<- RFC Index (5801..5900)
RFC 5845
Internet Engineering Task Force (IETF) A. Muhanna
Request for Comments: 5845 M. Khalil
Category: Standards Track Ericsson
ISSN: 2070-1721 S. Gundavelli
K. Leung
Cisco
June 2010
Generic Routing Encapsulation (GRE) Key Option for Proxy Mobile IPv6
Abstract
This specification defines a new mobility option for allowing the
mobile access gateway and the local mobility anchor to negotiate
Generic Routing Encapsulation (GRE) encapsulation mode and exchange
the downlink and uplink GRE keys that are used for marking the
downlink and uplink traffic that belong to a specific mobility
session. In addition, the same mobility option can be used to
negotiate the GRE encapsulation mode without exchanging the GRE keys.
Status of This Memo
This is an Internet Standards Track document.
This document is a product of the Internet Engineering Task Force
(IETF). It represents the consensus of the IETF community. It has
received public review and has been approved for publication by the
Internet Engineering Steering Group (IESG). Further information on
Internet Standards is available in Section 2 of RFC 5741.
Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
http://www.rfc-editor.org/info/rfc5845.
Copyright Notice
Copyright (c) 2010 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
Muhanna, et al. Standards Track [Page 1]
RFC 5845 GRE Key Option for Proxy MIPv6 June 2010
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Conventions and Terminology . . . . . . . . . . . . . . . . . 3
2.1. Conventions . . . . . . . . . . . . . . . . . . . . . . . 3
2.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3
3. GRE Encapsulation and Key Exchange . . . . . . . . . . . . . . 4
3.1. GRE Encapsulation Overview . . . . . . . . . . . . . . . . 4
3.2. GRE Encapsulation Mode Only . . . . . . . . . . . . . . . 6
3.3. GRE Encapsulation and Key Exchange . . . . . . . . . . . . 6
3.3.1. Initial GRE Key Exchange . . . . . . . . . . . . . . . 6
3.3.2. GRE Key Exchange during Binding Re-Registration . . . 7
4. Mobile Access Gateway Considerations . . . . . . . . . . . . . 8
4.1. Extensions to the Conceptual Data Structure . . . . . . . 8
4.2. Operational Summary . . . . . . . . . . . . . . . . . . . 9
5. Local Mobility Anchor Considerations . . . . . . . . . . . . . 10
5.1. Extensions to the Binding Cache Entry . . . . . . . . . . 10
5.2. Operational Summary . . . . . . . . . . . . . . . . . . . 11
6. Message Formats . . . . . . . . . . . . . . . . . . . . . . . 12
6.1. GRE Key Option . . . . . . . . . . . . . . . . . . . . . . 12
6.2. Proxy Binding Update Message Extension . . . . . . . . . . 13
6.3. Proxy Binding Acknowledgement Message Extension . . . . . 14
6.4. Status Codes . . . . . . . . . . . . . . . . . . . . . . . 14
7. Data Packets Processing Considerations . . . . . . . . . . . . 15
7.1. Tunneling Format . . . . . . . . . . . . . . . . . . . . . 15
7.2. TLV-Header Tunneling Negotiation . . . . . . . . . . . . . 16
7.3. Mobile Access Gateway Operation . . . . . . . . . . . . . 18
7.3.1. Sending and Receiving Data Packets . . . . . . . . . . 18
7.4. Local Mobility Anchor Operation . . . . . . . . . . . . . 19
7.4.1. Sending and Receiving Data Packets . . . . . . . . . . 20
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 21
9. Security Considerations . . . . . . . . . . . . . . . . . . . 21
10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 21
11. References . . . . . . . . . . . . . . . . . . . . . . . . . . 22
11.1. Normative References . . . . . . . . . . . . . . . . . . . 22
11.2. Informative References . . . . . . . . . . . . . . . . . . 22
Muhanna, et al. Standards Track [Page 2]
RFC 5845 GRE Key Option for Proxy MIPv6 June 2010
1. Introduction
The Proxy Mobile IPv6 specification [RFC5213] and IPv4 Support for
Proxy Mobile IPv6 [RFC5844] allow the use of IPv6 and IPv4
encapsulation modes as specified in [RFC2473] and [RFC2003] for the
tunneled traffic between the local mobility anchor (LMA) and the
mobile access gateway (MAG). There are scenarios where these
encapsulation modes are not sufficient to uniquely identify the
destination of packets of a specific mobility session. Thus, there
is a need for an encapsulation mode with richer semantics. The
Generic Routing Encapsulation (GRE) [RFC2784], and the Key extension
as defined in [RFC2890], has the required semantics to allow such a
distinction for use in Proxy Mobile IPv6.
This specification defines the GRE Key option to be used for the
negotiation of GRE encapsulation mode and exchange of the uplink and
downlink GRE keys. The negotiated downlink and uplink GRE keys can
be used for marking the downlink and uplink traffic for a specific
mobility session. In addition, this specification enables the mobile
access gateway and the local mobility anchor to negotiate the use of
GRE encapsulation mode without exchanging the GRE keys.
This specification has no impact on IPv4 or IPv6 mobile nodes.
2. Conventions and Terminology
2.1. Conventions
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
specification are to be interpreted as described in RFC 2119
[RFC2119].
2.2. Terminology
All the general mobility-related terminology and abbreviations are to
be interpreted as defined in the Mobile IPv6 [RFC3775], Proxy Mobile
IPv6 [RFC5213], and IPv4 Support for Proxy Mobile IPv6 [RFC5844]
specifications. The following terms are used in this specification.
Downlink Traffic
The traffic in the tunnel between the local mobility anchor and
the mobile access gateway, heading towards the mobile access
gateway and tunneled at the local mobility anchor. This traffic
is also called forward direction traffic.
