Network Working Group M. Kelkar
Internet Draft T. Mistretta
Expires: December 2006 P. Howard
Juniper Networks
V. Jain
Riverstone Networks
June 22, 2006
PPP over L2TP Tunnel Switching
draft-ietf-l2tpext-tunnel-switching-07.txt
Status of this Memo
By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html
Distribution of this document is unlimited. Please send comments to
the Layer Two Tunneling Protocol Extensions (l2tpext) working group
at l2tpext@ietf.org.
Abstract
PPP [7] over L2TP Tunnel Switching, also called L2TP Multihop, is the
process of forwarding PPP payload from an L2TP session to another
L2TP session over a different tunnel. It facilitates moving the
logical termination point of an L2TP session, based on layer 2
characteristics or administrative policies, to different L2tp
Kelkar, et al. Expires December 22, 2006 [Page 1]
Internet-Draft PPP over L2TP Tunnel Switching June 2006
Endpoint. This document introduces the L2TP tunnel switching
nomenclature and defines the behavior of standard AVPs in tunnel
switching deployment. The scope of this document is limited to the
discussion of switching PPP frames over L2TPv2 or L2TPv3 tunnels.
Table of Contents
1. Introduction...................................................3
2. L2TPv2 to L2TPv3 switch........................................4
3. AVP Behavior...................................................4
3.1. IETF Vendor AVPs..........................................5
4. Loop Detection................................................11
5. CDN Messages and L2TP tunnel Switching........................12
6. IANA Considerations...........................................12
6.1. Control Message Attribute Value Pairs (AVPs).............12
6.2. Result Code AVP Values...................................13
7. Security Considerations.......................................13
8. Intellectual Property Statement...............................13
9. Copyright Statement...........................................14
10. Acknowledgments..............................................14
11. References...................................................15
11.1. Normative References....................................15
11.2. Informative References..................................15
Author's Addresses...............................................16
Terminology
Tunnel Switching Aggregator (TSA): These are the devices that switch
the layer 2 payload from a first L2TP session/tunnel on to second
L2TP session/tunnel.
First Tunnel: The first L2tp Tunnel to be established at the TSA.
Second Tunnel: The second L2TP Tunnel to be established at the TSA.
First Session: The first L2tp Session to be established at the TSA.
Second Session: The second L2TP Session to be established at the TSA.
L2TP Control Connection Endpoint (LCCE): An L2TP node that exists at
either end of an L2TP control connection. May also be referred to as
an LAC or LNS, depending on whether tunneled frames are processed at
the data link (LAC) or network layer (LNS).
L2TP, as defined in [1], is now referred to as "L2TPv2," while the
extended version defined in [2] is referred to as "L2TPv3". The
remainder of this document will refer simply to L2TP in general,
Kelkar, et al. Expires December 22, 2006 [Page 2]
Internet-Draft PPP over L2TP Tunnel Switching June 2006
unless contrasting specific features of L2TPv2 or L2TPv3, which may
differ in function.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC 2119].
1. Introduction
L2TP allows processing of PPP packets to be divorced from the
termination of the layer 2 circuit. L2TP tunnel switching
facilitates moving the termination point of a PPP session further on
to another LCCE that is possibly unknown to the originating LCCE. It
does so by re-tunneling the PPP session within another L2TP tunnel to
a different LCCE. The knowledge of whether to switch a PPP session to
another L2TP tunnel can be static or dynamic (for example, during PPP
session establishment).
At the TSA, First and Second sessions are two discrete entities. The
First session is established in the beginning and then TSA uses the
negotiated parameters of the First session as a basis to negotiate
the Second session. If the Second session fails to negotiate then it
should be terminated. Same thing can be said for the tunnel.
PPP LAC TSA LNS
User [LNS LAC]
|---- PPP----| | | |
| |---- PPP/L2TP ----| | |
| | |-- PPP --| |
| | | |----- PPP/L2TP -----|
| | |<----- tunnel switching ----->|
| | | | |
| |<--First tunnel-->| |<--Second tunnel--->|
Figure 1: L2TP tunnel Switching for incoming calls
The figure above presents a typical tunnel switching scenario for
incoming calls. The user opens a PPP session to a LAC, which tunnels
the session to TSA as defined by L2TP protocol. The TSA, based on
the local policies, determines if the First session should be further
tunneled. If the TSA decides to tunnel the session further, then,
for every such session it initiates another session onto another L2TP
tunnel originating on the TSA terminating on a different LNS. Once
the session is established, the data packets are switched from an
incoming tunnel to a corresponding outgoing tunnel.
