draft-ietf-tram-stun-pmtud-10.txt   draft-ietf-tram-stun-pmtud-11.txt 
TRAM M. Petit-Huguenin TRAM M. Petit-Huguenin
Internet-Draft Impedance Mismatch Internet-Draft Impedance Mismatch
Intended status: Standards Track G. Salgueiro Intended status: Standards Track G. Salgueiro
Expires: March 21, 2019 Cisco Expires: February 2, 2020 F. Garrido
September 17, 2018 Cisco
August 1, 2019
Path MTU Discovery Using Session Traversal Utilities for NAT (STUN) Path MTU Discovery Using Session Traversal Utilities for NAT (STUN)
draft-ietf-tram-stun-pmtud-10 draft-ietf-tram-stun-pmtud-11
Abstract Abstract
This document describes a Session Traversal Utilities for NAT (STUN) This document describes a Session Traversal Utilities for NAT (STUN)
Usage for Path MTU Discovery (PMTUD) between a client and a server. Usage for Path MTU Discovery (PMTUD) between a client and a server.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
skipping to change at page 1, line 32 skipping to change at page 1, line 33
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on March 21, 2019. This Internet-Draft will expire on February 2, 2020.
Copyright Notice Copyright Notice
Copyright (c) 2018 IETF Trust and the persons identified as the Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Overview of Operations . . . . . . . . . . . . . . . . . . . 3 2. Overview of Operations . . . . . . . . . . . . . . . . . . . 4
3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 5 3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 5
4. Probing Mechanisms . . . . . . . . . . . . . . . . . . . . . 5 4. Probing Mechanisms . . . . . . . . . . . . . . . . . . . . . 5
4.1. Simple Probing Mechanism . . . . . . . . . . . . . . . . 6 4.1. Simple Probing Mechanism . . . . . . . . . . . . . . . . 6
4.1.1. Sending a Probe Request . . . . . . . . . . . . . . . 6 4.1.1. Sending a Probe Request . . . . . . . . . . . . . . . 6
4.1.2. Receiving a Probe Request . . . . . . . . . . . . . . 6 4.1.2. Receiving a Probe Request . . . . . . . . . . . . . . 6
4.1.3. Receiving a Probe Response . . . . . . . . . . . . . 7 4.1.3. Receiving a Probe Response . . . . . . . . . . . . . 7
4.2. Complete Probing Mechanism . . . . . . . . . . . . . . . 7 4.2. Complete Probing Mechanism . . . . . . . . . . . . . . . 7
4.2.1. Sending the Probe Indications and Report Request . . 7 4.2.1. Sending a Probe Indications and Report Request . . . 7
4.2.2. Receiving an ICMP Packet . . . . . . . . . . . . . . 8 4.2.2. Receiving an ICMP Packet . . . . . . . . . . . . . . 8
4.2.3. Receiving a Probe Indication and Report Request . . . 8 4.2.3. Receiving a Probe Indication and Report Request . . . 8
4.2.4. Receiving a Report Response . . . . . . . . . . . . . 9 4.2.4. Receiving a Report Response . . . . . . . . . . . . . 9
4.2.5. Using Checksums as Packet Identifiers . . . . . . . . 9 4.2.5. Using Checksums as Packet Identifiers . . . . . . . . 9
4.2.6. Using Sequence Numbers as Packet Identifiers . . . . 10 4.2.6. Using Sequence Numbers as Packet Identifiers . . . . 10
5. Probe Support Signaling Mechanisms . . . . . . . . . . . . . 10 5. Probe Support Signaling Mechanisms . . . . . . . . . . . . . 10
5.1. Explicit Probe Support Signaling Mechanism . . . . . . . 11 5.1. Explicit Probe Support Signaling Mechanism . . . . . . . 11
5.2. Implicit Probe Support Signaling Mechanism . . . . . . . 11 5.2. Implicit Probe Support Signaling Mechanism . . . . . . . 11
6. STUN Attributes . . . . . . . . . . . . . . . . . . . . . . . 11 6. STUN Attributes . . . . . . . . . . . . . . . . . . . . . . . 11
6.1. IDENTIFIERS . . . . . . . . . . . . . . . . . . . . . . . 11 6.1. IDENTIFIERS . . . . . . . . . . . . . . . . . . . . . . . 11
6.2. PMTUD-SUPPORTED . . . . . . . . . . . . . . . . . . . . . 12 6.2. PMTUD-SUPPORTED . . . . . . . . . . . . . . . . . . . . . 12
7. Security Considerations . . . . . . . . . . . . . . . . . . . 12 7. Security Considerations . . . . . . . . . . . . . . . . . . . 12
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 12 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 12
8.1. New STUN Methods . . . . . . . . . . . . . . . . . . . . 12 8.1. New STUN Methods . . . . . . . . . . . . . . . . . . . . 12
8.2. New STUN Attributes . . . . . . . . . . . . . . . . . . . 13 8.2. New STUN Attributes . . . . . . . . . . . . . . . . . . . 13
9. References . . . . . . . . . . . . . . . . . . . . . . . . . 13 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 13
9.1. Normative References . . . . . . . . . . . . . . . . . . 13 9.1. Normative References . . . . . . . . . . . . . . . . . . 13
9.2. Informative References . . . . . . . . . . . . . . . . . 14 9.2. Informative References . . . . . . . . . . . . . . . . . 14