Muhanna, et al. Standards Track [Page 3]
RFC 5845 GRE Key Option for Proxy MIPv6 June 2010
Uplink Traffic
The traffic in the tunnel between the mobile access gateway and
the local mobility anchor, heading towards the local mobility
anchor and tunneled at the mobile access gateway. This traffic is
also called reverse direction traffic.
Downlink GRE Key
The GRE key is assigned by the mobile access gateway and used by
the local mobility anchor to mark the downlink traffic that
belongs to a specific mobility session as described in this
specification.
Uplink GRE Key
The GRE key is assigned by the local mobility anchor and used by
the mobile access gateway to mark the uplink traffic that belongs
to a specific mobility session as described in this specification.
A Policy Check
When a local mobility anchor receives an initial, handoff-
triggered Binding Lifetime Extension, or Binding Lifetime
Extension Proxy Binding Update for a mobility session, the local
mobility anchor determines if the GRE encapsulation mode only or
GRE encapsulation and GRE keys are required based on a policy
check. This policy could be a per-MAG-LMA pair, a per-LMA local
policy, a per-MN policy, or the combination of any of them.
3. GRE Encapsulation and Key Exchange
This section describes how GRE encapsulation mode is negotiated and
the GRE keys are dynamically exchanged using Proxy Mobile IPv6
protocol [RFC5213] signaling.
3.1. GRE Encapsulation Overview
Using the GRE Key option defined in this specification, the mobile
access gateway and the local mobility anchor can negotiate GRE
encapsulation mode only or GRE encapsulation mode and exchange the
GRE keys for marking the downlink and uplink traffic. In the case
when GRE encapsulation mode only is negotiated between the mobile
access gateway and the local mobility anchor, then no GRE keys are
used.
Muhanna, et al. Standards Track [Page 4]
RFC 5845 GRE Key Option for Proxy MIPv6 June 2010
However, once the GRE keys have been exchanged between the mobile
access gateway and the local mobility anchor as per this
specification, the mobile access gateway will use the uplink GRE key
that is assigned by the local mobility anchor in the GRE header of
the uplink payload packet. Similarly, the local mobility anchor will
use the downlink GRE key as negotiated with the mobile access gateway
in the GRE header of the downlink payload packet.
The following illustration explains the use of GRE encapsulation mode
and the GRE keys for supporting the usecase where overlapping IPv4
private address [RFC1918] allocation is in use.
+------------+
| Operator-A |
| |
| 10.x.0.0/16|
+------------+
/
+------+ +------+ /
| | ========================== | | /
MN-1---| | / \ | | / Key-1
| M | / ---Flows with GRE Key-1 ---- \ | L | / Traffic
MN-2---| A |--| |--| M |-
| G | \ ---Flows with GRE Key-2 ---- / | A | \ Key-2
MN-3---| | \ / | | \Traffic
| | ========================== | | \
MN-4---| | Proxy Mobile IPv6 Tunnel | | \
+------+ +------+ \
\
Operator-C: Access Network +------------+
| Operator-B |
| |
| 10.x.0.0/16|
+------------+
Figure 1: GRE Tunneling for IPv4 Private Address Space Overlapping
Figure 1 illustrates a local mobility anchor providing mobility
service to mobile nodes that are from different operators and are
assigned IPv4 addresses from overlapping private address space. In
this scenario, the mobile access gateway and the local mobility
anchor must be able to distinguish flows belonging to different
operators.
The mobile nodes MN-1 and MN-2 are visiting from Operator-A, and the
mobile nodes MN-3 and MN-4 are visiting from Operator-B. The mobile
access gateway and the local mobility anchor exchange a specific pair
Muhanna, et al. Standards Track [Page 5]
RFC 5845 GRE Key Option for Proxy MIPv6 June 2010
of downlink and uplink GRE keys and save them as part of the mobile
node's binding to be used for identifying the flows belonging to each
mobile node.
The LMA and the MAG will be able to distinguish each mobile node
flow(s) based on the GRE key present in the GRE header of the
tunneled payload packet, and route them accordingly. However, the
GRE keys, as in this specification, apply to the individual mobility
binding updated by the Proxy Binding Update but not to all bindings
that the mobile may have registered following procedures described in
[RFC5648].
3.2. GRE Encapsulation Mode Only
In order for the mobile access gateway to request GRE encapsulation
mode only without exchanging the GRE keys, the mobile access gateway
MUST include the GRE Key option but omit the GRE Key Identifier field
in the Proxy Binding Update.
If the local mobility anchor supports GRE encapsulation and the
received Proxy Binding Update contains the GRE Key option but the GRE
Key Identifier field is omitted, the mobile access gateway is
requesting GRE encapsulation without exchanging the GRE keys
dynamically. If the Proxy Binding Update processing is successful,
the local mobility anchor sends a successful Proxy Binding
Acknowledgement message with the GRE Key option but the GRE Key
Identifier field is omitted.
When the mobile access gateway and the local mobility anchor
successfully negotiate the GRE encapsulation mode only, then no GRE
keys are used.
3.3. GRE Encapsulation and Key Exchange
The following subsections describe how the mobile access gateway and
the local mobility anchor negotiate GRE encapsulation and exchange
downlink and uplink GRE keys using the Proxy Mobile IPv6 registration
procedure.
3.3.1. Initial GRE Key Exchange
When the mobile access gateway determines, based on, e.g., private
IPv4 address support [RFC1918], the mobile access gateway local
policy, or the MAG-LMA peer agreement, that GRE encapsulation is
needed and GRE keys are required, the mobile access gateway MUST
include the GRE Key option in the initial Proxy Binding Update
Muhanna, et al. Standards Track [Page 6]
RFC 5845 GRE Key Option for Proxy MIPv6 June 2010
message sent to the local mobility anchor. The mobile access gateway
MUST include the downlink GRE key in the GRE Key Identifier field of
the GRE Key option.
