draft-ietf-nsis-req-07.txt   draft-ietf-nsis-req-08.txt 
Network Working Group M. Brunner (Editor) Network Working Group M. Brunner (Editor)
Internet Draft NEC Internet Draft NEC
Category: Informational March 2003 Category: Informational June 2003
Requirements for Signaling Protocols Requirements for Signaling Protocols
<draft-ietf-nsis-req-07.txt> <draft-ietf-nsis-req-08.txt>
Status of this Memo Status of this Memo
This document is an Internet-Draft and is in full conformance with This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC2026. all provisions of Section 10 of RFC2026.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet- other groups may also distribute working documents as Internet-
Drafts. Drafts.
skipping to change at page 2, line 10 skipping to change at page 2, line 10
interactions. This document presents the assumptions before listing interactions. This document presents the assumptions before listing
the requirements. The requirements are grouped according to areas the requirements. The requirements are grouped according to areas
such as architecture and design goals, signaling flows, layering, such as architecture and design goals, signaling flows, layering,
performance, flexibility, security, and mobility. performance, flexibility, security, and mobility.
Table of Contents Table of Contents
Status of this Memo................................................1 Status of this Memo................................................1
Abstract...........................................................1 Abstract...........................................................1
Table of Contents..................................................2 Table of Contents..................................................2
1 Introduction.....................................................2 1 Introduction.....................................................4
1.1. Keywords....................................................3 1.1. Keywords....................................................4
2 Terminology......................................................3 2 Terminology......................................................4
3 Problem Statement and Scope......................................4 3 Problem Statement and Scope......................................5
4 Assumptions and Exclusions.......................................5 4 Assumptions and Exclusions.......................................6
4.1 Assumptions and Non-Assumptions................................5 4.1 Assumptions and Non-Assumptions................................6
4.2 Exclusions.....................................................6 4.2 Exclusions.....................................................7
5 Requirements.....................................................7 5 Requirements.....................................................9
5.1 Architecture and Design Goals..................................8 5.1 Architecture and Design Goals..................................9
5.2 Signaling Flows................................................9 5.1.1 NSIS SHOULD provide availability information on request......9
5.3 Messaging.....................................................10 5.1.2 NSIS MUST be designed modularly..............................9
5.4 Control Information...........................................12 5.1.3 NSIS MUST decouple protocol and information.................10
5.5 Performance...................................................13 5.1.4 NSIS MUST support independence of signaling and network
5.6 Flexibility...................................................15 control paradigm..................................................10
5.7 Security......................................................16 5.1.5 NSIS SHOULD be able to carry opaque objects.................10
5.8 Mobility......................................................18 5.2 Signaling Flows...............................................10
5.9 Interworking with other protocols and techniques..............18 5.2.1 The placement of NSIS Initiator, Forwarder, and Responder
5.10 Operational..................................................19 anywhere in the network MUST be allowed...........................11
6 Security Considerations.........................................19 5.2.2 NSIS MUST support path-coupled and MAY support path-decoupled
7 References......................................................19 signaling.........................................................11
7.1 Normative References..........................................19 5.2.3 Concealment of topology and technology information SHOULD be
7.2 Non-Normative References......................................20 possible..........................................................11
8 Acknowledgments.................................................20 5.2.4 Transparent signaling through networks SHOULD be possible...11
9 Author's Addresses..............................................20 5.3 Messaging.....................................................11
10 Appendix: Scenarios/Use cases..................................21 5.3.1 Explicit erasure of state MUST be possible..................12
10.1 Terminal Mobility............................................21 5.3.2 Automatic release of state after failure MUST be possible...12
10.2 3G Wireless Networks.........................................23 5.3.3 NSIS SHOULD allow for sending notifications upstream........12
10.3 An example scenario for 3G wireless networks.................24 5.3.4 Establishment and refusal to set up state MUST be notified..13
10.4 Wired part of wireless network...............................26 5.3.5 NSIS MUST allow for local information exchange..............13
10.5 Session Mobility.............................................27 5.4 Control Information...........................................13
10.6 QoS s/negotiation from access to core network................28 5.4.1 Mutability information on parameters SHOULD be possible.....14
10.7 QoS /negotiation over administrative boundaries..............28 5.4.2 It SHOULD be possible to add and remove local domain
10.8 QoS signaling between PSTN gateways and backbone routers.....29 information.......................................................14
10.9 PSTN trunking gateway........................................30 5.4.3 State MUST be addressed independent of flow identification..14
10.10 Application request end-to-end QoS path from the network....32 5.4.4 Modification of already established state SHOULD be seamless14
5.4.5 Grouping of signaling for several micro-flows MAY be provided
..................................................................14
5.5 Performance...................................................15
5.5.1 Scalability.................................................15
5.5.2 NSIS SHOULD allow for low latency in setup..................15
5.5.3 NSIS MUST allow for low bandwidth consumption for the
signaling protocol................................................15
5.5.4 NSIS SHOULD allow to constrain load on devices..............16
5.5.5 NSIS SHOULD target the highest possible network utilization.16
5.6 Flexibility...................................................16
5.6.1 Flow aggregation............................................16
5.6.2 Flexibility in the placement of the NSIS Initiator/Responder16
5.6.3 Flexibility in the initiation of state change...............16
5.6.4 SHOULD support network-initiated state change...............17
5.6.5 Uni / bi-directional state setup............................17
5.7 Security......................................................17
5.7.1 Authentication of signaling requests........................17
5.7.2 Request Authorization.......................................17
5.7.3 Integrity protection........................................18
5.7.4 Replay protection...........................................18
5.7.5 Hop-by-hop security.........................................18
5.7.6 Identity confidentiality and network topology hiding........18
5.7.7 Denial-of-service attacks...................................18
5.7.8 Confidentiality of signaling messages.......................19
5.7.9 Ownership of state..........................................19
5.8 Mobility......................................................19
5.8.1 Allow efficient service re-establishment after handover.....19
5.9 Interworking with other protocols and techniques..............19
5.9.1 MUST interwork with IP tunneling............................19
5.9.2 MUST NOT constrain either to IPv4 or IPv6...................19
5.9.3 MUST be independent from charging model.....................20
5.9.4 SHOULD provide hooks for AAA protocols......................20
5.9.5 SHOULD work with seamless handoff protocols.................20
5.9.6 MUST work with traditional routing..........................20
5.10 Operational..................................................20
5.10.1 Ability to assign transport quality to signaling messages..20
5.10.2 Graceful fail over.........................................21
5.10.3 Graceful handling of NSIS entity problems..................21
6 Security Considerations.........................................21
7 References......................................................21
7.1 Normative References..........................................21
7.2 Non-Normative References......................................21
8 Acknowledgments.................................................21
9 Author's Addresses..............................................22
10 Appendix: Scenarios/Use cases..................................23
10.1 Terminal Mobility............................................23
10.2 Wireless Networks............................................25
10.3 An example scenario for 3G wireless networks.................26
10.4 Wired part of wireless network...............................27
10.5 Session Mobility.............................................29
10.6 QoS reservation/negotiation from access to core network......29
10.7 QoS reservation/negotiation over administrative boundaries...30
10.8 QoS signaling between PSTN gateways and backbone routers.....30
10.9 PSTN trunking gateway........................................32
10.10 An application requests end-to-end QoS path from the network34
10.11 QOS for Virtual Private Networks............................34
10.11.1 Tunnel end points at the Customer premises................34
10.11.2 Tunnel end points at the provider premises................35
1 Introduction 1 Introduction
This document defines requirements for signaling across different This document defines requirements for signaling across different
network environments. It does not list any problems of existing network environments. It does not list any problems of existing
signaling protocols such as [RSVP]. signaling protocols such as [RSVP].