Appendix A. Release Notes . . . . . . . . . . . . . . . . . . . 14 Appendix A. Release Notes . . . . . . . . . . . . . . . . . . . 14
A.1. Modifications between draft-ietf-tram-stun-pmtud-10 and A.1. Modifications between draft-ietf-tram-stun-pmtud-11 and
draft-ietf-tram-stun-pmtud-10 . . . . . . . . . . . . . . 14
A.2. Modifications between draft-ietf-tram-stun-pmtud-10 and
draft-ietf-tram-stun-pmtud-09 . . . . . . . . . . . . . . 14 draft-ietf-tram-stun-pmtud-09 . . . . . . . . . . . . . . 14
A.2. Modifications between draft-ietf-tram-stun-pmtud-09 and A.3. Modifications between draft-ietf-tram-stun-pmtud-09 and
draft-ietf-tram-stun-pmtud-08 . . . . . . . . . . . . . . 14 draft-ietf-tram-stun-pmtud-08 . . . . . . . . . . . . . . 14
A.3. Modifications between draft-ietf-tram-stun-pmtud-08 and A.4. Modifications between draft-ietf-tram-stun-pmtud-08 and
draft-ietf-tram-stun-pmtud-07 . . . . . . . . . . . . . . 14 draft-ietf-tram-stun-pmtud-07 . . . . . . . . . . . . . . 15
A.4. Modifications between draft-ietf-tram-stun-pmtud-07 and A.5. Modifications between draft-ietf-tram-stun-pmtud-07 and
draft-ietf-tram-stun-pmtud-06 . . . . . . . . . . . . . . 14 draft-ietf-tram-stun-pmtud-06 . . . . . . . . . . . . . . 15
A.5. Modifications between draft-ietf-tram-stun-pmtud-06 and A.6. Modifications between draft-ietf-tram-stun-pmtud-06 and
draft-ietf-tram-stun-pmtud-05 . . . . . . . . . . . . . . 14 draft-ietf-tram-stun-pmtud-05 . . . . . . . . . . . . . . 15
A.6. Modifications between draft-ietf-tram-stun-pmtud-05 and A.7. Modifications between draft-ietf-tram-stun-pmtud-05 and
draft-ietf-tram-stun-pmtud-04 . . . . . . . . . . . . . . 15 draft-ietf-tram-stun-pmtud-04 . . . . . . . . . . . . . . 15
A.7. Modifications between draft-ietf-tram-stun-pmtud-04 and A.8. Modifications between draft-ietf-tram-stun-pmtud-04 and
draft-ietf-tram-stun-pmtud-03 . . . . . . . . . . . . . . 15 draft-ietf-tram-stun-pmtud-03 . . . . . . . . . . . . . . 15
A.8. Modifications between draft-ietf-tram-stun-pmtud-03 and A.9. Modifications between draft-ietf-tram-stun-pmtud-03 and
draft-ietf-tram-stun-pmtud-02 . . . . . . . . . . . . . . 15 draft-ietf-tram-stun-pmtud-02 . . . . . . . . . . . . . . 15
A.9. Modifications between draft-ietf-tram-stun-pmtud-02 and A.10. Modifications between draft-ietf-tram-stun-pmtud-02 and
draft-ietf-tram-stun-pmtud-01 . . . . . . . . . . . . . . 16 draft-ietf-tram-stun-pmtud-01 . . . . . . . . . . . . . . 16
A.10. Modifications between draft-ietf-tram-stun-pmtud-01 and A.11. Modifications between draft-ietf-tram-stun-pmtud-01 and
draft-ietf-tram-stun-pmtud-00 . . . . . . . . . . . . . . 16 draft-ietf-tram-stun-pmtud-00 . . . . . . . . . . . . . . 16
A.11. Modifications between draft-ietf-tram-stun-pmtud-00 and A.12. Modifications between draft-ietf-tram-stun-pmtud-00 and
draft-petithuguenin-tram-stun-pmtud-01 . . . . . . . . . 16 draft-petithuguenin-tram-stun-pmtud-01 . . . . . . . . . 16
A.12. Modifications between draft-petithuguenin-tram-stun-
pmtud-01 and draft-petithuguenin-tram-stun-pmtud-00 . . . 16
A.13. Modifications between draft-petithuguenin-tram-stun- A.13. Modifications between draft-petithuguenin-tram-stun-
pmtud-00 and draft-petithuguenin-behave-stun-pmtud-03 . . 16 pmtud-01 and draft-petithuguenin-tram-stun-pmtud-00 . . . 16
A.14. Modifications between draft-petithuguenin-behave-stun- A.14. Modifications between draft-petithuguenin-tram-stun-
pmtud-03 and draft-petithuguenin-behave-stun-pmtud-02 . . 16 pmtud-00 and draft-petithuguenin-behave-stun-pmtud-03 . . 17
A.15. Modifications between draft-petithuguenin-behave-stun- A.15. Modifications between draft-petithuguenin-behave-stun-
pmtud-02 and draft-petithuguenin-behave-stun-pmtud-01 . . 17 pmtud-03 and draft-petithuguenin-behave-stun-pmtud-02 . . 17
A.16. Modifications between draft-petithuguenin-behave-stun- A.16. Modifications between draft-petithuguenin-behave-stun-
pmtud-02 and draft-petithuguenin-behave-stun-pmtud-01 . . 17
A.17. Modifications between draft-petithuguenin-behave-stun-
pmtud-01 and draft-petithuguenin-behave-stun-pmtud-00 . . 17 pmtud-01 and draft-petithuguenin-behave-stun-pmtud-00 . . 17
Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 17 Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 18
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 17 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 18
1. Introduction 1. Introduction
The Packetization Layer Path MTU Discovery (PMTUD) specification The Packetization Layer Path MTU Discovery (PMTUD) specification
[RFC4821] describes a method to discover the Path MTU but does not [RFC4821] describes a method to discover the Path MTU but does not
describe a practical protocol to do so with UDP. describe a practical protocol to do so with UDP.