After the local mobility anchor successfully processes the initial
Proxy Binding Update and accepts the GRE encapsulation request and
the downlink GRE key based on a policy check, the local mobility
anchor MUST include the GRE Key option with the uplink GRE key in the
GRE Key Identifier field in a successful Proxy Binding
Acknowledgement and send it to the mobile access gateway.
3.3.2. GRE Key Exchange during Binding Re-Registration
If the local mobility anchor has successfully negotiated and
exchanged the initial GRE keys with the mobile access gateway for a
specific mobile node's mobility session, the local mobility anchor
MUST maintain the same negotiated uplink GRE key for the lifetime of
that mobility session. However, for administrative reasons, e.g.,
local mobility anchor reboot, the local mobility anchor MAY change
the uplink GRE key for the mobility session. In that case, some
packet loss may be experienced.
If the mobile access gateway has successfully negotiated and
exchanged the initial GRE keys with the local mobility anchor for a
specific mobile node's mobility session, the mobile access gateway
MUST include the GRE Key option with the downlink GRE key in the
Proxy Binding Update that is used to request a Binding Lifetime
Extension. In this case, if the local mobility anchor successfully
processes the Proxy Binding Update message, the local mobility anchor
MUST return the same uplink GRE key that was exchanged with the
mobile access gateway in the last successful Proxy Binding Update for
the same mobility session in the GRE Key option in a successful Proxy
Binding Acknowledgement message.
However, during inter-MAG handoff and if the new mobile access
gateway determines, based on, e.g., private IPv4 address support, the
mobile access gateway local policy, the MAG-LMA peer agreement, or an
indication during the handoff process, that GRE encapsulation and GRE
keys exchange are required, the new mobile access gateway MUST
include the GRE Key option with the downlink GRE key in the Proxy
Binding Update that is used to request an after-handoff Binding
Lifetime Extension. In this case, the new mobile access gateway may
either pick a new downlink GRE key or use the downlink GRE key that
was used by the previous mobile access gateway for the same binding.
For the new mobile access gateway to know the downlink GRE key used
by the previous mobile access gateway, it may require transfer of
Muhanna, et al. Standards Track [Page 7]
RFC 5845 GRE Key Option for Proxy MIPv6 June 2010
context from the previous mobile access gateway to the new mobile
access gateway during a handoff. Such mechanisms are out of scope
for this specification.
If the local mobility anchor successfully processes a handoff-
triggered Binding Lifetime Extension Proxy Binding Update message
that contains a GRE Key option with a downlink GRE key included, the
local mobility anchor MUST return the same uplink GRE key that was
exchanged with the previous mobile access gateway for the same
mobility session in the GRE Key option in a successful Proxy Binding
Acknowledgement.
If the local mobility anchor receives a handoff-triggered Binding
Lifetime Extension Proxy Binding Update message without the GRE Key
option for a Binding Cache entry (BCE) that is using GRE keys and GRE
encapsulation, the local mobility anchor makes a policy check
regarding GRE encapsulation and GRE key exchange. If, according to
the policy check, GRE encapsulation and GRE key exchange are
required, the local mobility anchor MUST reject the Proxy Binding
Update by sending a Proxy Binding Acknowledgement message with the
Status field set to GRE_KEY_OPTION_REQUIRED as defined in
Section 6.4. Otherwise, the local mobility anchor SHOULD accept the
Proxy Binding Update, and if it is processed successfully, the local
mobility anchor MUST return a successful Proxy Binding
Acknowledgement without including the GRE Key option.
4. Mobile Access Gateway Considerations
4.1. Extensions to the Conceptual Data Structure
Every mobile access gateway maintains a Binding Update List (BUL)
entry for each currently attached mobile node, as explained in
Section 6.1 of the Proxy Mobile IPv6 specification [RFC5213]. To
support this specification, the conceptual Binding Update List entry
data structure must be extended with the following four new
additional fields.
o A flag (GRE-encapsulation-enabled) is used for indicating whether
GRE encapsulation is enabled for the mobile node's traffic.
o The downlink GRE key used in the GRE encapsulation header of the
tunneled payload packet from the local mobility anchor to the
mobile access gateway that is destined to the mobile node. This
GRE key is generated by the mobile access gateway and communicated
to the local mobility anchor in the GRE Key option in the Proxy
Binding Update message.
Muhanna, et al. Standards Track [Page 8]
RFC 5845 GRE Key Option for Proxy MIPv6 June 2010
o The uplink GRE key used in the GRE encapsulation header of the
tunneled payload packet from the mobile access gateway to the
local mobility anchor that is originating from the mobile node.
This GRE key is obtained from the GRE Key Identifier field of the
GRE Key option present in the received Proxy Binding
Acknowledgement message sent by the local mobility anchor as
specified in this document.
o A flag indicating whether UDP-based TLV-header format
(Section 7.2) is enabled for the mobile node's traffic. This flag
is TRUE only when UDP tunneling as in [RFC5844] and GRE
encapsulation as in this specification are both enabled for this
mobility session.