In order to derive requirements for signaling it is necessary to In order to derive requirements for signaling it is necessary to
first have an idea of the scope within which they are applicable. first have an idea of the scope within which they are applicable.
Therefore, we list use cases and scenarios where an NSIS protocol Therefore, we list use cases and scenarios where an NSIS protocol
could be applied. The scenarios are used to help derive requirements could be applied. The scenarios are used to help derive requirements
and to test the requirements against use cases. and to test the requirements against use cases.
The requirements listed are independent of any application. However, The requirements listed are independent of any application. However,
resource reservation and QoS related issues are used as example resource reservation and QoS related issues are used as example
within the text. However, QoS is not the only field where signaling within the text. However, QoS is not the only field where signaling
is used in the Internet. Others might be the use for middlebox is used in the Internet. Signaling might also be used as a
communication [RFC3234]. communication protocol to setup and maintain the state in
middleboxes [RFC3234].
There are several areas related to networking aspects which are This document does not cover requirements in relation to some
incomplete, for example, interaction with host and site multi- networking areas, in particular, interaction with host and site
homing, use of anycast services, and so on. These issues should be multihoming. We leave these for future analysis.
considered in any future analysis work.
1.1. Keywords 1.1. Keywords
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in
this document are to be interpreted as described in RFC 2119 this document are to be interpreted as described in RFC 2119
[KEYWORDS]. [KEYWORDS].
2 Terminology 2 Terminology
skipping to change at page 5, line 8 skipping to change at page 6, line 19
signaling path, the NSIS Forwarder. signaling path, the NSIS Forwarder.
The NSIS Forwarder does not interact with higher layers, but The NSIS Forwarder does not interact with higher layers, but
interacts with the NSIS Initiator, NSIS Responder, and possibly one interacts with the NSIS Initiator, NSIS Responder, and possibly one
or more NSIS Forwarders on the signaling path, edge-to-edge or end- or more NSIS Forwarders on the signaling path, edge-to-edge or end-
to-end. to-end.
3. Something that terminates the signaling path, the NSIS Responder. 3. Something that terminates the signaling path, the NSIS Responder.
The NSIS responder might be in an end-system or within other The NSIS responder might be in an end-system or within other
equipment. The distinguishing feature of the NSIS Initiator is that equipment. The distinguishing feature of the NSIS Responder is that
it responds to requests at the end of a signaling path. it responds to requests at the end of a signaling path.
4. The signaling path traverses an underlying network covering one 4. The signaling path traverses an underlying network covering one
or more IP hops. The underlying network might use locally different or more IP hops. The underlying network might use locally different
technology. For instance, QoS technology has to be provisioned technology. For instance, QoS technology has to be provisioned
appropriately for the service requested. In the QoS example, an NSIS appropriately for the service requested. In the QoS example, an NSIS
Forwarder maps service-specific information to technology-related Forwarder maps service-specific information to technology-related
QoS parameters and receives indications about success or failure in QoS parameters and receives indications about success or failure in
response. response.
skipping to change at page 8, line 14 skipping to change at page 9, line 29
modular components or capabilities, which are optional to implement modular components or capabilities, which are optional to implement
or use in individual nodes. or use in individual nodes.
In order to prioritize the various requirements we informally define In order to prioritize the various requirements we informally define
different 'parts of the network'. In the different parts of the different 'parts of the network'. In the different parts of the
network a particular requirement might have a different priority. network a particular requirement might have a different priority.
The parts of the networks we differentiate are the host-to-first The parts of the networks we differentiate are the host-to-first
router, the access network, and the core network. The host to first router, the access network, and the core network. The host to first
router part includes all the layer 2 technologies to access to the router part includes all the layer 2 technologies to access to the
Internet. In many cases, there is an application and/or user running Internet. This part of the division is especially informal and may
on the host initiating signaling. The access network can be incorporate several access segments. In many cases, there is an
characterized by low capacity links, medium speed IP processing application and/or user running on the host initiating signaling.
capabilities, and it might consist of a complete layer 2 network as The access network can be characterized by low capacity links,
well. The core network characteristics include high-speed forwarding medium speed IP processing capabilities, and it might consist of a
capacities and inter-domain issues. These divisions between network complete layer 2 network as well. The core network characteristics
types are not strict and do not appear in all networks, but where include high-speed forwarding capacities and inter-domain issues.
they do exist they may influence signaling requirements and will be These divisions between network types are not strict and do not
highlighted as necessary. appear in all networks, but where they do exist they may influence
signaling requirements and will be highlighted as necessary.
5.1 Architecture and Design Goals 5.1 Architecture and Design Goals
This section contains requirements related to desirable overall This section contains requirements related to desirable overall
characteristics of a solution, e.g. enabling flexibility, or characteristics of a solution, e.g. enabling flexibility, or
independence of parts of the framework. independence of parts of the framework.
5.1.1 NSIS SHOULD provide availability information on request 5.1.1 NSIS SHOULD provide availability information on request
NSIS SHOULD provide a mechanism to check whether state to be setup NSIS SHOULD provide a mechanism to check whether state to be setup
skipping to change at page 9, line 53 skipping to change at page 11, line 18
The protocol MUST work in various scenarios such as host-to-network- The protocol MUST work in various scenarios such as host-to-network-
to-host, edge-to-edge, (e.g., just within one provider's domain), to-host, edge-to-edge, (e.g., just within one provider's domain),
user-to-network (from end system into the network, ending, e.g., at user-to-network (from end system into the network, ending, e.g., at
the entry to the network and vice versa), and network-to-network the entry to the network and vice versa), and network-to-network
(e.g., between providers). (e.g., between providers).
Placing the NSIS Forwarder and NSIS Initiator functions at different Placing the NSIS Forwarder and NSIS Initiator functions at different
locations allows for various scenarios to work with the same locations allows for various scenarios to work with the same
protocol. protocol.
5.2.2 NSIS MUST support path-coupled and SHOULD NOT exclude path- 5.2.2 NSIS MUST support path-coupled and MAY support path-decoupled
decoupled signaling. signaling.
The path-coupled signaling mode MUST be supported. NSIS signaling The path-coupled signaling mode MUST be supported. NSIS signaling
messages are routed only through nodes (NEs) that are in the data messages are routed only through nodes (NEs) that are in the data
path. path.
