draft-ietf-tsvwg-gre-in-udp-encap-01.txt   draft-ietf-tsvwg-gre-in-udp-encap-02.txt 
Network Working Group E. Crabbe, Ed. Network Working Group E. Crabbe, Ed.
Internet-Draft Google Internet-Draft Google
Intended status: Standard Track L. Yong, Ed. Intended status: Standard Track L. Yong, Ed.
Huawei USA Huawei USA
X. Xu, Ed. X. Xu, Ed.
Huawei Technologies Huawei Technologies
Expires: September 2014 February 13, 2014 Expires: January 2015 July 1, 2014
Generic UDP Encapsulation for IP Tunneling Generic UDP Encapsulation for IP Tunneling
draft-ietf-tsvwg-gre-in-udp-encap-01 draft-ietf-tsvwg-gre-in-udp-encap-02
Abstract Abstract
This document describes a method of encapsulating arbitrary This document describes a method of encapsulating arbitrary
protocols within GRE and UDP headers. In this encapsulation, the protocols within GRE and UDP headers. In this encapsulation, the
source UDP port may be used as an entropy field for purposes of load source UDP port may be used as an entropy field for purposes of load
balancing while the payload protocol may be identified by the GRE balancing while the payload protocol may be identified by the GRE
Protocol Type. Protocol Type.
Status of This Document Status of This Document
skipping to change at page 1, line 37 skipping to change at page 1, line 37
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six Internet-Drafts are draft documents valid for a maximum of six
months and may be updated, replaced, or obsoleted by other documents months and may be updated, replaced, or obsoleted by other documents
at any time. It is inappropriate to use Internet-Drafts as reference at any time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on September 13, 2014. This Internet-Draft will expire on January 1, 2015.
Copyright Notice Copyright Notice
Copyright (c) 2013 IETF Trust and the persons identified as the Copyright (c) 2014 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with carefully, as they describe your rights and restrictions with
respect to this document. Code Components extracted from this respect to this document. Code Components extracted from this
document must include Simplified BSD License text as described in document must include Simplified BSD License text as described in
Section 4.e of the Trust Legal Provisions and are provided without Section 4.e of the Trust Legal Provisions and are provided without
warranty as described in the Simplified BSD License. warranty as described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction...................................................3 1. Introduction...................................................3
1.1. Applicability Statements..................................3 1.1. Applicability Statement...................................3
2. Terminology....................................................4 2. Terminology....................................................4
2.1. Requirements Language.....................................4 2.1. Requirements Language.....................................4
3. Procedures.....................................................4 3. Procedures.....................................................4
4. Encapsulation Considerations...................................8 4. Encapsulation Considerations...................................8
5. Backward Compatibility.........................................9 5. Backward Compatibility.........................................9
6. IANA Considerations............................................9 6. IANA Considerations............................................9
7. Security Considerations.......................................10 7. Security Considerations.......................................10
7.1. Vulnerability............................................10 7.1. Vulnerability............................................10
8. Acknowledgements..............................................10 8. Acknowledgements..............................................10
9. Contributors..................................................10 9. Contributors..................................................10
skipping to change at page 3, line 43 skipping to change at page 3, line 43
[RFC2784] while the UDP header provides additional entropy by way of [RFC2784] while the UDP header provides additional entropy by way of
it's source port. it's source port.
This encapsulation method requires no changes to the transit IP This encapsulation method requires no changes to the transit IP
network. Hash functions in most existing IP routers may utilize and network. Hash functions in most existing IP routers may utilize and
benefit from the use of a GRE-in-UDP tunnel is without needing any benefit from the use of a GRE-in-UDP tunnel is without needing any
change or upgrade to their ECMP implementation. The encapsulation change or upgrade to their ECMP implementation. The encapsulation
mechanism is applicable to a variety of IP networks including Data mechanism is applicable to a variety of IP networks including Data
Center and wide area networks. Center and wide area networks.
1.1. Applicability Statements 1.1. Applicability Statement
It is recommended to use the GRE-in-UDP encapsulation technology in It is recommended to use the GRE-in-UDP encapsulation technology in
a Service Provider (SP) network and/or DC network where the a Service Provider (SP) network and/or DC network where the
congestion control is not a concern, rather than over the Internet congestion control is not a concern, rather than over the Internet
where the congestion control is a must. Furthermore, packet filters where the congestion control is a must.
should be added so as to prevent GRE-in-UDP packets from escaping
from the service provider networks due to mis-configuration or
packet errors.
2. Terminology 2. Terminology
The terms defined in [RFC768] are used in this document. The terms defined in [RFC768] are used in this document.
2.1. Requirements Language 2.1. Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119]. document are to be interpreted as described in [RFC2119].
skipping to change at page 4, line 44 skipping to change at page 4, line 42
When the tunnel egress receives a packet, it must remove the outer When the tunnel egress receives a packet, it must remove the outer
UDP and GRE headers. Section 5 describes the error handling when UDP and GRE headers. Section 5 describes the error handling when
this entity is not instantiated at the tunnel egress. this entity is not instantiated at the tunnel egress.