4.2. Operational Summary
o If the mobile access gateway determines that GRE encapsulation
mode only is required, the mobile access gateway MUST include the
GRE Key option but omit the GRE Key Identifier field in the Proxy
Binding Update message that is sent to the local mobility anchor.
o If the mobile access gateway determines that GRE encapsulation and
GRE keys are required, the mobile access gateway MUST include the
GRE Key option with the downlink GRE key in the GRE Key Identifier
field in the Proxy Binding Update message that is sent to the
local mobility anchor.
o After receiving a successful Proxy Binding Acknowledgement message
with the GRE Key option with the GRE Key Identifier field omitted,
the mobile access gateway MUST update the mobile node's Binding
Update List entry described in Section 4.1 by only setting the
GRE-encapsulation-enabled flag.
o After receiving a successful Proxy Binding Acknowledgement message
with the GRE Key option and the uplink GRE key included in the GRE
Key Identifier field, the mobile access gateway MUST update the
related fields in the mobile node's Binding Update List entry
described in Section 4.1. Additionally, the mobile access gateway
MUST use the assigned uplink GRE Key for tunneling all the traffic
that belongs to this mobile node BUL entry and that originated
from the mobile node before forwarding the tunneled traffic to the
local mobility anchor.
o If the mobile access gateway includes the GRE Key option in the
Proxy Binding Update for a specific mobile node and the local
mobility anchor accepts the Proxy Binding Update by sending a
Proxy Binding Acknowledgement with a success status code (less
than 128) other than GRE_KEY_OPTION_NOT_REQUIRED, but without the
Muhanna, et al. Standards Track [Page 9]
RFC 5845 GRE Key Option for Proxy MIPv6 June 2010
GRE Key option, then the mobile access gateway MUST consider that
the local mobility anchor does not support the GRE Key option as
per this specification. The mobile access gateway SHOULD NOT
include the GRE Key option in any subsequent Proxy Binding Update
message that is sent to that local mobility anchor.
o If the mobile access gateway sent a Proxy Binding Update message
without the GRE Key option, but the received Proxy Binding
Acknowledgement has the status code GRE_KEY_OPTION_REQUIRED,
indicating that GRE encapsulation and GRE keys are required, the
mobile access gateway SHOULD resend the Proxy Binding Update
message with the GRE Key option. If the mobile access gateway
does not support the GRE Key option, it MAY log the event and
possibly raise an alarm to indicate a possible misconfiguration.
o If the mobile access gateway sent a Proxy Binding Update message
with the GRE Key option and the downlink GRE key included and
received a successful Proxy Binding Acknowledgement message with
the status code GRE_KEY_OPTION_NOT_REQUIRED, the mobile access
gateway MUST consider that GRE encapsulation and GRE keys are not
required for this specific mobility session. The mobile access
gateway follows procedures in the Proxy Mobile IPv6 specification
[RFC5213] for the handling of uplink and downlink traffic and MUST
NOT include the GRE Key option in any subsequent Proxy Binding
Update message that is sent to the local mobility anchor for this
mobility session.
o If the mobile access gateway has successfully negotiated GRE
encapsulation and exchanged the GRE keys with the local mobility
anchor for a specific mobility session, the mobile access gateway
SHOULD NOT include the GRE Key option in the de-registration Proxy
Binding Update.
o On receiving a packet from the tunnel with the GRE header, the
mobile access gateway MUST use the GRE key present in the GRE
extension header as an additional identifier to determine to which
mobility session this packet belongs. The GRE header is removed
before further processing takes place.
5. Local Mobility Anchor Considerations
5.1. Extensions to the Binding Cache Entry
When the local mobility anchor and the mobile access gateway
successfully negotiate GRE encapsulation and exchange downlink and
uplink GRE keys, the local mobility anchor MUST maintain the downlink
and uplink GRE keys as part of the mobile node's BCE. This requires
the BCE described in Section 5.1 of the Proxy Mobile IPv6
Muhanna, et al. Standards Track [Page 10]
RFC 5845 GRE Key Option for Proxy MIPv6 June 2010
specification [RFC5213] to be extended. To support this
specification, the BCE must be extended with the following four
additional fields.
o A flag indicating whether GRE encapsulation is enabled for the
mobile node's traffic flows.
o The downlink GRE key, assigned by the mobile access gateway and
used in the GRE encapsulation header of the tunneled payload
packet from the local mobility anchor to the mobile access
gateway.
o The uplink GRE key, assigned by the local mobility anchor and used
in the GRE encapsulation header of the tunneled payload packet
from the mobile access gateway to the local mobility anchor.
o A flag indicating whether UDP-based TLV-header format
(Section 7.2) is enabled for the mobile node's traffic. This flag
is TRUE only when UDP tunneling as in [RFC5844] and GRE
encapsulation as in this specification are both enabled for this
mobility session.
5.2. Operational Summary
o If the local mobility anchor successfully processes a Proxy
Binding Update message with the GRE Key option, but the GRE Key
Identifier field is omitted for initial GRE key exchange, the
local mobility anchor MUST include the GRE Key option but omit the
GRE Key Identifier field when responding with a successful Proxy
Binding Acknowledgement message.
o If the local mobility anchor successfully processes a Proxy
Binding Update message with the GRE Key option and the downlink
GRE key included in the GRE Key Identifier field for initial GRE
key exchange as in Section 3.3.1, the local mobility anchor MUST
include the GRE Key option with the uplink GRE key included in the
GRE Key Identifier field when responding with a successful Proxy
Binding Acknowledgement message.
o If the GRE tunneling is negotiated and the downlink and uplink GRE
keys have been exchanged between the mobile access gateway and the
local mobility anchor for a specific mobility session, the local
mobility anchor MUST use the negotiated downlink GRE key in the
GRE header of every packet that is destined to the mobile node of
this specific mobility session over the GRE tunnel to the mobile
access gateway.