Kelkar, et al. Expires December 22, 2006 [Page 3]
Internet-Draft PPP over L2TP Tunnel Switching June 2006
2. L2TPv2 to L2TPv3 switch
If First and Second tunnels use different versions of L2TP protocol
at TSA i.e. if it involves a 'version switch', then it must adapt the
data encapsulation change.
+------------------------+ +----------------------------+
| PPP Tunneled Frame | | PPP Tunneled Frame |
| | | |
+------------------------+ +----------------------------+
| | | Default L2-Specific |
| | | Sublayer |
| L2TPv2 Data Header | | (Ref [6] section 4.1) |
| over UDP | +----------------------------+
| (Ref [1] section 3.1) | | L2TPv3 Data Session |
| | | Header over UDP or IP |
| | | (Ref [2] section 4.1.1.1 |
| | | and 4.1.2.1) |
+------------------------+ +----------------------------+
| L2TPv2 Data Channel | | L2TPv3 Data Channel |
| (unreliable) | | (unreliable) |
+------------------------+----+----------------------------+
| Packet-Switched Network (UDP, IP, FR, MPLS, etc.) |
+----------------------------------------------------------+
Figure 2: L2TPv2 to L2TPv3 data encapsulation switch
When PPP frames, which are encapsulated in the L2TPv2 header, are
received at the TSA and are switched to Second tunnel using L2TPv3,
then L2TPv2 headers are stripped and PPP frame is encapsulated with
the L2TPv3 data header followed by the optional Default L2-Specific
Sublayer and Offset Padding (Ref [6] section 4.2) fields, and
forwarded over the session.
The version switch may involve a transport change i.e. L2TPv3-IP to
L2TPv2-UDP. TSA MUST be able to adapt to such change.
3. AVP Behavior
An AVP negotiated by the First tunnel/session MUST be handled in four
ways - it could be relayed, dropped, regenerated, or stacked. They
are defined as follows.
- RELAYED AVP: (also known as pass-through AVP) AVP is forwarded
transparently if it was negotiated by the First tunnel/session.
Kelkar, et al. Expires December 22, 2006 [Page 4]
Internet-Draft PPP over L2TP Tunnel Switching June 2006
- DROPPED AVP: AVP is dropped if it was negotiated by the First
tunnel/session.
- REGENERATED AVP: AVP negotiated by the First tunnel/session is
ignored upon receipt. A new AVP is regenerated for the Second
tunnel/session based on the local policy at the TSA. The local
policy may or may not use the received AVP to regenerate the new
value. The regenerated value MAY match with the received AVP value.
- STACKABLE AVP: Multiple instances of this AVP exist in the incoming
message, each representing a hop in the tunnel switched path in order
from first to last. When a TSA receives it, all the instances of AVP
are copied as-is for the negotiation of the next hop. A locally
generated AVP is appended to the outgoing message. If no value is
appropriate then an AVP with a null value, as determined by the AVP
definition, MUST be appended. However, If TSA couldn't copy all of
incoming AVPs then it MUST not copy any one of them and drop all of
the instances. If this is an AVP required to establish the tunnel or
session and TSA cannot copy all of the stacked AVPS, then TSA MUST
terminate the connection or session as appropriate.
3.1. IETF Vendor AVPs
This section defines the behavior of AVPs according to the guidelines
in section 3. It describes the behavior of AVPs defined in [1], [2],
[3], [4], [5], [6], and [8]. All the future AVP extensions MUST
define AVP behavior for tunnel switching.
An optional AVP whose behavior is defined as RELAYED, MUST be RELAYED
only if the AVP is negotiated by the First tunnel/session. Hence the
behavior for such AVP is stated as 'RELAYED if negotiated by the
first tunnel/session'.