Many UDP-based protocols do not implement the Path MTU discovery Many UDP-based protocols do not implement the Path MTU discovery
mechanism described in [RFC4821]. These protocols can make use of mechanism described in [RFC4821]. These protocols can make use of
the probing mechanisms described in this document instead of the probing mechanisms described in this document instead of
skipping to change at page 6, line 14 skipping to change at page 6, line 14
Implementations supporting this specification MUST implement the Implementations supporting this specification MUST implement the
client side of the Complete Probing mechanism. They MAY implement client side of the Complete Probing mechanism. They MAY implement
the client side of the Simple Probing mechanism. the client side of the Simple Probing mechanism.
4.1. Simple Probing Mechanism 4.1. Simple Probing Mechanism
The Simple Probing mechanism is implemented by sending a Probe The Simple Probing mechanism is implemented by sending a Probe
Request with a PADDING [RFC5780] attribute over UDP with the DF bit Request with a PADDING [RFC5780] attribute over UDP with the DF bit
set in the IP header. A router on the path to the server can reject set in the IP header. A router on the path to the server can reject
this request with an ICMP message or drop it. each request with an ICMP message or drop it.
4.1.1. Sending a Probe Request 4.1.1. Sending a Probe Request
A client forms a Probe Request by using the Probe Method and A client forms a Probe Request by using the Probe Method and
following the rules in Section 7.1 of [RFC5389]. following the rules in Section 7.1 of [RFC5389].
The Probe transaction MUST be authenticated if the Simple Probing The Probe transaction MUST be authenticated if the Simple Probing
mechanism is used in conjunction with the Implicit Probing Support mechanism is used in conjunction with the Implicit Probing Support
mechanism described in Section 5.2. If not, the Probe transaction mechanism described in Section 5.2. If not, the Probe transaction
MAY be authenticated. MAY be authenticated.
The client adds a PADDING [RFC5780] attribute with a length that, The client adds a PADDING [RFC5780] attribute with a length that,
when added to the IP and UDP headers and the other STUN components, when added to the IP and UDP headers and the other STUN components,
is equal to the Selected Probe Size, as defined in [RFC4821] is equal to the Selected Probe Size, as defined in [RFC4821]
Section 7.3. The client MUST add the FINGERPRINT attribute so the Section 7.3. The PADDING bits MUST be set to zero. The client MUST
STUN messages are disambiguated from the other protocol packets. add the FINGERPRINT attribute so the STUN messages are disambiguated
from the other protocol packets.
Then the client sends the Probe Request to the server over UDP with Then the client sends the Probe Request to the server over UDP with
the DF bit set. For the purpose of this transaction, the Rc the DF bit set. For the purpose of this transaction, the Rc
parameter specified in Section 7.2.1 of [RFC5389] is set to 3. The parameter specified in Section 7.2.1 of [RFC5389] is set to 3. The
initial value for RTO stays at 500 ms. initial value for RTO stays at 500 ms.
A client MUST NOT send a probe if it does not have knowledge that the A client MUST NOT send a probe if it does not have knowledge that the
server supports this specification. This is done either by external server supports this specification. This is done either by external
signalling or by a mechanism specific to the UDP protocol to which signalling or by a mechanism specific to the UDP protocol to which
PMTUD capabilities are added or by one of the mechanisms specified in PMTUD capabilities are added or by one of the mechanisms specified in
skipping to change at page 7, line 8 skipping to change at page 7, line 8
[RFC5389]. [RFC5389].
The server then creates a Probe Response. The server MUST add the The server then creates a Probe Response. The server MUST add the
FINGERPRINT attribute so the STUN messages are disambiguated from the FINGERPRINT attribute so the STUN messages are disambiguated from the
other protocol packets. The server then sends the response to the other protocol packets. The server then sends the response to the
client. client.