Muhanna, et al. Standards Track [Page 11]
RFC 5845 GRE Key Option for Proxy MIPv6 June 2010
o If the received Proxy Binding Update message does not contain the
GRE Key option, and if the local mobility anchor based on a policy
check determines that GRE encapsulation and GRE keys are required,
e.g., overlapping IPv4 private addressing is in use, a local
mobility anchor local policy, or LMA-MAG peer agreement, the local
mobility anchor MUST reject the request and send a Proxy Binding
Acknowledgement message to the mobile access gateway with the
status code GRE_KEY_OPTION_REQUIRED as defined in Section 6.4.
This indicates that GRE encapsulation and GRE keys are required.
o If, after receiving and successfully processing a Proxy Binding
Update message with the GRE Key option, the local mobility anchor
determines, based on a policy check, that GRE encapsulation and
GRE keys are not required for this specific binding, e.g., private
IPv4 addressing is not in use, the local mobility anchor SHOULD
send a successful Proxy Binding Acknowledgement message to the
mobile access gateway with the status code
GRE_KEY_OPTION_NOT_REQUIRED. In this case, the local mobility
anchor MUST NOT include the GRE Key option in the Proxy Binding
Acknowledgement.
o If the local mobility anchor successfully processes a de-
registration Proxy Binding Update message, the local mobility
anchor follows the same de-registration process as described in
the Proxy Mobile IPv6 specification [RFC5213] to clean the Binding
Cache entry and all associated resources including the downlink
and uplink GRE keys.
o On receiving a packet from the tunnel with the GRE header, the
local mobility anchor MUST use the GRE key in the GRE extension
header as an additional identifier to determine to which mobility
session this packet belongs. The GRE header is removed before
further processing takes place.
6. Message Formats
This section defines an extension to the Mobile IPv6 protocol
[RFC3775] messages. The use of the GRE Key option for supporting GRE
tunneling and GRE key exchange for Proxy Mobile IPv6 is defined in
this specification.
6.1. GRE Key Option
A new mobility option, the GRE Key option, is defined for use in the
Proxy Binding Update and Proxy Binding Acknowledgement messages
exchanged between the mobile access gateway and the local mobility
anchor. This option can be used for negotiating GRE encapsulation
mode only or GRE encapsulation and exchanging the downlink and uplink
Muhanna, et al. Standards Track [Page 12]
RFC 5845 GRE Key Option for Proxy MIPv6 June 2010
GRE keys. These GRE keys can be used by the peers in all GRE
encapsulated payload packets for marking that specific mobile node's
data traffic.
The alignment requirement for this option is 4n.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| GRE Key Identifier |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 2: GRE Key Option
Type
33
Length
An 8-bit unsigned integer indicating the length in octets of the
option, excluding the Type and Length fields. If the Length field
is set to 2, it indicates that the GRE Key Identifier field is not
being carried in the option. If the Length field is set to a
value of 6, it means that either the downlink or the uplink GRE
key is carried.
Reserved
These fields are unused. They MUST be initialized to zero by the
sender and MUST be ignored by the receiver.
GRE Key Identifier
A 32-bit field containing the downlink or the uplink GRE key.
This field is present in the GRE Key option only if the GRE keys
are being exchanged using the Proxy Binding Update and Proxy
Binding Acknowledgement messages.
6.2. Proxy Binding Update Message Extension
This specification extends the Proxy Binding Update message as
defined in [RFC5213] with the new TLV-header format (T) flag. The
new (T) flag is described below and shown as part of the Proxy
Binding Update message as in Figure 3.
Muhanna, et al. Standards Track [Page 13]
RFC 5845 GRE Key Option for Proxy MIPv6 June 2010
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Sequence # |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|A|H|L|K|M|R|P|F|T| Reserved | Lifetime |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 3: Proxy Binding Update Message
TLV-header format (T)
When set, this flag indicates that the mobile access gateway
requests the use of the TLV header for encapsulating IPv6 or IPv4
packets in IPv4. The TLV-header format is described in
Section 7.2. None of the other fields or flags in the Proxy
Binding Update are modified by this specification.
6.3. Proxy Binding Acknowledgement Message Extension
This specification extends the Proxy Binding Acknowledgement message
as defined in [RFC5213] with the new TLV-header format (T) flag. The
new (T) flag is described below and shown as part of the Proxy
Binding Acknowledgement message as in Figure 4.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Status |K|R|P|T| Res |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Sequence # | Lifetime |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 4: Proxy Binding Acknowledgement Message
TLV-header format (T)
When set, this flag indicates that the sender of the Proxy Binding
Acknowledgement, the LMA, supports tunneling IPv6-or-IPv4 in IPv4
using TLV-header format. None of the other fields or flags in the
Proxy Binding Acknowledgement are modified by this specification.
6.4. Status Codes
The following status code values are defined for use in the Binding
Acknowledgement message when using Proxy Mobile IPv6.
Muhanna, et al. Standards Track [Page 14]
RFC 5845 GRE Key Option for Proxy MIPv6 June 2010
GRE_KEY_OPTION_NOT_REQUIRED (2)
When the local mobility anchor receives a Proxy Binding Update
with the GRE Key option, and based on a policy check it determines
that GRE encapsulation is not required for this specific mobility
session, it uses this code to indicate to the mobile access
gateway that the Proxy Binding Update has been processed
successfully but GRE encapsulation and GRE keys are not required.
GRE_TUNNELING_BUT_TLV_HEADER_NOT_SUPPORTED (3)
If the local mobility anchor receives a Proxy Binding Update with
the GRE Key option and TLV-header format (T) flag set, the local
mobility anchor uses this code to indicate to the mobile access
gateway that GRE encapsulation has been successfully negotiated
but TLV-header format is NOT supported.
