapping immediately; the returned lifetime is set to the
remaining lifetime.
This behavior is specified in Section 15 of [RFC6887].
+------+ +---------------------+
| PCP | | PCP Server |
|Client| |PCP-Controlled Device|
+------+ +---------------------+
| |
|=========Traffic==================|===========>
| PCP MAP Request (Lifetime=0) |
|--------------------------------->|
| PCP MAP Response (Lifetime= |
| remaining idle-timeout) |
|<---------------------------------|
|<========Traffic==================|<==========
| |
Figure 27: Shortening a Mapping Lifetime in the Presence of Client-
Originated Traffic
2.13. Create a Mapping for All Incoming Traffic of a Given Protocol
This example illustrates the content of the PCP MAP request to create
a mapping for all incoming traffic of a given protocol (UDP is used
in this example).
Boucadair Expires December 12, 2013 [Page 15]
Internet-Draft PCP Flow Examples June 2013
Version: 2
R bit: Request (0)
Opcode: MAP (0x01)
Requested Lifetime: 36000 sec
PCP Client's IP Address: ::ffff:198.51.100.1
MAP Request:
Mapping Nonce: 15685
Protocol: UDP (17)
Internal Port: 0
Suggested External Port: 0
Suggested External IP Address: ::ffff:0.0.0.0
Figure 28: MAP request (Create a mapping for all incoming traffic of
a given protocol)
The PCP Server may honor the request or reject it by sending
UNSUPP_PROTOCOL (0x09) error.
2.14. Create a Mapping for All Protocols
This example illustrates the content of the PCP MAP request to create
a mapping for the traffic of all protocols.
Version: 2
R bit: Request (0)
Opcode: MAP (0x01)
Requested Lifetime: 36000 sec
PCP Client's IP Address: ::ffff:198.51.100.1
MAP Request:
Mapping Nonce: 15685
Protocol: ANY (0)
Internal Port: 0
Suggested External Port: 0
Suggested External IP Address: ::ffff:0.0.0.0
Figure 29: MAP request (Create a mapping for all protocols)
The PCP Server may honor the request or reject it by sending
UNSUPP_PROTOCOL (0x09) error.
2.15. Malformed Request
This flow shows an example of the content of PCP messages that will
be exchanged when a malformed request is received by the PCP Server.
In this example, the Protocol field is set to null.
Version: 2
R bit: Request (0)
Boucadair Expires December 12, 2013 [Page 16]
Internet-Draft PCP Flow Examples June 2013
Opcode: MAP (0x01)
Requested Lifetime: 36000 sec
PCP Client's IP Address: ::ffff:198.51.100.1
MAP Request:
Mapping Nonce: 45698
Protocol: ANY (0)
Internal Port: 5698
Suggested External Port: 3938
Suggested External IP Address: ::ffff:0.0.0.0
Option Code: PREFER_FAILURE (0x02) Option Length: 0 bytes Data: (NULL)
Figure 30: MAP request (Malformed Request)
Version: 2
R bit: Response (1)
Opcode: MAP (0x01)
Result Code: MALFORMED_REQUEST (0x02)
Lifetime: 0 sec
Epoch Time: 1300
Figure 31: MAP Response (Malformed Request)
2.16. Exceeded Port Quota
This flow shows an example of the content of PCP messages that will
be exchanged when a per-user quota is reached. A short lifetime is
returned so that the client may retry and see if the request can be
honored because another state has been removed.