To simplify packet processing at the tunnel egress, packets destined To simplify packet processing at the tunnel egress, packets destined
to this assigned UDP destination port [TBD] MAY have their UDP to this assigned UDP destination port [TBD] MAY have their UDP
checksum set to zero. In the environment where the UDP packets may checksum set to zero. In the environment where the UDP packets may
be mis-delivered [RFC5405], UDP checksum SHOULD be used. Upon be mis-delivered [RFC5405], UDP checksum SHOULD be used. Upon
receiving a packet with a non-zero checksum, tunnel egress MUST receiving a packet with a non-zero checksum, tunnel egress MUST
perform the UDP checksum verification. For an IPv6 network, UDP perform the UDP checksum verification. For an IPv6 network, UDP
checksum SHOULD be used; if the checksum needs to be disabled for checksum SHOULD be used.
performance or implementation concerns, the considerations described
in [RFC6935][RFC6936] MUST be examined. The Sequence flags MUST set
to zero.
The tunnel ingress may set the GRE Key Present, Sequence Number The tunnel ingress may set the GRE Key Present, Sequence Number
Present, and Checksum Present bits and associated fields in the GRE Present, and Checksum Present bits and associated fields in the GRE
header defined by [RFC2784] and [RFC2890]. header defined by [RFC2784] and [RFC2890].
In addition IPv6 nodes MUST conform to the following: Congestion control is a critical aspect of proper network operation.
If only IP traffic is carried by a tunnel, there is no need to apply
1. the IPv6 tunnel ingress and egress SHOULD follow the node any congestion control mechanism at tunnel endpoints as the end
requirements specified in Section 4 of [RFC6936] and the usage hosts already have congestion control mechanisms available. If the
requirements specified in Section 5 of [RFC6936]. traffic end points do not provide any congestion control, but the
tunnel is used in an environment where congestion on the underlying
2. IPv6 transit nodes SHOULD follow the requirements 9, 10, 11 IP network is mitigated by some form of end to end traffic
specified in Section 5 of [RFC6936]. engineering or scheduling, additional congestion control at tunnel
endpoints may be unnecessary. In the absence of either, a congestion
control mechanism SHOULD be implemented at the tunnel ingress and
egress. This is particularly important in the case of inter-domain
tunnels. Any potential congestion control mechanism [CB] to be
applied at tunnel endpoints is outside the scope of this draft.
The tunnel ingress may set the GRE Key Present, Sequence Number
Present, and Checksum Present bits and associated fields in the GRE
header defined by [RFC2784] and [RFC2890].
The format of the GRE-in-UDP encapsulation for both IPv4 and IPv6 The format of the GRE-in-UDP encapsulation for both IPv4 and IPv6
outer headers is shown in the following figures: outer headers is shown in the following figures:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
IPv4 Header: IPv4 Header:
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Version| IHL |Type of Service| Total Length | |Version| IHL |Type of Service| Total Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 8, line 15 skipping to change at page 8, line 15
The total overhead increase for a UDP+GRE tunnel without use of The total overhead increase for a UDP+GRE tunnel without use of
optional GRE fields, representing the lowest total overhead increase, optional GRE fields, representing the lowest total overhead increase,
is 32 bytes in the case of IPv4 and 52 bytes in the case of IPv6. is 32 bytes in the case of IPv4 and 52 bytes in the case of IPv6.
The total overhead increase for a UDP+GRE tunnel with use of GRE Key, The total overhead increase for a UDP+GRE tunnel with use of GRE Key,
Sequence and Checksum Fields, representing the highest total Sequence and Checksum Fields, representing the highest total
overhead increase, is 44 bytes in the case of IPv4 and 64 bytes in overhead increase, is 44 bytes in the case of IPv4 and 64 bytes in
the case of IPv6. the case of IPv6.
4. Encapsulation Considerations 4. Encapsulation Considerations
GRE-in-UDP encapsulation allows the tunneled traffic to be unicast, GRE-in-UDP encapsulation is single tunnel mechanism where both GRE
broadcast, or multicast traffic. Entropy may be generated from the and UDP header are required. The mechanism allows the tunneled
header of tunneled unicast or broadcast/multicast packets at tunnel traffic to be unicast, broadcast, or multicast traffic. Entropy may
ingress. The mapping mechanism between the tunneled multicast be generated from the header of tunneled unicast or
traffic and the multicast capability in the IP network is broadcast/multicast packets at tunnel ingress. The mapping mechanism
transparent and independent to the encapsulation and is outside the between the tunneled multicast traffic and the multicast capability
scope of this document. in the IP network is transparent and independent to the
encapsulation and is outside the scope of this document.