An optional AVP whose behavior is defined as REGENERATED, could be
DROPPED from the negotiation of the Second tunnel/session at the
TSA's discretion. Hence the behavior for such AVP is stated as
'REGENERATED or DROPPED'
In its default behavior TSA needs to be as transparent as possible.
However, TSA shouldn't prevent local policies to override the default
behavior and allow regeneration of the AVPs mentioned as
'REGENERATED'.
Message Type (All Messages) - MUST be REGENERATED
Result Code (CDN, StopCCN) - MUST be either RELAYED or REGENERATED
based on recommendations discussed in section 5. In case of version
Kelkar, et al. Expires December 22, 2006 [Page 5]
Internet-Draft PPP over L2TP Tunnel Switching June 2006
switch, if L2TPv3 Result Codes and Error Codes are RELAYED then they
MUST be translated into general error (Result Code 2, Error Code 0).
Protocol Version (SCCRQ, SCCRP) - MUST be REGENERATED. This would
allow TSA to switch sessions when the First and Second tunnels use
different versions of the L2TP protocol.
Framing Capabilities (SCCRQ, SCCRP) - MUST be REGENERATED.
Bearer Capabilities (SCCRQ, SCCRP) - MUST be either REGENERATED or
DROPPED.
Tie Breaker (SCCRQ) - MUST be either REGENERATED or DROPPED.
Firmware Revision (SCCRP, SCCRQ) - MUST be either REGENERATED or
DROPPED.
Host Name (SCCRP, SCCRQ) - MUST be either REGENERATED or DROPPED.
Vendor Name (SCCRP, SCCRQ) - MUST be either REGENERATED or DROPPED.
Assigned tunnel ID (SCCRP, SCCRQ, StopCCN) - MUST be REGENERATED.
Receive Window Size (SCCRQ, SCCRP) - MUST be either REGENERATED or
DROPPED.
Challenge (SCCRP, SCCRQ) - MUST be either REGENERATED or DROPPED.
Q.931 Cause Code (CDN) - MUST be either RELAYED if negotiated by the
First session or DROPPED.
Challenge Response (SCCCN, SCCRP) - MUST be either REGENERATED or
DROPPED.
Assigned Session ID (CDN, ICRP, ICRQ, OCRP, OCRQ) - MUST be
REGENERATED.
Call Serial Number (ICRQ, OCRQ) - MUST be RELAYED. It would best
serve the intended purpose of this AVP and facilitate easier
debugging.
Minimum BPS (OCRQ) - MUST be RELAYED if negotiated by the First
session. In case of version switch, TSA should relay it as a Tx
Minimum Speed AVP (Ref [6])
Kelkar, et al. Expires December 22, 2006 [Page 6]
Internet-Draft PPP over L2TP Tunnel Switching June 2006
Maximum BPS (OCRQ) - MUST be RELAYED if negotiated by the First
session. In case of version switch, TSA should relay it as a Tx
Maximum Speed AVP (Ref [6])
Bearer Type (ICRQ, OCRQ) - MUST be RELAYED if negotiated by the First
session.
Framing Type (ICCN, OCCN, OCRQ) - MUST be RELAYED.
Called Number (ICRQ, OCRQ) - MUST be RELAYED if negotiated by the
First session.
Calling Number (ICRQ) - MUST be RELAYED if negotiated by the First
session.
Sub-Address (ICRQ, OCRQ) - MUST be RELAYED if negotiated by the First
session.
Tx Connect Speed (ICCN, OCCN) - MUST be RELAYED. In case of version
switch, TSA should relay it as a Tx Connect Speed AVP (Attribute Type
74).
Physical Channel ID (ICRQ, OCRP) - MUST be either RELAYED if
negotiated by the First session, REGENERATED, or DROPPED.
Proxy LCP AVPs (ICCN) - All the Proxy LCP AVPs (Initial Received LCP
CONFREQ, Last Sent LCP CONFREQ and Last Received LCP CONFREQ) MUST be
either all RELAYED, all REGENERATED or all DROPPED. If an AVP is
REGENERATED then it would mean the LCP was renegotiated; whereas,
RELAYED conveys the fact that it was passed along and was not
renegotiated.