Version: 2
R bit: Request (0)
Opcode: MAP (0x01)
Requested Lifetime: 36000 sec
PCP Client's IP Address: ::ffff:198.51.100.1
MAP Request:
Mapping Nonce: 45698
Protocol: UDP (17)
Internal Port: 8695
Suggested External Port: 3938
Suggested External IP Address: ::ffff:0.0.0.0
Option Code: PREFER_FAILURE (0x02) Option Length: 0 bytes Data: (NULL)
Figure 32: MAP request (Exceeded Port Quota)
Version: 2
R bit: Response (1)
Opcode: MAP (0x01)
Result Code: USER_EX_QUOTA (10)
Boucadair Expires December 12, 2013 [Page 17]
Internet-Draft PCP Flow Examples June 2013
Lifetime: 300 sec
Epoch Time: 1300
Figure 33: MAP Response (Exceeded Port Quota)
2.17. Unsupported Protocol
This flow shows an example of the content of PCP messages that will
be exchanged when the requested port is not supported by the PCP
Server. In this example, SCTP is indicated as the requested
protocol.
Version: 2
R bit: Request (0)
Opcode: MAP (0x01)
Requested Lifetime: 36000 sec
PCP Client's IP Address: ::ffff:198.51.100.1
MAP Request:
Mapping Nonce: 45698
Protocol: SCTP (132)
Internal Port: 8695
Suggested External Port: 3938
Suggested External IP Address: ::ffff:0.0.0.0
Figure 34: MAP request (Unsupported Protocol)
Version: 2
R bit: Response (1)
Opcode: MAP (0x01)
Result Code: UNSUPP_PROTOCOL (9)
Lifetime: 0 sec
Epoch Time: 1300
Figure 35: MAP Response (Unsupported Protocol)
2.18. Unsolicited MAP Response
Suppose the client has instructed a UDP mapping for port 3938
(assigned external port is 15000 and assigned external IPv4 address
is: 192.0.2.1). Upon a change of a state: e.g., change of the
external IP Address, the PCP Server issues an unsolicited MAP
response. The content of the MAP response sent by the PCP Server is
shown below. The PCP Client is now aware of the new assigned
external IP address.
Version: 2
R bit: Response (1)
Opcode: MAP (0x01)
Boucadair Expires December 12, 2013 [Page 18]
Internet-Draft PCP Flow Examples June 2013
Result Code: 0
Lifetime: 20000 sec
Epoch Time: 1250
MAP Response:
Mapping Nonce: 15685
Protocol: TCP (0x06)
Internal Port: 1234
Assigned External Port: 10000
Assigned External IP Address: ::ffff:192.0.2.2
Figure 36: Unsolicited MAP Response
2.19. Mapping Repair
An example of mapping repair is shown in Figure 37.
+------+ +------+
| PCP | | PCP |
|Client| |Server|
+------+ +------+
| (1) PCP ANNOUNCE |
|<----------------------------|
| (2) PCP MAP REQUEST |
|---------------------------->|
| (3) PCP MAP RESPONSE |
|<----------------------------|
| |
Figure 37: Flow Example of a PING/PONG exchange: Check the
availability of the PCP Server
Version: 2
R bit: Response (1)
Opcode: ANNOUNCE (0x00)
Result Code: 0
Lifetime: 0 sec
Epoch Time: 0
Figure 38: Unsolicited ANNOUNCE
Version: 2
R bit: Request (0)
Opcode: MAP (0x01)
Requested Lifetime: 36000 sec
PCP Client's IP Address: ::ffff:198.51.100.1
MAP Request:
Mapping Nonce: 15685
Boucadair Expires December 12, 2013 [Page 19]
Internet-Draft PCP Flow Examples June 2013
Protocol: UDP (17)
Internal Port: 11000
Assigned External Port: 15200
Assigned External IP Address: ::ffff:192.0.2.1
Figure 39: MAP request
Version: 2
R bit: Response (1)
Opcode: MAP (0x01)
Result Code: 0
Lifetime: 20000 sec
Epoch Time: 10
MAP Response:
Mapping Nonce: 15685
Protocol: UDP (17)
Internal Port: 11000
Assigned External Port: 15200
Assigned External IP Address: ::ffff:192.0.2.1
Figure 40: MAP Response
3. NAT Detect Example
Let us suppose a PCP-unaware NAT is located between the PCP Server
and the PCP Client. An example of PCP MAP request issued by the PCP
Client is shown below.