However, there is a set of scenarios, where signaling is not on the However, there is a set of scenarios, where signaling is not on the
data path. Therefore, NSIS SHOULD NOT exclude the path-decoupled data path. Therefore, NSIS MAY support the path-decoupled signaling
signaling mode, where signaling messages are routed to nodes (NEs), mode, where signaling messages are routed to nodes (NEs), which are
which are not assumed to be on the data path, but which are aware of not assumed to be on the data path, but which are aware of it.
it.
5.2.3 Concealment of topology and technology information SHOULD be 5.2.3 Concealment of topology and technology information SHOULD be
possible possible
The NSIS protocol SHOULD allow for hiding the internal structure of The NSIS protocol SHOULD allow for hiding the internal structure of
a NSIS domain from end-nodes and from other networks. Hence an a NSIS domain from end-nodes and from other networks. Hence an
adversary should not be able to learn the internal structure of a adversary should not be able to learn the internal structure of a
network with the help of the signaling protocol. network with the help of the signaling protocol.
In various scenarios, topology information should be hidden for In various scenarios, topology information should be hidden for
skipping to change at page 10, line 44 skipping to change at page 12, line 11
which run within that big pipe/trunk are setup using NSIS. which run within that big pipe/trunk are setup using NSIS.
5.3 Messaging 5.3 Messaging
5.3.1 Explicit erasure of state MUST be possible 5.3.1 Explicit erasure of state MUST be possible
When state along a path is no longer necessary, e.g., because the When state along a path is no longer necessary, e.g., because the
application terminates, or because a mobile host experienced a hand- application terminates, or because a mobile host experienced a hand-
off, it MUST be possible to erase the state explicitly. off, it MUST be possible to erase the state explicitly.
5.3.2 Automatic release of state after failure SHOULD be possible 5.3.2 Automatic release of state after failure MUST be possible
When the NSIS Initiator goes down, the state it requested in the When the NSIS Initiator goes down, the state it requested in the
network SHOULD be released, since it will no longer be necessary. network SHOULD be released, since it will most likely no longer be
necessary.
After detection of a failure in the network, any NSIS After detection of a failure in the network, any NSIS
Forwarder/Initiator MUST be able to release state it is involved in. Forwarder/Initiator MUST be able to release state it is involved in.
For example, this may require signaling of the "Release after For example, this may require signaling of the "Release after
Failure" message upstream as well as downstream, or soft state Failure" message upstream as well as downstream, or soft state
timing out. timing out.
The goal is to prevent stale state within the network and adds The goal is to prevent stale state within the network and adds
robustness to the operation of NSIS. So in other words, an NSIS robustness to the operation of NSIS. So in other words, an NSIS
signaling protocol or mechanisms MUST provide means for an NSIS signaling protocol or mechanisms MUST provide means for an NSIS
entity to discover and remove local stale state. entity to discover and remove local stale state.
Note that this might need to work together with a notification Note that this might need to work together with a notification
mechanism. mechanism. Note as well, that transient failures in NSIS processing
shouldn't necessarily have to cause all state to be released
immediately.
5.3.3 NSIS SHOULD allow for sending notifications upstream 5.3.3 NSIS SHOULD allow for sending notifications upstream
NSIS Forwarders SHOULD notify the NSIS Initiator or any other NSIS NSIS Forwarders SHOULD notify the NSIS Initiator or any other NSIS
Forwarder upstream, if there is a state change inside the network. Forwarder upstream, if there is a state change inside the network.
There are various types of network changes for instance among them: There are various types of network changes for instance among them:
Recoverable errors: the network nodes can locally repair this type Recoverable errors: the network nodes can locally repair this type
error. The network nodes do not have to notify the users of the error. The network nodes do not have to notify the users of the
error immediately. This is a condition when the danger of error immediately. This is a condition when the danger of
skipping to change at page 12, line 35 skipping to change at page 14, line 7
host (NSIS Initiator) and only applies within one administrative host (NSIS Initiator) and only applies within one administrative
domain. domain.
5.4 Control Information 5.4 Control Information
This section contains requirements related to the control This section contains requirements related to the control
information that needs to be exchanged. information that needs to be exchanged.
5.4.1 Mutability information on parameters SHOULD be possible 5.4.1 Mutability information on parameters SHOULD be possible
It SHOULD be possible for the NSIS initiator to control the It is possible that nodes modify parameters of a signaling message.
mutability of the signaled information. This prevents them from However, it SHOULD be possible for the NSIS Initiator to control the
being changed in a non-recoverable way. The NSIS initiator SHOULD be mutability of the signaled information. For example, the NSIS
able to control what is requested end to end, without the request Initiator should be able to control what is requested end to end,
being gradually mutated as it passes through a sequence of domains. without the request being gradually mutated as it passes through a
This implies that in case of changes made on the parameters, the sequence of nodes.
original requested ones must still be available.
Note that we do not require anything about particular parameters
being changed.
Additionally, note that the provider of the particular requested
services can still influence the provisioning but in the signaling
message the request should stay the same.
5.4.2 It SHOULD be possible to add and remove local domain information 5.4.2 It SHOULD be possible to add and remove local domain information
It SHOULD be possible to add and remove local scope elements. It SHOULD be possible to add and remove local scope elements.
Compared to Requirement 5.3.5 this requirement does use the normal Compared to Requirement 5.3.5 this requirement does use the normal
signaling process and message exchange for transporting local signaling process and message exchange for transporting local
information. For example, at the entrance to a domain domain- information. For example, at the entrance to a domain domain-
specific information is added, which is used in this domain only, specific information is added, which is used in this domain only,
and the information is removed again when a signaling message leaves and the information is removed again when a signaling message leaves
the domain. The motivation is in the economy of re-using the the domain. The motivation is in the economy of re-using the
skipping to change at page 13, line 17 skipping to change at page 14, line 35
domain, it should be possible to carry this at the same time as the domain, it should be possible to carry this at the same time as the
end-to-end information. end-to-end information.
5.4.3 State MUST be addressed independent of flow identification 5.4.3 State MUST be addressed independent of flow identification
Addressing or identifying state MUST be independent of the flow Addressing or identifying state MUST be independent of the flow
identifier (flow end-points, topological addresses). Various identifier (flow end-points, topological addresses). Various
scenarios in the mobility area require this independence because scenarios in the mobility area require this independence because
flows resulting from handoff might have changed end-points etc. but flows resulting from handoff might have changed end-points etc. but
still have the same service requirement. Also several proxy-based still have the same service requirement. Also several proxy-based
signaling methods profit from such independence. signaling methods profit from such independence, though these are
not chartered work items for NSIS.
5.4.4 Modification of already established state SHOULD be seamless 5.4.4 Modification of already established state SHOULD be seamless
In many case, the established state needs to be updated (in QoS In many case, the established state needs to be updated (in QoS
example upgrade or downgrade of resource usage). This SHOULD happen example upgrade or downgrade of resource usage). This SHOULD happen
seamlessly without service interruption. At least the signaling seamlessly without service interruption. At least the signaling
protocol should allow for it, even if some data path elements might protocol should allow for it, even if some data path elements might
not be capable of doing so. not be capable of doing so.