Proxy Authentication AVPs (ICCN) - All the Proxy Authentication AVPs
(Proxy Authen Type, Proxy Authen Name AVP, Proxy Authen Challenge
Proxy Authen ID and Proxy Authen Response AVP) MUST be either all
RELAYED, all REGENERATED, or all DROPPED. If an AVP is REGENERATED
then it would mean the Authentication was renegotiated; whereas,
RELAYED conveys the fact that it was passed along and was not
renegotiated.
Call Errors (WEN) - MUST be RELAYED.
ACCM (SLI) - MUST be RELAYED.
Random Vector (All Messages) - MUST be either REGENERATED or DROPPED.
Kelkar, et al. Expires December 22, 2006 [Page 7]
Internet-Draft PPP over L2TP Tunnel Switching June 2006
Private Group ID (ICCN) - MUST be RELAYED if negotiated by the First
session.
Rx Connect Speed (ICCN, OCCN) - MUST be RELAYED if negotiated by the
First session. In case of version switch, TSA should relay it as a
Rx Connect Speed AVP (Attribute Type 75).
Sequencing Required (ICCN, OCCN) - MUST be either REGENERATED or
DROPPED. In case of version switch, TSA should regenerate it as a
Data Sequencing AVP (Attribute Type 70).
Rx Minimum BPS (OCRQ) (Ref [8]) - MUST be RELAYED if negotiated by
the First session. In case of version switch, TSA should relay it as
a Rx Minimum Speed AVP (Ref [6]).
Rx Maximum BPS (OCRQ) (Ref [8]) - MUST be RELAYED if negotiated by
the First session. In case of version switch, TSA should relay it as
a Rx Maximum Speed AVP (Ref [6]).
PPP Disconnect Cause AVP (CDN) (Ref [3])- MUST be either RELAYED if
negotiated by the First tunnel/session or DROPPED if it's not
supported.
Control Connection DS AVP (SCCRQ, SCCRP) (Ref [4]) - MUST be either
RELAYED if negotiated by the First tunnel or DROPPED if it's not
supported. The value of this AVP could be chosen based on 'PHB Code'
used (or to be used) on the tunnels, which the TSA is going to be
switching tunnels to. TSA need not use same PHB-to-DSCP mappings on
a First tunnel and Second tunnel.
Session DS AVP (ICRQ, ICRP, OCRQ, OCRP) (Ref [4]) - MUST be either
RELAYED if negotiated by the First session or DROPPED if it's not
supported. The value of this AVP could be chosen based on 'PHB Code'
used (or to be used) on the sessions, which the TSA is going to be
switching sessions to. TSA need not use same PHB-to-DSCP mappings on
a First session and Second session.
LCP Want Options (ICCN, OCCN) (Ref [5]) - MUST be either RELAYED if
negotiated by the First session or DROPPED if it's not supported.
LCP Allow Options (ICCN, OCCN) (Ref [5]) - MUST be either RELAYED if
negotiated by the First session or DROPPED if it's not supported.
Extended Vendor ID AVP (Version 3) (All Messages) - MUST be either
REGENERATED or DROPPED.
Kelkar, et al. Expires December 22, 2006 [Page 8]
Internet-Draft PPP over L2TP Tunnel Switching June 2006
Message Digest AVP (Version 3) (All Messages) - MUST be either
REGENERATED or DROPPED.
Router Id AVP (Version 3) (SCCRQ, SCCRP) - MUST be either REGENERATED
or DROPPED.
Assigned Control Connection Id AVP (Version 3) (SCCRQ, SCCRP,
StopCCN) - MUST be either REGENERATED or DROPPED.
Pseudowire Capabilities List AVP (Version 3) (SCCRQ, SCCRP) - MUST be
either REGENERATED or DROPPED.
Local Session Id AVP (Version 3) (ICRQ, ICRP, ICCN, OCRQ, OCRP, OCCN,
CDN, WEN, SLI) - MUST be either REGENERATED or DROPPED.
Remote Session Id AVP (Version 3) (ICRQ, ICRP, ICCN, OCRQ, OCRP,
OCCN, CDN, WEN, SLI) - MUST be either REGENERATED or DROPPED.
Assigned Cookie AVP (Version 3) (ICRQ, ICRP, OCRQ, OCRP) - MUST be
either REGENERATED or DROPPED.