Version: 2
R bit: Request (0)
Opcode: MAP (0x01)
Requested Lifetime: 36000 sec
PCP Client's IP Address: ::ffff:198.51.100.1
MAP Request:
Mapping Nonce: 15685
Protocol: UDP (17)
Internal Port: 11000
Assigned External Port: 15200
Assigned External IP Address: ::ffff:0.0.0.0
Figure 41: MAP request (NAT Detect)
Boucadair Expires December 12, 2013 [Page 20]
Internet-Draft PCP Flow Examples June 2013
This message will be translated by the PCP-unaware NAT. The source
IP address if the resulting message will be another address than
198.51.100.1. Upon receipt of this message, the PCP Server compares
the source IP address and the content of PCP Client's IP Address
field. Because the two addresses are not equal, the PCP Server
concludes there is PCP-unaware device in the path. As a result, the
PCP Server will issue the following error message:
Version: 2
R bit: Response (1)
Opcode: MAP (0x01)
Result Code: ADDRESS_MISMATCH (12)
Lifetime: 0 sec
Epoch Time: 36000
Figure 42: MAP Response (NAT Detect)
This behavior is specified in Section 8.2 of [RFC6887].
4. Retrieve the External IP Address
In order to retrieve the IP address used on the external side of the
PCP-controlled device, the PCP Client sends a short-lived mapping
(e.g., Discard service (TCP/9 or UDP/9) or other port). The returned
IP address can be displayed by any application requiring such
information.
Version: 2
R bit: Request (0)
Opcode: MAP (0x01)
Requested Lifetime: 5 sec
PCP Client's IP Address: ::ffff:198.51.100.1
MAP Request:
Mapping Nonce: 15685
Protocol: UDP (17)
Internal Port: 9
Suggested External Port: 9
Suggested External IP Address: ::ffff:0.0.0.0
Figure 43: MAP request
Version: 2
R bit: Response (1)
Opcode: MAP (0x01)
Result Code: 0
Lifetime: 60 sec
Epoch Time: 1250
MAP Response:
Boucadair Expires December 12, 2013 [Page 21]
Internet-Draft PCP Flow Examples June 2013
Mapping Nonce: 15685
Protocol: UDP (17)
Internal Port: 9
Suggested External Port: 9
Assigned External IP Address: ::ffff:192.0.2.1
Figure 44: MAP Response
This behavior is specified in Section 11.6 of [RFC6887].
5. THIRD_PARTY Examples
These examples follow the behavior specified in Section 13.1 of
[RFC6887].
5.1. THIRD_PARTY Enabled at the Server Side
The following messages are exchanged when the THIRD_PARTY option is
enabled in the PCP Server side. In this example the PCP Client
creates a mapping for the host assigned with 198.51.100.2.
Version: 2
R bit: Request (0)
Opcode: MAP (0x01)
Requested Lifetime: 36000 sec
PCP Client's IP Address: ::ffff:198.51.100.1
MAP Request:
Mapping Nonce: 16584
Protocol: UDP (17)
Internal Port: 8080
Suggested External Port: 8080
Suggested External IP Address: ::ffff:0.0.0.0
Option Code: THIRD_PARTY (0x01) Option Length: 16 bytes Data:
::ffff:198.51.100.2
Figure 45: MAP request with THIRD_PARTY
Version: 2
R bit: Response (1)
Opcode: MAP (0x01)
Result Code: 0
Lifetime: 20000 sec
Epoch Time: 1250
MAP Response:
Mapping Nonce: 16584
Protocol: UDP (17)
Internal Port: 8080
Assigned External Port: 15000
Boucadair Expires December 12, 2013 [Page 22]
Internet-Draft PCP Flow Examples June 2013
Assigned External IP Address: ::ffff:161.105.194.14
Option Code: THIRD_PARTY (0x01) Option Length: 16 bytes Data:
::ffff:198.51.100.2
Figure 46: MAP Response with THIRD_PARTY
5.2. THIRD_PARTY Disabled at the Server Side
The following messages are exchanged when the THIRD_PARTY option is
disabled in the PCP Server side. In this example the PCP Client
tries to create a mapping for the host assigned with 198.51.100.2.