4.1.3. Receiving a Probe Response 4.1.3. Receiving a Probe Response
A client receiving a Probe Response MUST process it as specified in A client receiving a Probe Response MUST process it as specified in
[RFC5389]. If a response is received this is interpreted as a Probe [RFC5389] and MUST ignore the PADDING attribute. If a response is
Success, as defined in [RFC4821] Section 7.6.1. If an ICMP packet received this is interpreted as a Probe Success, as defined in
"Fragmentation needed" is received then this is interpreted as a [RFC4821] Section 7.6.1. If an ICMP packet "Fragmentation needed" is
Probe Failure, as defined in [RFC4821] Section 7.6.2. If the Probe received then this is interpreted as a Probe Failure, as defined in
transaction times out, then this is interpreted as a Probe [RFC4821] Section 7.6.2. If the Probe transaction times out, then
Inconclusive, as defined in [RFC4821] Section 7.6.4. this is interpreted as a Probe Inconclusive, as defined in [RFC4821]
Section 7.6.4.
4.2. Complete Probing Mechanism 4.2. Complete Probing Mechanism
The Complete Probing mechanism is implemented by sending one or more The Complete Probing mechanism is implemented by sending one or more
Probe Indications with a PADDING attribute over UDP with the DF bit Probe Indications with a PADDING attribute over UDP with the DF bit
set in the IP header followed by a Report Request to the same server. set in the IP header followed by a Report Request to the same server.
A router on the path to the server can reject this Indication with an A router on the path to the server can reject this Indication with an
ICMP message or drop it. The server keeps a chronologically ordered ICMP message or drop it. The server keeps a chronologically ordered
list of identifiers for all packets received (including retransmitted list of identifiers for all packets received (including retransmitted
packets) and sends this list back to the client in the Report packets) and sends this list back to the client in the Report
skipping to change at page 7, line 47 skipping to change at page 7, line 48
In the first packet identification mechanism, the server computes a In the first packet identification mechanism, the server computes a
checksum over each packet received and sends back to the sender the checksum over each packet received and sends back to the sender the
list of checksums ordered chronologically. The client compares this list of checksums ordered chronologically. The client compares this
list to its own list of checksums. list to its own list of checksums.
In the second packet identification mechanism, the client prepends In the second packet identification mechanism, the client prepends
the UDP data with a header that provides a sequence number. The the UDP data with a header that provides a sequence number. The
server sends back the chronologically ordered list of sequence server sends back the chronologically ordered list of sequence
numbers received that the client then compares with its own list. numbers received that the client then compares with its own list.
4.2.1. Sending the Probe Indications and Report Request 4.2.1. Sending a Probe Indications and Report Request
A client forms a Probe Indication by using the Probe Method and A client forms a Probe Indication by using the Probe Method and
following the rules in [RFC5389] Section 7.1. The client adds to the following the rules in [RFC5389] Section 7.1. The client adds to a
Probe Indication a PADDING attribute with a size that, when added to Probe Indication a PADDING [RFC5780] attribute with a size that, when
the IP and UDP headers and the other STUN components, is equal to the added to the IP and UDP headers and the other STUN components, is
Selected Probe Size, as defined in [RFC4821] Section 7.3. If the equal to the Selected Probe Size, as defined in [RFC4821]
Section 7.3. The PADDING bits MUST be set to zero. If the
authentication mechanism permits it, then the Indication MUST be authentication mechanism permits it, then the Indication MUST be
authenticated. The client MUST add the FINGERPRINT attribute so the authenticated. The client MUST add the FINGERPRINT attribute so the
STUN messages are disambiguated from the other protocol packets. STUN messages are disambiguated from the other protocol packets.
Then the client sends the Probe Indication to the server over UDP Then the client sends a Probe Indication to the server over UDP with
with the DF bit set. the DF bit set.
Then the client forms a Report Request by following the rules in Then the client forms a Report Request by following the rules in
[RFC5389] Section 7.1. The Report transaction MUST be authenticated [RFC5389] Section 7.1. The Report transaction MUST be authenticated
to prevent amplification attacks. The client MUST add the to prevent amplification attacks. The client MUST add the
FINGERPRINT attribute so the STUN messages are disambiguated from the FINGERPRINT attribute so the STUN messages are disambiguated from the
other protocol packets. other protocol packets.
Then the client waits half the RTO after sending the last Probe Then the client waits half the RTO after sending the last Probe
Indication and then sends the Report Request to the server over UDP. Indication and then sends the Report Request to the server over UDP.
4.2.2. Receiving an ICMP Packet 4.2.2. Receiving an ICMP Packet
If an ICMP packet "Fragmentation needed" is received then this is If an ICMP packet "Fragmentation needed" is received then this is
interpreted as a Probe Failure, as defined in [RFC4821] Section 7.5. interpreted as a Probe Failure, as defined in [RFC4821] Section 7.5.