Remote End Id AVP (Version 3) (ICRQ, OCRQ) - MUST be either
REGENERATED or DROPPED.
Session Tie Breaker AVP (Version 3) (ICRQ, OCRQ) - MUST be either
REGENERATED or DROPPED.
Pseudowire Type AVP (Version 3) (ICRQ, OCRQ) - MUST be either
REGENERATED or DROPPED.
L2-specific Sublayer AVP (Version 3) (ICRQ, ICRP, ICCN, OCRQ, OCRP,
OCCN) - MUST be either REGENERATED or DROPPED.
Data Sequencing AVP (Version 3) (ICRQ, ICRP, ICCN, OCRQ, OCRP, OCCN)
- Data sequencing AVP (Attribute Type 70) is a L2TPV3 AVP equivalent
to the Sequencing required AVP (Attribute Type 39) in L2TPv2. In
L2TPv3, any endpoint (LAC or LNS i.e. LCCE) can send the Data
Sequencing AVP with the value 0 (no sequencing), 1 (sequencing only
for non-ip packets) or 2 (sequencing for all the packets). In L2TPv2,
only LAC can send the Sequencing Required AVP that requests the
sequencing for all the packets. If data sequencing is enabled on the
First session, then TSA should enable it on the Second session by
sending the appropriate AVP (i.e. REGENERATED). If data sequencing
is enabled on the First session, then TSA MAY choose (as decided by
the local policy) not to enable the sequencing on Second session i.e.
DROPPED. TSA SHOULD not enforce the sequencing but should send the
data sequencing AVP on the Second session, if it's enabled on the
Kelkar, et al. Expires December 22, 2006 [Page 9]
Internet-Draft PPP over L2TP Tunnel Switching June 2006
First session. There is no requirement to have all hops use the
consistent sequencing configuration. As always TSA's local policy
would take precedence over the default behavior of "REGENERATED or
DROPPED"
Circuit Status AVP (Version 3) (ICRQ, ICRP, ICCN, OCRQ, OCRP, OCCN,
SLI) - MUST be either REGENERATED or DROPPED.
Preferred Language AVP (Version 3) (SCCRQ, SCCRP) - MUST be either
REGENERATED or DROPPED.
Tx Connect Speed AVP (Version 3) (ICRQ, ICRP, ICCN, OCRQ, OCRP, OCCN)
- MUST be either RELAYED, REGENERATED or DROPPED. In case of version
switch, TSA should relay it as a Tx Connect Speed AVP (Attribute Type
24). If value is greater than 4 octets, it SHOULD be dropped.
Rx Connect Speed AVP (Version 3) (ICRQ, ICRP, ICCN, OCRQ, OCRP, OCCN)
- MUST be either RELAYED if negotiated by the First session,
REGENERATED or DROPPED. In case of version switch, TSA should relay
it as a Rx Connect Speed AVP (Attribute Type 38). If value is
greater than 4 octets, it SHOULD be dropped.
Offset Size (Version 3) (ICRQ, ICRP, ORCQ, OCRP) (Ref [6]) - MUST be
either REGENERATED or DROPPED.
Tx Minimum Speed AVP (Version 3) (OCRQ) (Ref [6]) - MUST be either
RELAYED, REGENERATED or DROPPED. In case of version switch, TSA
should relay it as a Minimum BPS AVP (Attribute Type 16). If value
is greater than 4 octets, it SHOULD be dropped.
Tx Maximum Speed AVP (Version 3) (OCRQ) (Ref [6]) - MUST be either
RELAYED, REGENERATED or DROPPED. In case of version switch, TSA
should relay it as a Maximum BPS AVP (Attribute Type 17). If value
is greater than 4 octets, it SHOULD be dropped.
Rx Minimum Speed AVP (Version 3) (OCRQ) (Ref [6]) - MUST be either
RELAYED, REGENERATED or DROPPED. In case of version switch, TSA
should relay it as a Rx Minimum BPS AVP (Attribute Type 40). If
value is greater than 4 octets, it SHOULD be dropped.