Version: 2
R bit: Request (0)
Opcode: MAP (0x01)
Requested Lifetime: 36000 sec
PCP Client's IP Address: ::ffff:198.51.100.1
MAP Request:
Mapping Nonce: 16584
Protocol: UDP (17)
Internal Port: 8080
Suggested External Port: 8080
Suggested External IP Address: ::ffff:0.0.0.0
Option Code: THIRD_PARTY (0x01) Option Length: 16 bytes Data:
::ffff:198.51.100.2
Figure 47: MAP request with THIRD_PARTY
Version: 2
R bit: Response (1)
Opcode: MAP (0x01)
Result Code: UNSUPP_OPTION (0x05)
Lifetime: 0 sec
Epoch Time: 1562
Figure 48: MAP Response with THIRD_PARTY
5.3. Malformed Request
In this example the PCP Client inserts a THIRD_PARTY option which
include the IP address of the PCP Client.
Version: 2
R bit: Request (0)
Opcode: MAP (0x01)
Requested Lifetime: 36000 sec
PCP Client's IP Address: ::ffff:198.51.100.1
MAP Request:
Boucadair Expires December 12, 2013 [Page 23]
Internet-Draft PCP Flow Examples June 2013
Mapping Nonce: 16584
Protocol: UDP (17)
Internal Port: 8080
Suggested External Port: 8080
Suggested External IP Address: ::ffff:0.0.0.0
Option Code: THIRD_PARTY (0x01) Option Length: 16 bytes Data:
::ffff:198.51.100.1
Figure 49: MAP request with THIRD_PARTY
Version: 2
R bit: Response (1)
Opcode: MAP (0x01)
Result Code: MALFORMED_REQUEST (0x03)
Lifetime: 0 sec
Epoch Time: 1562
Figure 50: MAP Response with THIRD_PARTY
6. MAP with FILTER Examples
These examples follow the behavior specified in Section 13.3 of
[RFC6887].
6.1. Basic Filter Usage
This example illustrates the content of exchanged PCP messages when
the PCP Client wants to receive traffic only from 192.0.2.200:5968.
In reference to Figure 1, the content of exchanged PCP messages is as
follows:
Version: 2
R bit: Request (0)
Opcode: MAP (0x01)
Requested Lifetime: 36000 sec
PCP Client's IP Address: ::ffff:198.51.100.1
MAP Request:
Mapping Nonce: 15685
Protocol: UDP (17)
Internal Port: 3938
Suggested External Port: 3938
Suggested External IP Address: ::ffff:0.0.0.0
Option Code: FILTER (0x03) Option Length: 20 bytes Data:
Prefix Length: 128
Remote Peer Port: 5968
Remote Peer IP Address: ::ffff:192.0.2.200
Figure 51: MAP request
Boucadair Expires December 12, 2013 [Page 24]
Internet-Draft PCP Flow Examples June 2013
Version: 2
R bit: Response (1)
Opcode: MAP (0x01)
Result Code: 0
Lifetime: 20000 sec
Epoch Time: 1250
MAP Response:
Mapping Nonce: 15685
Protocol: UDP (17)
Internal Port: 3938
Assigned External Port: 3938
Assigned External IP Address: ::ffff:192.0.2.1
Option Code: FILTER (0x03) Option Length: 20 bytes Data:
Prefix Length: 128
Remote Peer Port: 5968
Remote Peer IP Address: ::ffff:192.0.2.200
Figure 52: MAP Response
6.2. Remove All Filters
This example illustrates the content of exchanged PCP messages when
the PCP Client wants to remove all filters. In reference to Figure
1, the content of exchanged PCP messages is as follows:
Version: 2
R bit: Request (0)
Opcode: MAP (0x01)
Requested Lifetime: 36000 sec
PCP Client's IP Address: ::ffff:198.51.100.1
MAP Request:
Mapping Nonce: 15685
Protocol: UDP (17)
Internal Port: 3938