5.4.5 Grouping of signaling for several micro-flows MAY be provided 5.4.5 Grouping of signaling for several micro-flows MAY be provided
skipping to change at page 14, line 51 skipping to change at page 16, line 14
5.5.4 NSIS SHOULD allow to constrain load on devices 5.5.4 NSIS SHOULD allow to constrain load on devices
The NSIS architecture SHOULD give the ability to constrain the load The NSIS architecture SHOULD give the ability to constrain the load
(CPU load, memory space, signaling bandwidth consumption and (CPU load, memory space, signaling bandwidth consumption and
signaling intensity) on devices where it is needed. One of the signaling intensity) on devices where it is needed. One of the
reasons is that the protocol handling should have a minimal impact reasons is that the protocol handling should have a minimal impact
on interior (core) nodes. on interior (core) nodes.
This can be achieved by many different methods. Examples include This can be achieved by many different methods. Examples include
message aggregation, header compression, or minimizing message aggregation, header compression, minimizing functionality,
functionality. The framework may choose any method as long as the or ignoring signaling in core nodes. The framework may choose any
requirement is met. method as long as the requirement is met.
5.5.5 NSIS SHOULD target the highest possible network utilization 5.5.5 NSIS SHOULD target the highest possible network utilization
This requirement applies specifically to QoS signaling. This requirement applies specifically to QoS signaling.
There are networking environments that require high network There are networking environments that require high network
utilization for various reasons, and the signaling protocol SHOULD utilization for various reasons, and the signaling protocol SHOULD
to its best ability support high resource utilization while to its best ability support high resource utilization while
maintaining appropriate service quality. maintaining appropriate service quality.
skipping to change at page 17, line 7 skipping to change at page 18, line 23
5.7.4 Replay protection 5.7.4 Replay protection
To prevent replay of previous signaling messages the signaling To prevent replay of previous signaling messages the signaling
protocol MUST provide means to detect old i.e. already transmitted protocol MUST provide means to detect old i.e. already transmitted
signaling messages. A solution must cover issues of synchronization signaling messages. A solution must cover issues of synchronization
problems in the case of a restart or a crash of a participating problems in the case of a restart or a crash of a participating
network element. network element.
5.7.5 Hop-by-hop security 5.7.5 Hop-by-hop security
Hop-by-Hop security SHOULD be supported. It is a well known and Channel security between signaling entities MUST be implemented. It is
proven concept in Quality-of-Service and other signaling protocols a well known and proven concept in Quality-of-Service and other
that allows intermediate nodes that actively participate in the signaling protocols that allows intermediate nodes that actively
protocol to modify the messages as it is required by processing participate in the protocol to modify the messages as it is required
rules. Note that this requirement does not exclude end-to-end or by processing rules. Note that this requirement does not exclude end-
network-to-network security of a signaling message. End-to-end to-end or network-to-network security of a signaling message. End-to-
security between the initiator and the responder may be used to end security between the NSIS Initiator and the NSIS Responder may be
provide protection of non-mutable data fields. Network-to-network used to provide protection of non-mutable data fields. Network-to-
security refers to the protection of messages over various hops but network security refers to the protection of messages over various
not in an end-to-end manner i.e. protected over a particular network. hops but not in an end-to-end manner i.e. protected over a particular
network.
5.7.6 Identity confidentiality and network topology hiding 5.7.6 Identity confidentiality and network topology hiding
Identity confidentiality SHOULD be supported. It enables privacy and Identity confidentiality SHOULD be supported. It enables privacy and
avoids profiling of entities by adversary eavesdropping the signaling avoids profiling of entities by adversary eavesdropping the signaling
traffic along the path. The identity used in the process of traffic along the path. The identity used in the process of
authentication may also be hidden to a limited extent from a network authentication may also be hidden to a limited extent from a network
to which the initiator is attached. However the identity MUST provide to which the initiator is attached. However the identity MUST provide
enough information for the nodes in the access network to collect enough information for the nodes in the access network to collect
accounting data. accounting data.
skipping to change at page 18, line 49 skipping to change at page 20, line 15
5.9.3 MUST be independent from charging model 5.9.3 MUST be independent from charging model
Signaling MUST NOT be constrained by charging models or the charging Signaling MUST NOT be constrained by charging models or the charging
infrastructure used. infrastructure used.
5.9.4 SHOULD provide hooks for AAA protocols 5.9.4 SHOULD provide hooks for AAA protocols
The NSIS SHOULD be developed with respect to be able to collect The NSIS SHOULD be developed with respect to be able to collect
usage records from one or more network elements. usage records from one or more network elements.
5.9.5 SHOULD interwork with seamless handoff protocols 5.9.5 SHOULD work with seamless handoff protocols
An NSIS protocol SHOULD interwork with seamless handoff protocols An NSIS protocol SHOULD work with seamless handoff protocols such as
such as context transfer and candidate access router (CAR) context transfer and candidate access router (CAR) discovery.
discovery.
5.9.6 MAY interwork with non-traditional routing 5.9.6 MUST work with traditional routing
NSIS assumes L3 routing, but networks, which do non-traditional
routing, should not break it. NSIS assumes traditional L3 routing, which is purely based on L3
destination addresses. NSIS MUST work with L3 routing, in particular
it MUST work in case of route changes. This means state on the old
route MUST be released and state on the new route MUST be
established by an NSIS protocol.
Networks, which do non-traditional routing, should not break NSIS
signaling. NSIS MAY work for some of these situations. Particularly,
combinations of NSIS unaware nodes and routing other then
traditional one causes some problems. Non-traditional routing
includes for example routing decisions based on port numbers, other
IP header fields than the destination address, or splitting traffic
based on header hash values. These routing environments result in
the signaling path being potentially different than the data path.
5.10 Operational 5.10 Operational
5.10.1 Ability to assign transport quality to signaling messages. 5.10.1 Ability to assign transport quality to signaling messages.
The NSIS architecture SHOULD allow the network operator to assign The NSIS architecture SHOULD allow the network operator to assign
the NSIS protocol messages a certain transport quality. As signaling the NSIS protocol messages a certain transport quality. As signaling
opens up for possible denial-of-service attacks, this requirement opens up for possible denial-of-service attacks, this requirement
gives the network operator a means, but also the obligation, to gives the network operator a means, but also the obligation, to
trade-off between signaling latency and the impact (from the trade-off between signaling latency and the impact (from the
skipping to change at page 20, line 18 skipping to change at page 21, line 45
"Resource Protocol (RSVP) -- Version 1 Functional Specification", "Resource Protocol (RSVP) -- Version 1 Functional Specification",
RFC 2205, September 1997. RFC 2205, September 1997.
[RSVP-TE] D. Awduche, L. Berger, D. Gan, T. Li, V. Srinivasan, G. [RSVP-TE] D. Awduche, L. Berger, D. Gan, T. Li, V. Srinivasan, G.