4.2.3. Receiving a Probe Indication and Report Request 4.2.3. Receiving a Probe Indication and Report Request
A server supporting this specification will keep the identifiers of A server supporting this specification will keep the identifiers of
all packets received in a chronologically ordered list. The packets all packets received in a chronologically ordered list. The packets
that are to be associated to a list are selected according to that are to be associated to an identifier are selected according to
Section 5.2 of [RFC4821]. The same identifier can appear multiple Section 5.2 of [RFC4821]. The same identifier can appear multiple
times in the list because of retransmissions. The maximum size of times in the list because of retransmissions. The maximum size of
this list is calculated such that when the list is added to the this list is calculated such that when the list is added to the
Report Response, the total size of the packet does not exceed the Report Response, the total size of the packet does not exceed the
unknown Path MTU, as defined in [RFC5389] Section 7.1. Older unknown Path MTU, as defined in [RFC5389] Section 7.1. Older
identifiers are removed when new identifiers are added to a list that identifiers are removed when new identifiers are added to a list that
is already full. is already full.
A server receiving a Report Request MUST process it as specified in A server receiving a Report Request MUST process it as specified in
[RFC5389]. [RFC5389] and MUST ignore the PADDING attribute.
The server creates a Report Response and adds an IDENTIFIERS The server creates a Report Response and adds an IDENTIFIERS
attribute that contains the chronologically ordered list of all attribute that contains the chronologically ordered list of all
identifiers received so far. The server MUST add the FINGERPRINT identifiers received so far. The server MUST add the FINGERPRINT
attribute. The server then sends the response to the client. attribute. The server then sends the response to the client.
The exact content of the IDENTIFIERS attribute depends on what type The exact content of the IDENTIFIERS attribute depends on what type
of identifiers have been chosen for the protocol. Each protocol of identifiers have been chosen for the protocol. Each protocol
adding PMTUD capabilities as specified by this specification MUST adding PMTUD capabilities as specified by this specification MUST
describe the format of the contents of the IDENTIFIERS attribute, describe the format of the contents of the IDENTIFIERS attribute,
unless it is using one of the formats described in this unless it is using one of the formats described in this
specification. See Section 6.1 for details about the IDENTIFIERS specification. See Section 6.1 for details about the IDENTIFIERS
attribute. attribute.
4.2.4. Receiving a Report Response 4.2.4. Receiving a Report Response
A client receiving a Report Response processes it as specified in A client receiving a Report Response processes it as specified in
[RFC5389]. If the response IDENTIFIERS attribute contains the [RFC5389]. If the response IDENTIFIERS attribute contains the
identifier of the Probe Indication, then this is interpreted as a identifier of a Probe Indication, then this is interpreted as a Probe
Probe Success for this probe, as defined in [RFC4821] Section 7.5. Success for this probe, as defined in [RFC4821] Section 7.5. If a
If the Probe Indication identifier cannot be found in the Report Probe Indication identifier cannot be found in the Report Response,
Response, this is interpreted as a Probe Failure, as defined in this is interpreted as a Probe Failure, as defined in [RFC4821]
[RFC4821] Section 7.5. If the Probe Indication identifier cannot be Section 7.5. If a Probe Indication identifier cannot be found in the
found in the Report Response but identifiers for other packets sent Report Response but identifiers for other packets sent before or
before or after the Probe Indication can all be found, this is after the Probe Indication can all be found, this is interpreted as a
interpreted as a Probe Failure as defined in [RFC4821] Section 7.5. Probe Failure as defined in [RFC4821] Section 7.5. If the Report
If the Report Transaction times out, this is interpreted as a Full- Transaction times out, this is interpreted as a Full-Stop Timeout, as
Stop Timeout, as defined in [RFC4821] Section 3. defined in [RFC4821] Section 3.
4.2.5. Using Checksums as Packet Identifiers 4.2.5. Using Checksums as Packet Identifiers
When using a checksum as a packet identifier, the client calculates When using a checksum as a packet identifier, the client keeps a
the checksum for each packet sent over UDP that is not a STUN Probe chronologically ordered list of the packets it transmits, along with
Indication or Request and keeps this checksum in a chronologically an associated checksum value. For STUN Probe Indication or Request
ordered list. The client also keeps the checksum of the STUN Probe packets, the associated checksum value is the FINGERPRINT value from
Indication or Request sent in that same chronologically ordered list. the packet; for other packets a checksum value is computed using a
The algorithm used to calculate the checksum is similar to the similar algorithm to the FINGERPRINT calculation. (i.e., the CRC-32
algorithm used for the FINGERPRINT attribute (i.e., the CRC-32 of the of the payload XOR'ed with the 32-bit value 0x5354554e
payload XOR'ed with the 32-bit value 0x5354554e [ITU.V42.2002]). [ITU.V42.2002]).