Suggested External Port: 3938
Suggested External IP Address: ::ffff:0.0.0.0
Option Code: FILTER (0x03) Option Length: 20 bytes Data:
Prefix Length: 0
Remote Peer Port: 0
Remote Peer IP Address: ::ffff:0:0
Figure 53: MAP request
Version: 2
R bit: Response (1)
Opcode: MAP (0x01)
Result Code: 0
Lifetime: 20000 sec
Boucadair Expires December 12, 2013 [Page 25]
Internet-Draft PCP Flow Examples June 2013
Epoch Time: 1250
MAP Response:
Mapping Nonce: 15685
Protocol: UDP (17)
Internal Port: 3938
Assigned External Port: 3938
Assigned External IP Address: ::ffff:192.0.2.1
Option Code: FILTER (0x03) Option Length: 20 bytes Data:
Prefix Length: 0
Remote Peer Port: 0
Remote Peer IP Address: ::ffff:0:0
Figure 54: MAP Response
6.3. Change an Existing Filter
This example illustrates the content of exchanged PCP messages when
the PCP Client wants to change an existing filter. In reference to
Figure 1, the content of exchanged PCP messages is as follows:
Version: 2
R bit: Request (0)
Opcode: MAP (0x01)
Requested Lifetime: 36000 sec
PCP Client's IP Address: ::ffff:198.51.100.1
MAP Request:
Mapping Nonce: 15685
Protocol: UDP (17)
Internal Port: 3938
Suggested External Port: 3938
Suggested External IP Address: ::ffff:0.0.0.0
Option Code: FILTER (0x03) Option Length: 20 bytes Data:
Prefix Length: 0
Remote Peer Port: 0
Remote Peer IP Address: ::ffff:0:0
Option Code: FILTER (0x03) Option Length: 20 bytes Data:
Prefix Length: 128
Remote Peer Port: 5968
Remote Peer IP Address: ::ffff:192.0.2.201
Figure 55: MAP request
7. Assess the Reachability of the PCP Server
In this example, the PCP Client issues a PCP ANNOUNCE request to a
PCP Server. Once received by the PCP Server, since it is configured
to reply to such request, it sends back a PCP ANNOUNCE response.
This procedure can be used to retrieve the Epoch time.
Boucadair Expires December 12, 2013 [Page 26]
Internet-Draft PCP Flow Examples June 2013
+------+ +------+
| PCP | | PCP |
|Client| |Server|
+------+ +------+
| (1) PCP ANNOUNCE REQUEST |
|---------------------------->|
| (2) PCP ANNOUNCE RESPONSE |
|<----------------------------|
| |
Figure 56: Flow Example of a PING/PONG exchange: Check the
availability of the PCP Server
Version: 2
R bit: Request (0)
Opcode: ANNOUNCE (0x00)
Requested Lifetime: 0 sec
PCP Client's IP Address: ::ffff:198.51.100.1
Figure 57: ANNOUNCE Request
Version: 2
R bit: Response (1)
Opcode: ANNOUNCE (0x00)
Result Code: 0
Lifetime: 0 sec
Epoch Time: 3600
Figure 58: ANNOUNCE Response
8. PEER Operations
The following figure illustrates the messages which are exchanged
when PEER OpCode is used:
+------+ +------+
| PCP | | PCP |
|Client| |Server|
+------+ +------+
| (1) PCP PEER Request |
|--------------------------------->|
| (2) PCP PEER Response |
|<---------------------------------|
| |
Figure 59: Typical Example of PEER usage
Boucadair Expires December 12, 2013 [Page 27]
Internet-Draft PCP Flow Examples June 2013
Examples listed below follow the behavior specified in Section 12.2
and Section 12.3 of [RFC6887].