Swallow, "RSVP-TE: Extensions to RSVP for LSP Tunnels", RFC 3209, Swallow, "RSVP-TE: Extensions to RSVP for LSP Tunnels", RFC 3209,
December 2001. December 2001.
[RFC3234] B. Carpenter, S. Brim, "Middleboxes: Taxonomy and Issues", [RFC3234] B. Carpenter, S. Brim, "Middleboxes: Taxonomy and Issues",
RFC 3234, February 2002. RFC 3234, February 2002.
[PPVPN_FW] R. Callon, M. Suzuki, "A Framework for Layer 3 Provider
Provisioned Virtual Private Networks", <draft-ietf-ppvpn-framework-
08.txt>, March 2003
8 Acknowledgments 8 Acknowledgments
Quite a number of people have been involved in the discussion of the Quite a number of people have been involved in the discussion of the
document, adding some ideas, requirements, etc. We list them without document, adding some ideas, requirements, etc. We list them without
a guarantee on completeness: Changpeng Fan (Siemens), Krishna Paul a guarantee on completeness: Changpeng Fan (Siemens), Krishna Paul
(NEC), Maurizio Molina (NEC), Mirko Schramm (Siemens), Andreas (NEC), Maurizio Molina (NEC), Mirko Schramm (Siemens), Andreas
Schrader (NEC), Hannes Hartenstein (NEC), Ralf Schmitz (NEC), Schrader (NEC), Hannes Hartenstein (NEC), Ralf Schmitz (NEC),
Juergen Quittek (NEC), Morihisa Momona (NEC), Holger Karl (Technical Juergen Quittek (NEC), Morihisa Momona (NEC), Holger Karl (Technical
University Berlin), Xiaoming Fu (Technical University Berlin), Hans- University Berlin), Xiaoming Fu (Technical University Berlin), Hans-
Peter Schwefel (Siemens), Mathias Rautenberg (Siemens), Christoph Peter Schwefel (Siemens), Mathias Rautenberg (Siemens), Christoph
skipping to change at page 20, line 43 skipping to change at page 22, line 21
Partain (Ericsson), Anders Bergsten (Telia Research), Marc Greis Partain (Ericsson), Anders Bergsten (Telia Research), Marc Greis
(Nokia), Georgios Karagiannis (Ericsson), Jukka Manner (University (Nokia), Georgios Karagiannis (Ericsson), Jukka Manner (University
of Helsinki), Ping Pan (Juniper), Vlora Rexhepi (Ericsson), Lars of Helsinki), Ping Pan (Juniper), Vlora Rexhepi (Ericsson), Lars
Westberg (Ericsson), Haihong Zheng (Nokia). Some of those have Westberg (Ericsson), Haihong Zheng (Nokia). Some of those have
actively contributed new text to this document as well. actively contributed new text to this document as well.
Another Internet Draft impacting this document has been written by Another Internet Draft impacting this document has been written by
Sven Van den Bosch, Maarten Buchli, and Danny Goderis (all Alcatel). Sven Van den Bosch, Maarten Buchli, and Danny Goderis (all Alcatel).
These people contributed also new text. These people contributed also new text.
Thanks also to Kwok Ho Chan (Nortel) for text changes. Thanks also to Kwok Ho Chan (Nortel) for text changes. And finally
thanks Alison Mankin for the thorough AD review.
9 Author's Addresses 9 Author's Addresses
Marcus Brunner (Editor) Marcus Brunner (Editor)
NEC Europe Ltd. NEC Europe Ltd.
Network Laboratories Network Laboratories
Kurfuersten-Anlage 36 Kurfuersten-Anlage 36
D-69115 Heidelberg D-69115 Heidelberg
Germany Germany
E-Mail: brunner@ccrle.nec.de E-Mail: brunner@ccrle.nec.de
skipping to change at page 23, line 4 skipping to change at page 24, line 38
station of a single providers network. Most likely the NSIS station of a single providers network. Most likely the NSIS
Initiator is located on a system within the network. Initiator is located on a system within the network.
3) Integration with other protocols 3) Integration with other protocols
- Interworking with other protocol must be considered in one or the - Interworking with other protocol must be considered in one or the
other form. E.g., it might be worth combining QoS signaling between other form. E.g., it might be worth combining QoS signaling between
different QoS domains with mobility signaling at hand-over. different QoS domains with mobility signaling at hand-over.
4) Handover rates 4) Handover rates
In mobile networks, the admission control process has to cope with In mobile networks, the admission control process has to cope with
far more admission requests than call setups alone would generate. far more admission requests than call setups alone would generate.
For example, in the GSM (Global System for Mobile communications) For example, in the GSM (Global System for Mobile communications)
case, mobility usually generates an average of one to two handovers case, mobility usually generates an average of one to two handovers
per call. For third generation networks (such as UMTS), where it is per call. For third generation networks (such as UMTS), where it is
necessary to keep radio links to several cells simultaneously necessary to keep radio links to several cells simultaneously
(macro-diversity), the handover rate is significantly higher. (macro-diversity), the handover rate is significantly higher.
5) Fast s 5) Fast state installation
Handover can also cause packet losses. This happens when the Handover can also cause packet losses. This happens when the
processing of an admission request causes a delayed handover to the processing of an admission request causes a delayed handover to the
new base station. In this situation, some packets might be new base station. In this situation, some packets might be
discarded, and the overall speech quality might be degraded discarded, and the overall speech quality might be degraded
significantly. Moreover, a delay in handover may cause degradation significantly. Moreover, a delay in handover may cause degradation
for other users. In the worst-case scenario, a delay in handover may for other users. In the worst-case scenario, a delay in handover may
cause the connection to be dropped if the handover occurred due to cause the connection to be dropped if the handover occurred due to
bad air link quality. Therefore, it is critical that QoS signaling bad air link quality. Therefore, it is critical that QoS signaling
in connection with handover be carried out very quickly. in connection with handover be carried out very quickly.
6) Call blocking in case of overload 6) Call blocking in case of overload
Furthermore, when the network is overloaded, it is preferable to Furthermore, when the network is overloaded, it is preferable to
keep s for previously established flows while blocking new requests. keep s for previously established flows while blocking new requests.
Therefore, the resource reservation requests in connection with Therefore, the resource reservation requests in connection with
handover should be given higher priority than new requests for handover should be given higher priority than new requests for
resource reservation. resource reservation.
10.2 3G Wireless Networks 10.2 Wireless Networks
In this scenario, the user is using the packet services of a 3rd In this scenario, the user is using the packet services of a
generation wireless system (e.g. 3GPP/UMTS, 3GPP2/cdma2000). The wireless system (such as the 3rd generation wireless system
region between the End Host and the Edge Node (Edge Router) 3GPP/UMTS, 3GPP2/cdma2000). The region between the End Host and the
connecting the wireless network to another QoS domain is considered Edge Node (Edge Router) connecting the wireless network to another
to be a single QoS domain. QoS domain is considered to be a single QoS domain.