If tunnel ingress must perform the fragmentation [GREMTU] on a Tunnel ingress SHOULD perform the fragmentation [GREMTU] on a packet
packet before encapsulation, it MUST use the same source UDP port before the encapsulation and factor in both GRE and UDP overhead
for all packet fragments. This ensures that the transit routers bytes in the effective Maximum Transmission Unit (MTU) size. Tunnel
will forward the packet fragments on the same path. GRE-in-UDP ingress MUST use the same source UDP port for all packet fragments
encapsulation introduces some overhead as mentioned in section 3, to ensure that the transit routers will forward the packet fragments
which reduces the effective Maximum Transmission Unit (MTU) size. on the same path. An operator should factor in the addition overhead
An operator should factor in this addition overhead bytes when bytes when considering an MTU size for the payload to reduce the
considering an MTU size for the payload to reduce the likelihood of likelihood of fragmentation.
fragmentation.
To ensure the tunneled traffic gets the same treatment over the IP To ensure the tunneled traffic gets the same treatment over the IP
network, prior to the encapsulation process, tunnel ingress should network, prior to the encapsulation process, tunnel ingress should
process the payload to get the proper parameters to fill into the IP process the payload to get the proper parameters to fill into the IP
header such as DiffServ [RFC2983]. Tunnel end points that support header such as DiffServ [RFC2983]. Tunnel end points that support
ECN MUST use the method described in [RFC6040] for ECN marking ECN MUST use the method described in [RFC6040] for ECN marking
propagation. This process is outside of the scope of this document. propagation. This process is outside of the scope of this document.
Note that the IPv6 header [RFC2460] contains a flow label field that Note that the IPv6 header [RFC2460] contains a flow label field that
may be used for load balancing in an IPv6 network [RFC6438]. Thus may be used for load balancing in an IPv6 network [RFC6438]. Thus
in an IPv6 network, either GRE-in-UDP or flow labels may be used for in an IPv6 network, either GRE-in-UDP or flow labels may be used for
improving load balancing performance. Use of GRE-in-UDP improving load balancing performance. Use of GRE-in-UDP
encapsulation provides a unified hardware implementation for load encapsulation provides a unified hardware implementation for load
balancing in an IP network independent of the IP version(s) in use. balancing in an IP network independent of the IP version(s) in use.
However, if UDP checksum has to be used in the environment, a flow However IPv6 network require performing the checksum, which may
label based load balancing is advantage in performance and impact network performance and user experience. Thus, a flow label
implementation. based load balancing may be a better approach in an IPv6 network.
5. Backward Compatibility 5. Backward Compatibility
It is assumed that tunnel ingress routers must be upgraded in order It is assumed that tunnel ingress routers must be upgraded in order
to support the encapsulations described in this document. to support the encapsulations described in this document.
No change is required at transit routers to support forwarding of No change is required at transit routers to support forwarding of
the encapsulation described in this document. the encapsulation described in this document.
If a router that is intended for use as a tunnel egress does not If a router that is intended for use as a tunnel egress does not
skipping to change at page 11, line 29 skipping to change at page 11, line 29
7200-12 Kit Creek Road 7200-12 Kit Creek Road
Research Triangle Park, NC 27709 USA Research Triangle Park, NC 27709 USA
EMail: cpignata@cisco.com EMail: cpignata@cisco.com
Yongbing Fan Yongbing Fan
China Telecom China Telecom
Guangzhou, China. Guangzhou, China.
Phone: +86 20 38639121 Phone: +86 20 38639121
Email: fanyb@gsta.com
10. References 10. References
10.1. Normative References 10.1. Normative References
[RFC768] Postel, J., "User Datagram Protocol", STD 6, RFC 768, [RFC768] Postel, J., "User Datagram Protocol", STD 6, RFC 768,
August 1980. August 1980.
[RFC791] DARPA, "Internet Protocol", RFC791, September 1981 [RFC791] DARPA, "Internet Protocol", RFC791, September 1981
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
skipping to change at page 13, line 13 skipping to change at page 13, line 13
Protocol Port Randomization", RFC6056, January 2011 Protocol Port Randomization", RFC6056, January 2011
[RFC6790] Kompella, K., Drake, J., Amante, S., Henderickx, W., and [RFC6790] Kompella, K., Drake, J., Amante, S., Henderickx, W., and
L. Yong, "The Use of Entropy Labels in MPLS Forwarding", L. Yong, "The Use of Entropy Labels in MPLS Forwarding",
RFC 6790, November 2012. RFC 6790, November 2012.
[GREMTU] Bonica, R., "A Fragmentation Strategy for Generic Routing [GREMTU] Bonica, R., "A Fragmentation Strategy for Generic Routing
Encapsulation (GRE)", draft-bonica-intara-gre-mtu, work in Encapsulation (GRE)", draft-bonica-intara-gre-mtu, work in
progress progress
[CB] Fairhurst, G., "Network Transport Circuit Breakers",
draft-fairhurst-tsvwg-circuit-breaker-01, work in progress
11. Authors' Addresses 11. Authors' Addresses
Edward Crabbe (editor) Edward Crabbe (editor)
Google Google
1600 Amphitheatre Parkway 1600 Amphitheatre Parkway
Mountain View, CA 94102 Mountain View, CA 94102
US US
Lucy Yong (editor) Lucy Yong (editor)
Huawei Technologies, USA Huawei Technologies, USA
 End of changes. 15 change blocks. 
44 lines changed or deleted 45 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/