Rx Maximum Speed AVP (Version 3) (OCRQ) (Ref [6]) - MUST be either
RELAYED, REGENERATED or DROPPED. In case of version switch, TSA
should relay it as a Rx Maximum BPS AVP (Attribute Type 41). If
value is greater than 4 octets, it SHOULD be dropped.
Failover Capability AVP (SCCRQ, SCCRP) (Ref [9]) - MUST be
REGENERATED based on the TSA's capabilities
Kelkar, et al. Expires December 22, 2006 [Page 10]
Internet-Draft PPP over L2TP Tunnel Switching June 2006
Tunnel Recovery AVP (SCCRQ) (Ref [9]) - MUST be REGENERATED based on
failover negotiations with the peer on an individual tunnel.
Suggested Control Sequence AVP (SCCRP) (Ref [9]) - MUST be
REGENERATED based on failover negotiations with the peer on an
individual tunnel.
Failover Session State AVP (FSQ, FSR) (Ref [9]) - MUST be REGENERATED
based on failover negotiations with the peer on an individual tunnel.
TSA ID AVPs (defined in this document) - MUST be STACKED. The local
TSA ID AVP is stacked to the incoming set of TSA ID AVPs.
4. Loop Detection
The Tunnel Switching Aggregator (TSA) ID AVP, Attribute Type 93,
could be used to detect if a session is looping in an L2TP tunnel
switched network. This AVP MUST be STACKED.
If this AVP was received in an incoming control packet (ICRQ, OCRQ)
then the TSA MUST check to see if it's own TSA ID (a configured
value) is present in the stack of incoming TSA ID AVPs. Upon finding
a match, the TSA MUST respond with a CDN carrying a Result Code
indicating 'Loop Detected' 26, and optionally a description
indicating the loop condition. A match comparison MUST only be
performed if TSA has configured non-null TSA ID.
The Attribute Value field for this AVP has the following format:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| TSA ID ... (maximum 64 octets)
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
TSA ID is a configured value (human readable string) with a maximum
length of 64 octets. It is administratively controlled to ensure its
uniqueness among all the inter-connected LACs, LNSs and TSAs. If no
value is configured then the AVP value MUST be of length 0.
This AVP MUST be either hidden (the H-bit can be either 0 or 1). The
M-bit for this AVP MUST be set to 0.
Kelkar, et al. Expires December 22, 2006 [Page 11]
Internet-Draft PPP over L2TP Tunnel Switching June 2006
5. CDN Messages and L2TP tunnel Switching
To identify error conditions explicitly in the multi-TSA environment,
new error codes are defined. Existing error codes are not used
because they might trigger an unwarranted behavior depending upon why
it was generated. Error codes are defined as follows:
Next hop unreachable (Result Code 2, Error Code 10) - TSA MUST
disconnect the First tunnel/session with this Error Code, if next hop
is unreachable and no other alternative paths are available as
determined by the local policy.
Next hop busy (Result Code 2, Error Code 11) - TSA MUST disconnect
the First tunnel/session with this Error Code, if next hop
disconnects the Second tunnel/session with an error code 'TSA Busy'
or other indications from next hop indicate that it is too busy to
take more tunnels/sessions and no other alternative paths are
available as determined by the local policy
TSA busy (Result Code 2, Error Code 12) - TSA MUST disconnect the
first tunnel/session with this Error Code, if it is congested or
temporarily running out of resources.
In the case of multiple levels of TSAs, error code SHOULD be
propagated back until it reaches either the original LCCE or an
intermediate TSA, which has an alternate path. On the receipt of
error code, local policy on the LCCE or the intermediate TSA should
handle the fallback and use it for the congestion recovery design.
6. IANA Considerations
6.1. Control Message Attribute Value Pairs (AVPs)
This number space is managed by IANA as per section 2.1 of [10].
A summary of the new AVPs follows:
Control Message Attribute Value Pairs
Attribute
Type Description
--------- ------------------
93 Tunnel Switching Aggregator ID AVP
Kelkar, et al. Expires December 22, 2006 [Page 12]
Internet-Draft PPP over L2TP Tunnel Switching June 2006
6.2. Result Code AVP Values
New L2TP Result Codes appear in section 4 and 5, which need
assignment by IANA as described in section 2.3 of [10].