The issues in such an environment regarding QoS include: The issues in such an environment regarding QoS include:
1) 3G wireless networks provide their own QoS technology with 1) The wireless networks provide their own QoS technology with
specialized parameters to co-ordinate the QoS provided by both the specialized parameters to co-ordinate the QoS provided by both the
radio access and wired access networks. Provisioning of QoS radio access and wired access networks. Provisioning of QoS
technologies within a 3G wireless network can be described mainly in technologies within a wireless network can be described mainly in
terms of calling bearer classes, service options and service terms of calling bearer classes, service options, and service
instances. These QoS technologies need to be invoked with suitable instances. These QoS technologies need to be invoked with suitable
parameters when higher layers trigger a request for QoS. Therefore parameters when higher layers trigger a request for QoS. Therefore
these involve mapping of the requested higher layer QoS parameters these involve mapping of the requested higher layer QoS parameters
onto specific bearer classes or service instances. The request for onto specific bearer classes or service instances. The request for
allocation of resources might be triggered by signaling at the IP allocation of resources might be triggered by signaling at the IP
level that passes across the wireless system, and possibly other QoS level that passes across the wireless system, and possibly other QoS
domains. Typically, wireless network specific messages are invoked domains. Typically, wireless network specific messages are invoked
to setup the underlying bearer classes or service instances in to setup the underlying bearer classes or service instances in
parallel with the IP layer QoS negotiation, to allocate resources parallel with the IP layer QoS negotiation, to allocate resources
within the radio access network. within the radio access network.
2) The IP signaling messages are initiated by the NSIS initiator and 2) The IP signaling messages are initiated by the NSIS initiator and
interpreted by the NSIS Forwarder. The most efficient placement of interpreted by the NSIS Forwarder. The most efficient placement of
the NSIS Initiator and NSIS Forwarder has not been determined in 3G the NSIS Initiator and NSIS Forwarder has not been determined in
wireless networks, but a few potential scenarios can be envisioned. wireless networks, but a few potential scenarios can be envisioned.
The NSIS Initiator could be located at the End Host e.g. UE or MS The NSIS Initiator could be located at the End Host (e.g. 3G User
(triggered by applications), the Access Gateway or at a node that is equipment (UE)), the Access Gateway or at a node that is not
not directly on the data path, such as a Policy Decision Function. directly on the data path, such as a Policy Decision Function. The
The Access Gateway could act as a proxy NSIS Initiator on behalf of Access Gateway could act as a proxy NSIS Initiator on behalf of the
the UE/MS or an End Host. The Policy Decision Function that controls End Host. The Policy Decision Function that controls per-
per-flow/aggregate resources with respect to the session within its flow/aggregate resources with respect to the session within its QoS
QoS domain (e.g. the 3G wireless network) may act as a proxy NSIS domain (e.g. the 3G wireless network) may act as a proxy NSIS
Initiator for the UE/MS or the Access Gateway. Depending on the Initiator for the end host or the Access Gateway. Depending on the
placement of the NSIS Initiator, the NSIS Forwarder may be located placement of the NSIS Initiator, the NSIS Forwarder may be located
at an appropriate point in the 3G wireless network. at an appropriate point in the wireless network.
3) The need for re-negotiation of resources in a new 3G wireless 3) The need for re-negotiation of resources in a new wireless domain
domain due to UE/MS mobility. In this case the NSIS Initiator and due to host mobility. In this case the NSIS Initiator and the NSIS
the NSIS Forwarder should detect mobility events and autonomously Forwarder should detect mobility events and autonomously trigger re-
trigger re-negotiation of resources. negotiation of resources.
10.3 An example scenario for 3G wireless networks 10.3 An example scenario for 3G wireless networks
The following example is a pure hypothetical scenario, where an NSIS
signaling protocol might be used in a 3G environment. We do not
impose in any way, how a potential integration might be done. Terms
from the 3GPP architecture are used (P-CSCF, IMS, expanded below) in
order to give specificity, but in a hypothetical design, one that
reflects neither development nor review by 3GPP. The example should
help in the design of a NSIS signaling protocol such that it could
be used in various environments.
The 3G wireless access scenario is shown in Figure 1. The Proxy-Call The 3G wireless access scenario is shown in Figure 1. The Proxy-Call
State Control Function (P-CSCF) is the outbound SIP proxy (only used State Control Function (P-CSCF) is the outbound SIP proxy (only used
in IMS). The Access Gateway is the egress router of the 3G wireless in integrated multimedia systems (IMS)). The Access Gateway is the
domain and it connects the radio access network to the Edge Router egress router of the 3G wireless domain and it connects the radio
(ER) of the backbone IP network. The Policy Decision Function (PDF) access network to the Edge Router (ER) of the backbone IP network.
is an entity responsible for controlling bearer level resource The Policy Decision Function (PDF) is an entity responsible for
allocations/de-allocations in relation to session level services controlling bearer level resource allocations/de-allocations in
e.g. SIP. The Policy Decision Function may also control the Access relation to session level services e.g. SIP. The Policy Decision
Gateway to open and close the gates and to configure per-flow Function may also control the Access Gateway to open and close the
policies, i.e. to authorize or forbid user traffic. The P-CSCF (only gates and to configure per-flow policies, i.e. to authorize or
used in IMS) and the Access Gateway communicate with the Policy forbid user traffic. The P-CSCF (only used in IMS) and the Access
Decision Function, for network resource allocation/de-allocation Gateway communicate with the Policy Decision Function, for network
decisions. The User Equipment (UE) or the Mobile Station (MS) resource allocation/de-allocation decisions. The User Equipment (UE)
consists of a Mobile Terminal (MT) and Terminal Equipment (TE), e.g. or the Mobile Station (MS) consists of a Mobile Terminal (MT) and
a laptop. Terminal Equipment (TE), e.g. a laptop.
+--------+ +--------+
+--------->| P-CSCF |---------> SIP signaling +--------->| P-CSCF |---------> SIP signaling
/ +--------+ / +--------+
/ SIP | / SIP |
| | | |
| +-----+ +----------------+ | +-----+ +----------------+
| | PDF |<---------->| NSIS Forwarder |<---> | | PDF |<---------->| NSIS Forwarder |<--->
| +-----+ +----------------+ | +-----+ +----------------+
| | ^ | | ^
skipping to change at page 25, line 47 skipping to change at page 27, line 20
Initiator. If the Access Gateway is acting as the Proxy NSIS Initiator. If the Access Gateway is acting as the Proxy NSIS
initiator on behalf of the UE/MS, then it may have to do the mapping initiator on behalf of the UE/MS, then it may have to do the mapping
of parameters from radio access specific QoS to IP QoS traffic of parameters from radio access specific QoS to IP QoS traffic
parameters before forwarding the request to the NSIS Forwarder. parameters before forwarding the request to the NSIS Forwarder.
