MAC-Forced Forwarding: A Method for Subscriber Separation on an Ethernet Access Network
RFC 4562
Document | Type | RFC - Informational (June 2006; No errata) | |
---|---|---|---|
Authors | Torben Melsen , Steven Blake | ||
Last updated | 2018-12-20 | ||
Stream | Independent Submission | ||
Formats | plain text html pdf htmlized (tools) htmlized bibtex | ||
Stream | ISE state | (None) | |
Consensus Boilerplate | Unknown | ||
Document shepherd | No shepherd assigned | ||
IESG | IESG state | RFC 4562 (Informational) | |
Action Holders |
(None)
|
||
Telechat date | |||
Responsible AD | Mark Townsley | ||
Send notices to | slblake@modularnet.com |
Network Working Group T. Melsen Request for Comments: 4562 S. Blake Category: Informational Ericsson June 2006 MAC-Forced Forwarding: A Method for Subscriber Separation on an Ethernet Access Network Status of This Memo This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The Internet Society (2006). Abstract This document describes a mechanism to ensure layer-2 separation of Local Area Network (LAN) stations accessing an IPv4 gateway over a bridged Ethernet segment. The mechanism - called "MAC-Forced Forwarding" - implements an Address Resolution Protocol (ARP) proxy function that prohibits Ethernet Media Access Control (MAC) address resolution between hosts located within the same IPv4 subnet but at different customer premises, and in effect directs all upstream traffic to an IPv4 gateway. The IPv4 gateway provides IP-layer connectivity between these same hosts. Melsen & Blake Informational [Page 1] RFC 4562 MAC-Forced Forwarding June 2006 Table of Contents 1. Introduction ....................................................2 1.1. Access Network Requirements ................................3 1.2. Using Ethernet as an Access Network Technology .............4 2. Terminology .....................................................5 3. Solution Aspects ................................................6 3.1. Obtaining the IP and MAC Addresses of the Access Routers ...6 3.2. Responding to ARP Requests .................................7 3.3. Filtering Upstream Traffic .................................8 3.4. Restricted Access to Application Servers ...................8 4. Access Router Considerations ....................................8 5. Resiliency Considerations .......................................9 6. Multicast Considerations ........................................9 7. IPv6 Considerations ............................................10 8. Security Considerations ........................................10 9. Acknowledgements ...............................................11 10. References ....................................................11 10.1. Normative References .....................................11 10.2. Informative References ...................................12 1. Introduction The main purpose of an access network is to provide connectivity between customer hosts and service provider access routers (ARs), typically offering reachability to the Internet and other IP networks and/or IP-based applications. An access network may be decomposed into a subscriber line part and an aggregation network part. The subscriber line - often referred to as "the first mile" - is characterized by an individual physical (or logical, in the case of some wireless technologies) connection to each customer premises. The aggregation network - "the second mile" - performs aggregation and concentration of customer traffic. The subscriber line and the aggregation network are interconnected by an Access Node (AN). Thus, the AN constitutes the border between individual subscriber lines and the common aggregation network. This is illustrated in the following figure. Melsen & Blake Informational [Page 2] RFC 4562 MAC-Forced Forwarding June 2006 Access Aggregation Access Subscriber Customer Routers Network Nodes Lines Premises Networks +----+ | --+ AR +-----------| +----+ +----+ | | +----------------[]-------- |--------+ AN | | | +----------------[]-------- | +----+ | | +----+ | | +----------------[]-------- |--------+ AN | | | +----------------[]-------- | +----+ | | +----+ | | +----------------[]-------- |--------+ AN | +----+ | | +----------------[]-------- --+ AR +-----------| +----+ +----+ | 1.1. Access Network RequirementsShow full document text