8.1. No Mapping Exists for the Internal Port Number
In reference to Figure 59, the content of exchanged PEER messages
when no mapping is maintained by the PCP Server for the indicated
external port number:
Version: 2
R bit: Request (0)
Opcode: PEER (0x02)
Requested Lifetime: 36000 sec
PCP Client's IP Address: ::ffff:198.51.100.1
PEER Request:
Mapping Nonce: 15685
Protocol: UDP (17)
Internal Port: 3938
Suggested External Port: 3938
Suggested External IP Address: ::ffff:0.0.0.0
Remote Peer Port: 12456
Remote IP Address: ::ffff:198.51.100.2
Figure 60: PEER request
Version: 2
R bit: Response (1)
Opcode: PEER (0x02)
Result Code: 0
Lifetime: 20000 sec
Epoch Time: 1250
PEER Response:
Mapping Nonce: 15685
Protocol: UDP (17)
Internal Port: 3938
Assigned External Port: 3938
Assigned External IP Address: ::ffff:192.0.2.1
Remote Peer Port: 12456
Remote IP Address: ::ffff:198.51.100.2
Figure 61: PEER Response
8.2. A Mapping Exists for the External Port Number
In reference to Figure 59, the content of exchanged PEER messages
when a mapping is maintained by the PCP Server for the indicated
external port number:
Boucadair Expires December 12, 2013 [Page 28]
Internet-Draft PCP Flow Examples June 2013
Version: 2
R bit: Request (0)
Opcode: PEER (0x02)
Requested Lifetime: 36000 sec
PCP Client's IP Address: ::ffff:198.51.100.1
PEER Request:
Mapping Nonce: 15685
Protocol: UDP (17)
Internal Port: 3938
Suggested External Port: 3938
Suggested External IP Address: ::ffff:0.0.0.0
Remote Peer Port: 12456
Remote IP Address: ::ffff:198.51.100.2
Figure 62: PEER request
Version: 2
R bit: Response (1)
Opcode: PEER (0x02)
Result Code: CANNOT_PROVIDE_EXTERNAL
Lifetime: 0 sec
Epoch Time: 36000
Figure 63: PEER Response
8.3. External IP Address Cannot be Honored
In reference to Figure 59, the content of exchanged PEER messages
when the suggested external IP address does not match an existing
mapping is shown below:
Version: 2
R bit: Request (0)
Opcode: PEER (0x02)
Requested Lifetime: 36000 sec
PCP Client's IP Address: ::ffff:198.51.100.1
PEER Request:
Mapping Nonce: 15685
Protocol: UDP (17)
Internal Port: 3938
Suggested External Port: 3938
Suggested External IP Address: ::ffff:192.0.2.5
Remote Peer Port: 12456
Remote IP Address: ::ffff:198.51.100.2
Figure 64: PEER request
Boucadair Expires December 12, 2013 [Page 29]
Internet-Draft PCP Flow Examples June 2013
Version: 2
R bit: Response (1)
Opcode: PEER (0x02)
Result Code: CANNOT_PROVIDE_EXTERNAL
Lifetime: 0 sec
Epoch Time: 36000
Figure 65: PEER Response
8.4. Extend the Lifetime
In reference to Figure 66, the content of exchanged PEER messages to
extend the lifetime of a mapping.