GRE_KEY_OPTION_REQUIRED (163)
When the local mobility anchor receives a Proxy Binding Update
without the GRE Key option while based on a policy check, the
local mobility anchor determines that GRE encapsulation is
required for this specific mobility session and uses this code to
reject the Proxy Binding Update and indicate to the mobile access
gateway that GRE encapsulation and GRE keys are required.
7. Data Packets Processing Considerations
This section describes how the local mobility anchor and mobile
access gateway encapsulate and decapsulate data packets when GRE
encapsulation and GRE keys are used for tunneling the mobile node's
data traffic between these two mobile nodes.
7.1. Tunneling Format
When GRE encapsulation is used, the mobile access gateway is allowed
to use various tunneling formats depending on the mobile access
gateway location and the network capabilities between the mobile
access gateway and the local mobility anchor. Using GRE
encapsulation, as described in [RFC2784] and [RFC2890], the mobile
access gateway can tunnel the IPv6-or-IPv4 payload packet in IPv6 or
in IPv4 following the rules in [RFC5213] and [RFC5844].
If UDP-based tunneling is used in conjunction with GRE encapsulation
between the mobile access gateway and the local mobility anchor, the
TLV-header UDP tunneling format as shown in Figure 5 MUST be used.
Muhanna, et al. Standards Track [Page 15]
RFC 5845 GRE Key Option for Proxy MIPv6 June 2010
[IPv4 Header]
[UDP Header]
[TLV Header]
[GRE Header]
[Payload - IPv6 or IPv4 Header]
Upper Layer protocols
Figure 5: TLV-Header UDP-Based Encapsulation Header Order
When a UDP-based tunneling format is used between the mobile access
gateway and the local mobility anchor, the use of the TLV header is
negotiated during the Proxy Binding Update/Acknowledgement exchange
as described in Sections 7.3 and 7.4. If the TLV-header format is
agreed upon between the mobile access gateway and local mobility
anchor, the local mobility anchor expects the TLV header to follow
the UDP header as shown in Figure 5. The TLV header contains the
Type field, the following payload packet header type, and its length.
The Type field in the TLV header is always set to a value of 0 to
enhance the processing of the received packet by ensuring that the
receiver can differentiate whether what came after the UDP header is
a TLV-header Type field or an IP version field of an IP header.
Hence, the TLV header can carry traffic other than IP as indicated in
the Next Header field. The distinction between IP and TLV
encapsulation is needed, because the Proxy Binding Update (IP packet)
and the data packets (GRE packets) can be sent over the same UDP
tunnel.
When processing a UDP packet with the TLV-header format, if the
receiving node found that the payload packet length as calculated
from the UDP header length field is different than its length as
calculated from the TLV-header length field, the receiving node MUST
discard the received IP packet.
7.2. TLV-Header Tunneling Negotiation
The mobile access gateway negotiates the format for tunneling payload
traffic during the Proxy Mobile IPv6 registration procedure. If the
mobile access gateway is required to use the TLV-header UDP
encapsulation format, the mobile access gateway MUST set the TLV-
header format (T) flag in the Proxy Binding Update message sent to
the local mobility anchor. If the local mobility anchor supports the
TLV-header UDP tunneling format, the local mobility anchor SHOULD set
the TLV-header format (T) flag in the Proxy Binding Acknowledgement.
Muhanna, et al. Standards Track [Page 16]
RFC 5845 GRE Key Option for Proxy MIPv6 June 2010
Otherwise, the TLV-header format (T) flag is cleared. The setting of
the TLV-header Format (T) flag in the Proxy Binding Acknowledgement
indicates to the mobile access gateway that it MUST use the TLV-
header UDP encapsulation format for all packets tunneled to the local
mobility anchor for the entire duration the mobile node is attached
to the mobile access gateway. The TLV-header UDP tunneling format
SHOULD NOT change during a Binding Lifetime Extension Proxy Binding
Update (re-registration) from the same mobile access gateway.
Any Proxy Binding Update message triggered by a handoff (Section
5.3.4 of [RFC5213]) may renegotiate the tunneling format. Therefore,
in order to avoid interoperability issues, the local mobility anchor
MUST NOT set the TLV-header format (T) flag unless it was set in the
Proxy Binding Update received from the mobile access gateway.
The TLV-header format is as shown below in Figure 6.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Res. | Next Header | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 6: TLV-Header Format
Type
This field is always 0 (zero) and distinguishes the TLV header
from the IPv4 and IPv6 headers.
Res.
These fields are Reserved and unused. They MUST be initialized to
zero by the sender and MUST be ignored by the receiver.
Next Header
An 8-bit unsigned integer that indicates the protocol number of
the payload header following this TLV header. It is set to the
protocol number as assigned by IANA in the "Assigned Internet
Protocol Numbers" registry. For example, if an IPv6 header
follows, it should be '41'; if a GRE header follows, it should be
'47'.
Length
A 16-bit unsigned integer indicating the length in octets of the
payload following this header, excluding the TLV header itself.
Muhanna, et al. Standards Track [Page 17]
RFC 5845 GRE Key Option for Proxy MIPv6 June 2010
7.3. Mobile Access Gateway Operation
When sending a Proxy Binding Update message over an IPv4 transport
network, the mobile access gateway follows the procedures specified
in [RFC5844] for using IPv4-UDP encapsulation mode. However, when
using GRE header in conjunction with IPv4-UDP encapsulation mode is
required, the mobile access gateway MUST set the TLV-header format
(T) flag in the Proxy Binding Update and follow this specification
for GRE encapsulation negotiation. If the received Proxy Binding
Acknowledgement is successful and the TLV-header format (T) flag is
set and the GRE Key option included, the mobile access gateway MUST
update the mobile node's Binding Update List entry described in
Section 4.1 by setting the UDP-based TLV-header format (T) flag. In
this case, the mobile access gateway MUST use the TLV-header UDP-
based encapsulation format as shown in Figure 5.