For each STUN Probe Indication or Request, the server retrieves the For each STUN Probe Indication or Request, the server retrieves the
STUN FINGERPRINT value. For all other packets, the server calculates STUN FINGERPRINT value. For all other packets, the server calculates
the checksum as described above. It puts these FINGERPRINT and the checksum as described above. It puts these FINGERPRINT and
checksum values in a chronologically ordered list that is sent back checksum values in a chronologically ordered list that is sent back
in the Report Response. in the Report Response.
The contents of the IDENTIFIERS attribute is a list of 4 byte The contents of the IDENTIFIERS attribute is a list of 4 byte
numbers, each using the same encoding that is used for the contents numbers, each using the same encoding that is used for the contents
of the FINGERPRINT attribute. of the FINGERPRINT attribute.
It could have been possible to use the checksum generated in the UDP It could have been possible to use the checksum generated in the UDP
checksum for this, but this value is generally not accessible to checksum for this, but this value is generally not accessible to
applications. Also, sometimes the checksum is not calculated or is applications. Also, sometimes the checksum is not calculated or is
off-loaded to network hardware. off-loaded to network hardware.
4.2.6. Using Sequence Numbers as Packet Identifiers 4.2.6. Using Sequence Numbers as Packet Identifiers
When using sequence numbers, a small header similar to the TURN When using sequence numbers, a small header similar to the TURN
ChannelData header is added in front of all packets that are not a ChannelData header, as defined in Section 11.4 of [RFC5766], is added
STUN Probe Indication or Request. The sequence number is in front of all packets that are not a STUN Probe Indication or
monotonically incremented by one for each packet sent. The most Request. The sequence number is monotonically incremented by one for
significant bit of the sequence number is always 0. The server each packet sent. The most significant bit of the sequence number is
collects the sequence number of the packets sent, or the 4 first always 0. The server collects the sequence number of the packets
bytes of the transaction ID if a STUN Probe Indication or Request is sent, or the 4 first bytes of the transaction ID if a STUN Probe
sent. In that case, the most significant bit of the 4 first bytes is Indication or Request is sent. In that case, the most significant
set to 1. bit of the 4 first bytes is set to 1.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Channel Number | Length | | Channel Number | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|0| Sequence number | |0| Sequence number |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | | |
/ Application Data / / Application Data /
/ / / /
| | | |
| +-------------------------------+ | +-------------------------------+
| | | |
+-------------------------------+ +-------------------------------+
The Channel Number is always 0xFFFF. The header values are encoded The Channel Number is always 0xFFFF. The Length field specifies the
using network order. length in bytes of the sequence number and application data fields.
The header values are encoded using network order.
The contents of the IDENTIFIERS attribute is a chronologically The contents of the IDENTIFIERS attribute is a chronologically
ordered list of 4 byte numbers, each containing either a sequence ordered list of 4 byte numbers, each containing either a sequence
number, if the packet was not a STUN Probe Indication or Request, or number, if the packet was not a STUN Probe Indication or Request, or
the 4 first bytes of the transaction ID, with the most significant the 4 first bytes of the transaction ID, with the most significant
bit forced to 1, if the packet is a STUN Probe Indication or Request. bit forced to 1, if the packet is a STUN Probe Indication or Request.
5. Probe Support Signaling Mechanisms 5. Probe Support Signaling Mechanisms
The PMTUD mechanism described in this document is intended to be used The PMTUD mechanism described in this document is intended to be used
skipping to change at page 12, line 10 skipping to change at page 12, line 10
While Section 4.2.5 and Section 4.2.6 describe two possible methods While Section 4.2.5 and Section 4.2.6 describe two possible methods
for acquiring and formatting the identifiers used for this purpose, for acquiring and formatting the identifiers used for this purpose,
ultimately each protocol has to define how these identifiers are ultimately each protocol has to define how these identifiers are
acquired and formatted. Therefore, the contents of the IDENTIFIERS acquired and formatted. Therefore, the contents of the IDENTIFIERS
attribute is opaque. attribute is opaque.
6.2. PMTUD-SUPPORTED 6.2. PMTUD-SUPPORTED
The PMTUD-SUPPORTED attribute indicates that its sender supports this The PMTUD-SUPPORTED attribute indicates that its sender supports this
specification. This attribute has no value part and thus the mechanism, as incorporated into the STUN usage or protocol being
attribute length field is 0. used. This attribute has no value part and thus the attribute length
field is 0.
7. Security Considerations 7. Security Considerations
The PMTUD mechanism described in this document, when used without the The PMTUD mechanism described in this document, when used without the
signalling mechanism described in Section 5.1, does not introduce any signalling mechanism described in Section 5.1, does not introduce any
specific security considerations beyond those described in [RFC4821]. specific security considerations beyond those described in [RFC4821].
The attacks described in Section 11 of [RFC4821] apply equally to the The attacks described in Section 11 of [RFC4821] apply equally to the
mechanism described in this document. mechanism described in this document.
skipping to change at page 14, line 22 skipping to change at page 14, line 22
Martinsen, P., Andersen, T., Salgueiro, G., and M. Petit- Martinsen, P., Andersen, T., Salgueiro, G., and M. Petit-
Huguenin, "Traversal Using Relays around NAT (TURN) Huguenin, "Traversal Using Relays around NAT (TURN)
Bandwidth Probe", draft-martinsen-tram- Bandwidth Probe", draft-martinsen-tram-
turnbandwidthprobe-00 (work in progress), May 2015. turnbandwidthprobe-00 (work in progress), May 2015.