The NSIS Forwarder is currently not part of the standard 3G wireless The NSIS Forwarder is currently not part of the standard 3G wireless
architecture. However, to achieve end-to-end QoS a NSIS Forwarder is architecture. However, to achieve end-to-end QoS a NSIS Forwarder is
needed such that the NSIS Initiators can request a QoS connection to needed such that the NSIS Initiators can request a QoS connection to
the IP network. As in the previous example, the NSIS Forwarder could the IP network. As in the previous example, the NSIS Forwarder could
manage a set of pre-provisioned resources in the IP network, i.e. manage a set of pre-provisioned resources in the IP network, i.e.
bandwidth pipes, and the NSIS Forwarder performs per-flow admission bandwidth pipes, and the NSIS Forwarder perform per-flow admission
control into these pipes. In this way, a connection can be made control into these pipes. In this way, a connection can be made
between two 3G wireless access networks, and hence, end-to-end QoS between two 3G wireless access networks, and hence, end-to-end QoS
can be achieved. In this case the NSIS Initiator and NSIS Forwarder can be achieved. In this case the NSIS Initiator and NSIS Forwarder
are clearly two separate logical entities. The Access Gateway or/and are clearly two separate logical entities. The Access Gateway or/and
the Edge Router in Fig.1 may contain the NSIS Forwarder the Edge Router in Fig.1 may contain the NSIS Forwarder
functionality, depending upon the placement of the NSIS Initiator as functionality, depending upon the placement of the NSIS Initiator as
discussed in scenario 2 in section 10.2. This use case clearly discussed in scenario 2 in section 10.2. This use case clearly
illustrates the need for an "NSIS" QoS signaling protocol between illustrates the need for an NSIS QoS signaling protocol between NSIS
NSIS Initiator and NSIS Forwarder. An important application of such Initiator and NSIS Forwarder. An important application of such a
a protocol may be its use in the end-to-end establishment of a protocol may be its use in the end-to-end establishment of a
connection with specific QoS characteristics between a mobile host connection with specific QoS characteristics between a mobile host
and another party (e.g. end host or content server). and another party (e.g. end host or content server).
10.4 Wired part of wireless network 10.4 Wired part of wireless network
A wireless network, seen from a QoS domain perspective, usually A wireless network, seen from a QoS domain perspective, usually
consists of three parts: a wireless interface part (the "radio consists of three parts: a wireless interface part (the "radio
interface"), a wired part of the wireless network (i.e., Radio interface"), a wired part of the wireless network (i.e., Radio
Access Network) and the backbone of the wireless network, as shown Access Network) and the backbone of the wireless network, as shown
in Figure 2. Note that this figure should not be seen as an in Figure 2. Note that this figure should not be seen as an
skipping to change at page 27, line 16 skipping to change at page 28, line 49
- Wired part of the wireless network: This is the part of - Wired part of the wireless network: This is the part of
the network that is closest to the base stations/access the network that is closest to the base stations/access
routers. It is an IP network although some parts logically routers. It is an IP network although some parts logically
perform tunneling of the end user data. In cellular networks, perform tunneling of the end user data. In cellular networks,
the wired part of the wireless network is denoted as a the wired part of the wireless network is denoted as a
radio access network. radio access network.
This part of the wireless network has different This part of the wireless network has different
characteristics when compared to traditional IP networks: characteristics when compared to traditional IP networks:
1. The network supports a high proportion of real-time 1. The network must support mobility. Many wireless
traffic. The majority of the traffic transported in the
wired part of the wireless network is speech, which is
very sensitive to delays and delay variation (jitter).
2. The network must support mobility. Many wireless
networks are able to provide a combination of soft networks are able to provide a combination of soft
and hard handover procedures. When handover occurs, and hard handover procedures. When handover occurs,
reservations need to be established on new paths. reservations need to be established on new paths.
The establishment time has to be as short as possible The establishment time has to be as short as possible
since long establishment times for s degrade since long establishment times for s degrade
the performance of the wireless network. Moreover, the performance of the wireless network. Moreover,
for maximal utilization of the radio spectrum, frequent for maximal utilization of the radio spectrum, frequent
handover operations are required. handover operations are required.
3. These links are typically rather bandwidth-limited. 2. These links are typically rather bandwidth-limited.
4. The wired transmission in such a network contains a 3. The wired transmission in such a network contains a
relatively high volume of expensive leased lines. relatively high volume of expensive leased lines.
Overprovisioning might therefore be prohibitively Overprovisioning might therefore be prohibitively
expensive. expensive.
5. The radio base stations are spread over a wide 4. The radio base stations are spread over a wide
geographical area and are in general situated a large geographical area and are in general situated a large
distance from the backbone. distance from the backbone.
- Backbone of the wireless network: the requirements imposed - Backbone of the wireless network: the requirements imposed
by this network are similar to the requirements imposed by by this network are similar to the requirements imposed by
other types of backbone networks. other types of backbone networks.
Due to these very different characteristics and requirements, often Due to these very different characteristics and requirements, often
contradictory, different QoS signaling solutions might be needed in contradictory, different QoS signaling solutions might be needed in
each of the three network parts. each of the three network parts.
skipping to change at page 28, line 22 skipping to change at page 29, line 50
points. points.
The issues include: The issues include:
1) Keeping the QoS guarantees negotiated implies that the end- 1) Keeping the QoS guarantees negotiated implies that the end-
point(s) of communication are changed without changing the s. point(s) of communication are changed without changing the s.
2) The trigger of the session move might be the user or any other 2) The trigger of the session move might be the user or any other
party involved in the session. party involved in the session.
10.6 QoS s/negotiation from access to core network 10.6 QoS reservation/negotiation from access to core network
The scenario includes the signaling between access networks and core The scenario includes the signaling between access networks and core
networks in order to setup and change s together with potential networks in order to setup and change s together with potential
negotiation. negotiation.
The issues to be solved in this scenario are different from previous The issues to be solved in this scenario are different from previous
ones. ones.
1) The entity of reservation is most likely an aggregate. 1) The entity of reservation is most likely an aggregate.
skipping to change at page 28, line 46 skipping to change at page 30, line 20
3) The specification of the traffic (amount of traffic), a 3) The specification of the traffic (amount of traffic), a
particular QoS is guaranteed for, needs to be changed. E.g., in case particular QoS is guaranteed for, needs to be changed. E.g., in case
additional flows are added to the aggregate, the traffic additional flows are added to the aggregate, the traffic
specification of the flow needs to be added if it is not already specification of the flow needs to be added if it is not already
included in the aggregates specification. included in the aggregates specification.
4) The flow specification is more complex including network 4) The flow specification is more complex including network
addresses and sets of different address for the source as well as addresses and sets of different address for the source as well as
for the destination of the flow. for the destination of the flow.
10.7 QoS /negotiation over administrative boundaries 10.7 QoS reservation/negotiation over administrative boundaries
Signaling between two or more core networks to provide QoS is Signaling between two or more core networks to provide QoS is
handled in this scenario. This might also include access to core handled in this scenario. This might also include access to core
signaling over administrative boundaries. Compared to the previous signaling over administrative boundaries. Compared to the previous
one it adds the case, where the two networks are not in the same one it adds the case, where the two networks are not in the same
administrative domain. Basically, it is the inter-domain/inter administrative domain. Basically, it is the inter-domain/inter
provider signaling which is handled in here. provider signaling which is handled in here.