If the mobile access gateway receives a Proxy Binding Acknowledgement
with the status GRE_TUNNELING_BUT_TLV_HEADER_NOT_SUPPORTED in
response to a Proxy Binding Update with the GRE Key option and the
(T) flag set, the mobile access gateway MUST use GRE encapsulation
without UDP encapsulation. If the mobile access gateway is allowed
to use GRE encapsulation without UDP tunneling, the mobile access
gateway MUST update the mobile node's Binding Update List entry
described in Section 4.1 by setting the GRE-encapsulation-enabled
flag and the uplink and downlink GRE key fields. In this case, the
mobile access gateway MUST set the UDP-based TLV-header format (T)
flag to FALSE. A Proxy Binding Acknowledgement message with the
status code GRE_TUNNELING_BUT_TLV_HEADER_NOT_SUPPORTED has the (T)
flag cleared. Alternatively, the mobile access gateway may resend
the Proxy Binding Update to negotiate different tunneling options,
e.g., using UDP-based tunneling without GRE encapsulation if possible
or de-register the mobile node mobility session.
7.3.1. Sending and Receiving Data Packets
When the mobile access gateway is located in an IPv6-enabled or IPv4-
enabled network, it may be required to use GRE encapsulation for
tunneling IPv6 or IPv4 data packets to the local mobility anchor. In
this case, and if the mobile access gateway has successfully
negotiated GRE encapsulation mode only or GRE encapsulation and GRE
keys as described in this specification, the mobile access gateway
encapsulates or decapsulates IPv6-or-IPv4 payload packets following
the rules described in [RFC5213] and [RFC5844] while ensuring that
the GRE header is present as shown in Figure 7.
Muhanna, et al. Standards Track [Page 18]
RFC 5845 GRE Key Option for Proxy MIPv6 June 2010
[IPv6 or IPv4 Header]
[GRE Header]
[Payload - IPv6 or IPv4 Header]
Upper Layer protocols
Figure 7: IPv6-or-IPv4 over IPv4 Using GRE Encapsulation
On the other hand, if the mobile access gateway is located in an
IPv4-only network where NAT has been detected on the path between the
mobile access gateway and the local mobility anchor and successfully
negotiated GRE encapsulation and the TLV-header format, the mobile
access gateway MUST use UDP TLV-header tunneling format when sending
an IPv6-or-IPv4 payload packet to the local mobility anchor according
to the format described in Figure 5. The source and the destination
of the IPv4 outer header are mobile node IPv4 Proxy Care-of Address,
IPv4-Proxy-CoA, and the IPv4 local mobility anchor address, IPv4-
LMAA, respectively. In addition, the source and the destination IP
addresses of the IPv6-or-IPv4 payload data packet are the mobile
node's IPv6-or-IPv4 home address, IPv6/IPv4-MN-HoA, and the IPv6-or-
IPv4 corresponding node's address, IPv6/IPv4-CN-Addr, respectively.
7.4. Local Mobility Anchor Operation
When the local mobility anchor receives a Proxy Binding Update
encapsulated in UDP and containing the IPv4 Home Address Request
option ([RFC5844]), it needs to follow all the steps in [RFC5213] and
[RFC5844]. In addition, if the TLV-header format (T) flag is set in
the Proxy Binding Update, the local mobility anchor needs to
determine whether it can accept the TLV-header UDP-based
encapsulation format. If it does, it SHOULD set the TLV-header
format (T) flag in the Proxy Binding Acknowledgement. Otherwise, the
local mobility anchor MUST NOT set the TLV-header format (T) flag in
the Proxy Binding Acknowledgement.
If the local mobility anchor (LMA) receives a Proxy Binding Update
with the GRE Key option and TLV-header format (T) flag set and, based
on a policy check, the LMA determines that GRE encapsulation is
required and the LMA supports TLV-header tunneling and the LMA sent a
successful Proxy Binding Acknowledgement with the TLV-header format
(T) flag set, the LMA MUST update the mobile node's Binding Cache
entry described in Section 5.1 by setting the GRE-encapsulation-
enabled flag and update the uplink and downlink GRE key fields. In
addition, the LMA MUST set the UDP-based TLV-header format flag.
Muhanna, et al. Standards Track [Page 19]
RFC 5845 GRE Key Option for Proxy MIPv6 June 2010
If the LMA receives a Proxy Binding Update with the GRE Key option
and TLV-header format (T) flag set and, based on a policy check, the
LMA determines that GRE encapsulation is required BUT the LMA does
NOT support TLV-header tunneling and if the Proxy Binding Update has
been successfully processed, the LMA MUST send a successful Proxy
Binding Acknowledgement with the status code
GRE_TUNNELING_BUT_TLV_HEADER_NOT_SUPPORTED. This way, the LMA
indicates to the mobile access gateway that GRE encapsulation has
been successfully negotiated BUT TLV-header UDP-based tunneling
format is not supported. In this case, the LMA MUST update the
mobile node's BCE described in Section 5.1 by setting the GRE
encapsulation enabled flag and update the uplink and downlink GRE key
fields. In this case, the LMA MUST set the UDP-based TLV-header
format flag to FALSE.
If the local mobility anchor and the mobile access gateway have
successfully negotiated the TLV-header UDP-based tunneling format and
GRE encapsulation for a specific mobility session, the local mobility
anchor processes data packets as described in the following
subsection.