[RFC3264] Rosenberg, J. and H. Schulzrinne, "An Offer/Answer Model [RFC3264] Rosenberg, J. and H. Schulzrinne, "An Offer/Answer Model
with Session Description Protocol (SDP)", RFC 3264, with Session Description Protocol (SDP)", RFC 3264,
DOI 10.17487/RFC3264, June 2002, DOI 10.17487/RFC3264, June 2002,
<http://www.rfc-editor.org/info/rfc3264>. <http://www.rfc-editor.org/info/rfc3264>.
[RFC5766] Mahy, R., Matthews, P., and J. Rosenberg, "Traversal Using
Relays around NAT (TURN): Relay Extensions to Session
Traversal Utilities for NAT (STUN)", RFC 5766,
DOI 10.17487/RFC5766, April 2010,
<https://www.rfc-editor.org/info/rfc5766>.
Appendix A. Release Notes Appendix A. Release Notes
This section must be removed before publication as an RFC. This section must be removed before publication as an RFC.
A.1. Modifications between draft-ietf-tram-stun-pmtud-10 and draft- A.1. Modifications between draft-ietf-tram-stun-pmtud-11 and draft-
ietf-tram-stun-pmtud-10
o Modifications following IESG review.
A.2. Modifications between draft-ietf-tram-stun-pmtud-10 and draft-
ietf-tram-stun-pmtud-09 ietf-tram-stun-pmtud-09
o Modifications following reviews for gen-art (Roni Even) and secdir o Modifications following reviews for gen-art (Roni Even) and secdir
(Carl Wallace). (Carl Wallace).
A.2. Modifications between draft-ietf-tram-stun-pmtud-09 and draft- A.3. Modifications between draft-ietf-tram-stun-pmtud-09 and draft-
ietf-tram-stun-pmtud-08 ietf-tram-stun-pmtud-08
o Add 3 ways of preventing amplification attacks. o Add 3 ways of preventing amplification attacks.
A.3. Modifications between draft-ietf-tram-stun-pmtud-08 and draft- A.4. Modifications between draft-ietf-tram-stun-pmtud-08 and draft-
ietf-tram-stun-pmtud-07 ietf-tram-stun-pmtud-07
o Updates following Spencer's review. o Updates following Spencer's review.
A.4. Modifications between draft-ietf-tram-stun-pmtud-07 and draft- A.5. Modifications between draft-ietf-tram-stun-pmtud-07 and draft-
ietf-tram-stun-pmtud-06 ietf-tram-stun-pmtud-06
o Updates following Shepherd review. o Updates following Shepherd review.
A.5. Modifications between draft-ietf-tram-stun-pmtud-06 and draft- A.6. Modifications between draft-ietf-tram-stun-pmtud-06 and draft-
ietf-tram-stun-pmtud-05 ietf-tram-stun-pmtud-05
o Nits. o Nits.
o Restore missing changelog for previous version. o Restore missing changelog for previous version.
A.6. Modifications between draft-ietf-tram-stun-pmtud-05 and draft- A.7. Modifications between draft-ietf-tram-stun-pmtud-05 and draft-
ietf-tram-stun-pmtud-04 ietf-tram-stun-pmtud-04
o Modifications following Brandon Williams review. o Modifications following Brandon Williams review.
A.7. Modifications between draft-ietf-tram-stun-pmtud-04 and draft- A.8. Modifications between draft-ietf-tram-stun-pmtud-04 and draft-
ietf-tram-stun-pmtud-03 ietf-tram-stun-pmtud-03
o Modifications following Simon Perreault and Brandon Williams o Modifications following Simon Perreault and Brandon Williams
reviews. reviews.
A.8. Modifications between draft-ietf-tram-stun-pmtud-03 and draft- A.9. Modifications between draft-ietf-tram-stun-pmtud-03 and draft-
ietf-tram-stun-pmtud-02 ietf-tram-stun-pmtud-02
o Add new Overview of Operations section with ladder diagrams. o Add new Overview of Operations section with ladder diagrams.
o Authentication is mandatory for the Complete Probing mechanism, o Authentication is mandatory for the Complete Probing mechanism,
optional for the Simple Probing mechanism. optional for the Simple Probing mechanism.
o All the ICE specific text moves to a separate draft to be o All the ICE specific text moves to a separate draft to be
discussed in the ICE WG. discussed in the ICE WG.
skipping to change at page 16, line 9 skipping to change at page 16, line 26
o Each usage of this specification must the format of the o Each usage of this specification must the format of the
IDENTIFIERS attribute contents. IDENTIFIERS attribute contents.
o Better define the implicit signaling mechanism. o Better define the implicit signaling mechanism.
o Extend the Security Consideration section. o Extend the Security Consideration section.
o Tons of nits. o Tons of nits.