+------+ +------+
| PCP | | PCP |
|Client| |Server|
+------+ +------+
| (a) TCP SYN(src:3938) |
|--------------------------------->|
| (1) PCP PEER Request |
|--------------------------------->|
| (2) PCP PEER Response |
|<---------------------------------|
| |
Figure 66: Example of creating a mapping
Version: 2
R bit: Request (0)
Opcode: PEER (0x02)
Requested Lifetime: 36000 sec
PCP Client's IP Address: ::ffff:198.51.100.1
PEER Request:
Mapping Nonce: 15685
Protocol: TCP (6)
Internal Port: 3938
Suggested External Port: 0
Suggested External IP Address: ::ffff:0.0.0.0
Remote Peer Port: 12456
Remote IP Address: ::ffff:198.51.100.2
Figure 67: PEER request
Version: 2
R bit: Response (1)
Opcode: PEER (0x02)
Boucadair Expires December 12, 2013 [Page 30]
Internet-Draft PCP Flow Examples June 2013
Result Code: 0
Lifetime: 20000 sec
Epoch Time: 1250
PEER Response:
Mapping Nonce: 15685
Protocol: TCP (6)
Internal Port: 3938
Assigned External Port: 11000
Assigned External IP Address: ::ffff:192.0.2.1
Remote Peer Port: 12456
Remote IP Address: ::ffff:198.51.100.2
Figure 68: PEER Response
8.5. Learn the Lifetime of a Mapping
In reference to Figure 66, the content of exchanged PEER messages to
learn the lifetime of a mapping is shown below:
Version: 2
R bit: Request (0)
Opcode: PEER (0x02)
Requested Lifetime: 5 sec
PCP Client's IP Address: ::ffff:198.51.100.1
PEER Request:
Mapping Nonce: 15685
Protocol: TCP (6)
Internal Port: 3938
Suggested External Port: 0
Suggested External IP Address: ::ffff:0.0.0.0
Remote Peer Port: 12456
Remote IP Address: ::ffff:198.51.100.2
Figure 69: PEER request
Version: 2
R bit: Response (1)
Opcode: PEER (0x02)
Result Code: 0
Lifetime: 20000 sec
Epoch Time: 1250
PEER Response:
Mapping Nonce: 15685
Protocol: TCP (6)
Internal Port: 3938
Assigned External Port: 11000
Assigned External IP Address: ::ffff:192.0.2.1
Remote Peer Port: 12456
Boucadair Expires December 12, 2013 [Page 31]
Internet-Draft PCP Flow Examples June 2013
Remote IP Address: ::ffff:198.51.100.2
Figure 70: PEER Response
9. Version Negotiation
Suppose the PCP Client supports PCP version 1 while the PCP Server
supports PCP version 2. The following exchange will be observed:
Version: 1
R bit: Request (0)
Opcode: MAP (0x01)
Requested Lifetime: 36000 sec
PCP Client's IP Address: ::ffff:198.51.100.1
MAP Request:
Protocol: UDP (17)
Internal Port: 3938
Suggested External Port: 3938
Suggested External IP Address: ::ffff:0.0.0.0
Figure 71: MAP Request with Version 1
Version: 2
R bit: Response (1)
Opcode: MAP (0x01)
Result Code: UNSUPP_VERSION (1)
Lifetime: 0 sec
Epoch Time: 3600
Figure 72: MAP Response (Unsupported Version)
Version negotiation is specified in Section 9 of [RFC6887].
10. Security Considerations
This document does not define any protocol nor architecture. PCP
security considerations are discussed in [RFC6887].
11. IANA Considerations
This document has no IANA actions.
12. Acknowledgements
Many thanks to C. Jacquenet and D. Wing for the comments.
13. Normative References
Boucadair Expires December 12, 2013 [Page 32]
Internet-Draft PCP Flow Examples June 2013
[RFC3849] Huston, G., Lord, A., and P. Smith, "IPv6 Address Prefix
Reserved for Documentation", RFC 3849, July 2004.
[RFC5737] Arkko, J., Cotton, M., and L. Vegoda, "IPv4 Address Blocks
Reserved for Documentation", RFC 5737, January 2010.
[RFC6887] Wing, D., Cheshire, S., Boucadair, M., Penno, R., and P.
Selkirk, "Port Control Protocol (PCP)", RFC 6887, April
2013.
Author's Address
Mohamed Boucadair
France Telecom
Rennes 35000
France
Email: mohamed.boucadair@orange.com
Boucadair Expires December 12, 2013 [Page 33]