The domain boundary is the critical issue to be resolved. Which as The domain boundary is the critical issue to be resolved. Which as
various flavors of issues a QoS signaling protocol has to be various flavors of issues a QoS signaling protocol has to be
skipping to change at page 32, line 36 skipping to change at page 34, line 7
In the fourth scenario multiple transport domains are involved. In In the fourth scenario multiple transport domains are involved. In
the originating network either the MGC may have an overview on the the originating network either the MGC may have an overview on the
resources of the overlay network or a separate NSIS Forwarder will resources of the overlay network or a separate NSIS Forwarder will
have the overview. Hence, depending on this either the MGC or the have the overview. Hence, depending on this either the MGC or the
NSIS Forwarder of the originating domain will contact the NSIS NSIS Forwarder of the originating domain will contact the NSIS
Forwarder of the next domain. The MGC always acts as a NSIS Forwarder of the next domain. The MGC always acts as a NSIS
Initiator and may also be acting as a NSIS Forwarder in the first Initiator and may also be acting as a NSIS Forwarder in the first
domain. domain.
10.10 Application request end-to-end QoS path from the network 10.10 An application requests end-to-end QoS path from the network
This is actually the easiest case, nevertheless might be most often This is actually the conceptually simplest case. So a multimedia
used in terms of number of users. So multimedia application requests application requests a guaranteed service from an IP network. We
a guaranteed service from an IP network. We assume here that the assume here that the application is somehow able to specify the
application is somehow able to specify the network service. The network service. The characteristics here are that many hosts might
characteristics here are that many hosts might do it, but that the do it, but that the requested service is low capacity (bounded by
requested service is low capacity (bounded by the access line). the access line). Note that there is an issue of scaling in the
Additionally, we assume no mobility and standard devices. number of applications requesting this service in the core of the
network.
QOS for Virtual Private Networks 10.11 QOS for Virtual Private Networks
In a Virtual Private Network (VPN) a variety of tunnels might be In a Virtual Private Network (VPN) [PPVPN_FW] a variety of tunnels
used between its edges. These tunnels could be for example, IP-Sec, might be used between its edges. These tunnels could be for example,
GRE, and IP-IP. One of the most significant issues in VPNs is IPSec, GRE, and IP-IP. One of the most significant issues in VPNs is
related to how a flow is identified and what quality a flow gets. A related to how a flow is identified and what quality a flow gets. A
flow identification might consist among others of the transport flow identification might consist among others of the transport
protocol port numbers. In an IP-Sec tunnel this will be problematic protocol port numbers. In an IP-Sec tunnel this will be problematic
since the transport protocol information is encrypted. since the transport protocol information is encrypted.
There are two types of L3 VPNs, distinguished by where the endpoints There are two types of L3 VPNs, distinguished by where the endpoints
of the tunnels exist. The endpoints of the tunnels may either be on of the tunnels exist. The endpoints of the tunnels may either be on
the customer (CPE) or the provider equipment or provider edge (PE). the customer (CPE) or the provider equipment or provider edge (PE).
Virtual Private networks are also likely to request bandwidth or Virtual Private networks are also likely to request bandwidth or
other type of service in addition to the premium services the PSTN other type of service in addition to the premium services the PSTN
GW are likely to use. GW are likely to use.
Tunnel end points at the Customer premises 10.11.1 Tunnel end points at the Customer premises
When the endpoints are the CPE, the CPE may want to signal across When the endpoints are the CPE, the CPE may want to signal across
the public IP network for a particular amount of bandwidth and QoS the public IP network for a particular amount of bandwidth and QoS
for the tunnel aggregate. Such signaling may be useful when a for the tunnel aggregate. Such signaling may be useful when a
customer wants to vary their network cost with demand, rather than customer wants to vary their network cost with demand, rather than
paying a flat rate. Such signaling exists between the two CPE paying a flat rate. Such signaling exists between the two CPE
routers. Intermediate access and edge routers perform the same exact routers. Intermediate access and edge routers perform the same exact
call admission control, authentication and aggregation functions call admission control, authentication and aggregation functions
performed by the corresponding routers in the PSTN GW scenario with performed by the corresponding routers in the PSTN GW scenario with
the exception that the endpoints are the CPE tunnel endpoints rather the exception that the endpoints are the CPE tunnel endpoints rather
than PSTN GWs and the 5-tuple used to describe the RTP flow is than PSTN GWs and the 5-tuple used to describe the RTP flow is
replaced with the corresponding flow spec to uniquely identify the replaced with the corresponding flow spec to uniquely identify the
tunnels. Tunnels may be of any variety (e.g. IP-Sec, GRE, IP-IP). tunnels. Tunnels may be of any variety (e.g. IP-Sec, GRE, IP-IP).
In such a scenario, NSIS would actually allow partly for customer In such a scenario, NSIS would actually allow partly for customer
managed VPNs, which means a customer can setup VPNs by subsequent managed VPNs, which means a customer can setup VPNs by subsequent
NSIS signaling to various end-point. Plus the tunnel end-points are NSIS signaling to various end-point. Plus the tunnel end-points are
not necessarily bound to an application. The customer administrator not necessarily bound to an application. The customer administrator
might be the one triggering NSIS signaling. might be the one triggering NSIS signaling.
Tunnel end points at the provider premises 10.11.2 Tunnel end points at the provider premises
In the case were the tunnel end-points exist on the provider edge, In the case were the tunnel end-points exist on the provider edge,
requests for bandwidth may be signaled either per flow, where a flow requests for bandwidth may be signaled either per flow, where a flow
is defined from a customers address space, or between customer is defined from a customers address space, or between customer
sites. sites.
In the case of per flow signaling, the PE router must map the In the case of per flow signaling, the PE router must map the
bandwidth request to the tunnel carrying traffic to the destination bandwidth request to the tunnel carrying traffic to the destination
specified in the flow spec. Such a tunnel is a member of an specified in the flow spec. Such a tunnel is a member of an
aggregate to which the flow must be admitted. In this case, the aggregate to which the flow must be admitted. In this case, the
skipping to change at page 34, line 21 skipping to change at page 35, line 50
developing Internet standards in which case the procedures for developing Internet standards in which case the procedures for
copyrights defined in the Internet Standards process must be copyrights defined in the Internet Standards process must be
followed, or as required to translate it into languages other than followed, or as required to translate it into languages other than
English. English.
The limited permissions granted above are perpetual and will not be The limited permissions granted above are perpetual and will not be
revoked by the Internet Society or its successors or assigns. revoked by the Internet Society or its successors or assigns.
This document and the information contained herein is provided on an This document and the information contained herein is provided on an
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDIN TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Notices Notices
The IETF takes no position regarding the validity or scope of any The IETF takes no position regarding the validity or scope of any
intellectual property or other rights that might be claimed to intellectual property or other rights that might be claimed to
pertain to the implementation or use of the technology described in pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights this document or the extent to which any license under such rights
 End of changes. 

This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/