Result Code AVP (Attribute Type 1) Values
-----------------------------------------
Defined Result Code values for the CDN message are:
26 - Loop Detected
General Error Codes
10 - Next hop unreachable
11 - Next hop busy
12 - TSA busy
7. Security Considerations
TSA ID AVP could reveal the set of nodes that a given L2TP session is
traversing in the network.
If the AVPs described in this document are of concern then AVP
hiding, described in [1] MAY be used to help mitigate the security
threat; though it is not widely regarded as cryptographically secure,
[11] describes a more robust method for securing L2TP in general, and
should be used to encrypt all L2TP messages.
8. Intellectual Property Statement
The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be
found in BCP 78 and BCP 79.
Copies of IPR disclosures made to the IETF Secretariat and any
assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the use of
such proprietary rights by implementers or users of this
Kelkar, et al. Expires December 22, 2006 [Page 13]
Internet-Draft PPP over L2TP Tunnel Switching June 2006
specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at ietf-
ipr@ietf.org.
9. Copyright Statement
Copyright (C) The Internet Society (2006).
This document is subject to the rights, licenses and restrictions
contained in BCP 78, and except as set forth therein, the authors
retain all their rights.
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
10. Acknowledgments
Authors gratefully acknowledge the valuable contributions of: Mark W.
Townsley, Reinaldo Penno, Ly Loi and Marc Eaton-Brown. We would like
to thank Carlos Pignataro for a thorough review.
Kelkar, et al. Expires December 22, 2006 [Page 14]
Internet-Draft PPP over L2TP Tunnel Switching June 2006
11. References
11.1. Normative References
[1] RFC 2661, W. Townsley, A. Valencia, A. Rubens, G. Pall, G.
Zorn, B. Palter, "Layer 2 Tunnel Protocol (L2TP)", August 1999.
[2] RFC 3931, J. Lau, M. Townsley, I. Goyret, "Layer Two Tunneling
Protocol (Version 3)", March 2005.
[3] RFC 3145, Verma, et. al. "L2TP Disconnect Cause Information",
July 2001.
[4] RFC 3308, P. Calhoun, W. Luo, D. McPherson, K. Peirce, "Layer
Two Tunneling Protocol (L2TP) Differentiated Services
Extension", November 2002.
[5] RFC 3437, W. Palter, W. Townsley, "Layer-Two Tunneling Protocol
Extensions for PPP Link Control Protocol Negotiation", December
2002.
[6] C. Pignataro, Ed, "PPP Tunneling Using Layer Two Tunneling
Protocol Version 3" work in progress, draft-ietf-l2tpext-l2tp-
ppp-04.txt, May 2006.
[7] RFC 1661, W. Simpson, "The Point-to-Point Protocol (PPP)", STD
51, July 1994.
[8] RFC 3301, Y. T'Joens, B. Sales, P. Crivellari, "Layer Two
Tunnelling Protocol (L2TP): ATM access network extensions",
June 2002
[9] V. Jain, Ed, "Fail Over extensions for L2TP failover" work in
progress, draft-ietf-l2tpext-failover-06.txt, October 2005.
11.2. Informative References
[10] BCP0068, Townsley, W., "Layer Two Tunneling Protocol (L2TP)
Internet Assigned Numbers Authority (IANA) Considerations
Update" RFC3438, BCP0068, December 2002
[11] RFC 3193, B. Patel, B. Aboba, W. Dixon, G. Zorn, S. Booth,
"Securing L2TP using IPsec", November 2001
Kelkar, et al. Expires December 22, 2006 [Page 15]
Internet-Draft PPP over L2TP Tunnel Switching June 2006
Author's Addresses
Mahesh Kelkar
Juniper Networks
10 Technology Park Drive
Westford, MA 01886
Email: mkelkar@juniper.net
Tom Mistretta
Juniper Networks
10 Technology Park Drive
Westford, MA 01886
Email: tmistretta@juniper.net
Paul Howard
Juniper Networks
10 Technology Park Drive
Westford, MA 01886
Email: phoward@juniper.net
Vipin Jain
Riverstone Networks
5200 Great America Parkway
Santa Clara, CA 95054
Email: vipinietf@yahoo.com
Kelkar, et al. Expires December 22, 2006 [Page 16]