A.9. Modifications between draft-ietf-tram-stun-pmtud-02 and draft- A.10. Modifications between draft-ietf-tram-stun-pmtud-02 and draft-
ietf-tram-stun-pmtud-01 ietf-tram-stun-pmtud-01
o Cleaned up references. o Cleaned up references.
A.10. Modifications between draft-ietf-tram-stun-pmtud-01 and draft- A.11. Modifications between draft-ietf-tram-stun-pmtud-01 and draft-
ietf-tram-stun-pmtud-00 ietf-tram-stun-pmtud-00
o Added Security Considerations Section. o Added Security Considerations Section.
o Added IANA Considerations Section. o Added IANA Considerations Section.
A.11. Modifications between draft-ietf-tram-stun-pmtud-00 and draft- A.12. Modifications between draft-ietf-tram-stun-pmtud-00 and draft-
petithuguenin-tram-stun-pmtud-01 petithuguenin-tram-stun-pmtud-01
o Adopted by WG - Text unchanged. o Adopted by WG - Text unchanged.
A.12. Modifications between draft-petithuguenin-tram-stun-pmtud-01 and A.13. Modifications between draft-petithuguenin-tram-stun-pmtud-01 and
draft-petithuguenin-tram-stun-pmtud-00 draft-petithuguenin-tram-stun-pmtud-00
o Moved some Introduction text to the Probing Mechanism section. o Moved some Introduction text to the Probing Mechanism section.
o Added cross-reference to the other two STUN troubleshooting o Added cross-reference to the other two STUN troubleshooting
mechanism drafts. mechanism drafts.
o Updated references. o Updated references.
o Added Gonzalo Salgueiro as co-author. o Added Gonzalo Salgueiro as co-author.
A.13. Modifications between draft-petithuguenin-tram-stun-pmtud-00 and A.14. Modifications between draft-petithuguenin-tram-stun-pmtud-00 and
draft-petithuguenin-behave-stun-pmtud-03 draft-petithuguenin-behave-stun-pmtud-03
o General refresh for republication. o General refresh for republication.
A.14. Modifications between draft-petithuguenin-behave-stun-pmtud-03 A.15. Modifications between draft-petithuguenin-behave-stun-pmtud-03
and draft-petithuguenin-behave-stun-pmtud-02 and draft-petithuguenin-behave-stun-pmtud-02
o Changed author address. o Changed author address.
o Changed the IPR to trust200902. o Changed the IPR to trust200902.
A.15. Modifications between draft-petithuguenin-behave-stun-pmtud-02 A.16. Modifications between draft-petithuguenin-behave-stun-pmtud-02
and draft-petithuguenin-behave-stun-pmtud-01 and draft-petithuguenin-behave-stun-pmtud-01
o Defined checksum and sequential numbers as possible packet o Defined checksum and sequential numbers as possible packet
identifiers. identifiers.
o Updated the reference to RFC 5389 o Updated the reference to RFC 5389
o The FINGERPRINT attribute is now mandatory. o The FINGERPRINT attribute is now mandatory.
o Changed the delay between Probe indication and Report request to o Changed the delay between Probe indication and Report request to
be RTO/2 or 50 milliseconds. be RTO/2 or 50 milliseconds.
o Added ICMP packet processing. o Added ICMP packet processing.
o Added Full-Stop Timeout detection. o Added Full-Stop Timeout detection.
o Stated that Binding request with PMTUD-SUPPORTED does not start o Stated that Binding request with PMTUD-SUPPORTED does not start
the PMTUD process if already started. the PMTUD process if already started.
A.16. Modifications between draft-petithuguenin-behave-stun-pmtud-01 A.17. Modifications between draft-petithuguenin-behave-stun-pmtud-01
and draft-petithuguenin-behave-stun-pmtud-00 and draft-petithuguenin-behave-stun-pmtud-00
o Removed the use of modified STUN transaction but shorten the o Removed the use of modified STUN transaction but shorten the
retransmission for the simple probing mechanism. retransmission for the simple probing mechanism.
o Added a complete probing mechanism. o Added a complete probing mechanism.
o Removed the PADDING-RECEIVED attribute. o Removed the PADDING-RECEIVED attribute.
o Added release notes. o Added release notes.
skipping to change at line 806 skipping to change at page 18, line 30
Email: marc@petit-huguenin.org Email: marc@petit-huguenin.org
Gonzalo Salgueiro Gonzalo Salgueiro
Cisco Systems, Inc. Cisco Systems, Inc.
7200-12 Kit Creek Road 7200-12 Kit Creek Road
Research Triangle Park, NC 27709 Research Triangle Park, NC 27709
United States United States
Email: gsalguei@cisco.com Email: gsalguei@cisco.com
Felipe Garrido
Cisco Systems, Inc.
7200-12 Kit Creek Road
Research Triangle Park, NC 27709
United States
Email: fegarrid@cisco.com
 End of changes. 50 change blocks. 
94 lines changed or deleted 113 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/