7.4.1. Sending and Receiving Data Packets
The local mobility anchor may use GRE encapsulation for tunneling an
IPv6 or IPv4 data packet to the mobile access gateway. If the local
mobility anchor has successfully negotiated GRE encapsulation with
the mobile access gateway for a specific mobility session, the local
mobility anchor encapsulates and decapsulates IPv6-or-IPv4 payload
data packets following the rules described in [RFC5213] and [RFC5844]
while ensuring that the GRE header is present as shown in Figure 7.
In the case when TLV-tunneling format and GRE encapsulation for a
specific mobility session have been successfully negotiated between
the local mobility anchor and the mobile access gateway, the local
mobility anchor follows the TLV-header UDP-based tunneling format and
header order as shown in Figure 5 to encapsulate IPv4 or IPv6 payload
packets in IPv4 before sending the IPv4 packet to the mobile access
gateway. In this case, the source and the destination of the IPv4
outer header are IPv4-LMAA and IPv4-Proxy-CoA, respectively. In
addition, the source and the destination IP addresses of the IPv6-or-
IPv4 payload data packet are IPv6/IPv4-CN-Addr and IPv6/IPv4-MN-HoA,
respectively. On the other hand, the local mobility anchor ensures
the same TLV-header UDP-based tunneling format and header order when
it decapsulates received IPv4 packets from the mobile access gateway
for the same mobility session.
Muhanna, et al. Standards Track [Page 20]
RFC 5845 GRE Key Option for Proxy MIPv6 June 2010
8. IANA Considerations
This specification defines a new mobility option, the GRE Key option,
described in Section 6.1. This option is carried in the Mobility
Header. The type value for this option has been assigned from the
same numbering space as allocated for the other mobility options
defined in the Mobile IPv6 specification [RFC3775].
This specification also defines three new Binding Acknowledgement
status codes as described in Section 6.4 and IANA has allocated the
numeric values as specified in Section 6.4 from the "Status Codes"
registry of the Mobility IPv6 Parameters.
9. Security Considerations
The GRE Key option, defined in this specification, when carried in
Proxy Binding Update and Proxy Binding Acknowledgement messages,
reveals the group affiliation of a mobile node identified by its
Network Access Identifier (NAI) or an IP address. It may help an
attacker in targeting flows belonging to a specific group. This
vulnerability can be prevented, by enabling confidentiality
protection on the Proxy Binding Update and Proxy Binding
Acknowledgement messages where the presence of the NAI and GRE Key
options establish a mobile node's relation to a specific group. This
vulnerability can also be avoided by enabling confidentiality
protection on all the tunneled data packets between the mobile access
gateway and the local mobility anchor, for hiding all the markings.
In Proxy Mobile IPv6 [RFC5213], the use of IPsec [RFC4301] for
protecting a mobile node's data traffic is optional. Additionally,
Proxy Mobile IPv6 recommends the use of Encapsulating Security
Payload (ESP) [RFC4303] in tunnel mode when using ESP for protecting
the mobile node's data traffic. However, when GRE encapsulation is
used, both IPsec tunnel mode and transport mode can be used to
protect the GRE header. The IPsec traffic selectors will contain the
protocol number for GRE, and there is currently no mechanism to use
the GRE key as a traffic selector.
10. Acknowledgements
The authors would like to thank Alessio Casati, Barney Barnowski,
Mark Grayson, and Parviz Yegani for their input on the need for this
option. The authors would like to thank Charlie Perkins, Curtis
Provost, Irfan Ali, Jouni Korhonen, Julien Laganier, Kuntal
Chowdhury, Suresh Krishnan, and Vijay Devarapalli for their review
and comments.
Muhanna, et al. Standards Track [Page 21]
RFC 5845 GRE Key Option for Proxy MIPv6 June 2010
11. References
11.1. Normative References
[RFC1918] Rekhter, Y., Moskowitz, R., Karrenberg, D., Groot, G., and
E. Lear, "Address Allocation for Private Internets",
BCP 5, RFC 1918, February 1996.
[RFC2003] Perkins, C., "IP Encapsulation within IP", RFC 2003,
October 1996.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2473] Conta, A. and S. Deering, "Generic Packet Tunneling in
IPv6 Specification", RFC 2473, December 1998.
[RFC2784] Farinacci, D., Li, T., Hanks, S., Meyer, D., and P.
Traina, "Generic Routing Encapsulation (GRE)", RFC 2784,
March 2000.
[RFC2890] Dommety, G., "Key and Sequence Number Extensions to GRE",
RFC 2890, September 2000.
[RFC3775] Johnson, D., Perkins, C., and J. Arkko, "Mobility Support
in IPv6", RFC 3775, June 2004.
[RFC5213] Gundavelli, S., Leung, K., Devarapalli, V., Chowdhury, K.,
and B. Patil, "Proxy Mobile IPv6", RFC 5213, August 2008.
[RFC5844] Wakikawa, R. and S. Gundavelli, "IPv4 Support for Proxy
Mobile IPv6", RFC 5844, May 2010.
11.2. Informative References
[RFC4301] Kent, S. and K. Seo, "Security Architecture for the
Internet Protocol", RFC 4301, December 2005.
[RFC4303] Kent, S., "IP Encapsulating Security Payload (ESP)",
RFC 4303, December 2005.
[RFC5648] Wakikawa, R., Devarapalli, V., Tsirtsis, G., Ernst, T.,
and K. Nagami, "Multiple Care-of Addresses Registration",
RFC 5648, October 2009.
Muhanna, et al. Standards Track [Page 22]
RFC 5845 GRE Key Option for Proxy MIPv6 June 2010
Authors' Addresses
Ahmad Muhanna
Ericsson, Inc.
2201 Lakeside Blvd.
Richardson, TX 75082
USA
EMail: ahmad.muhanna@ericsson.com
Mohamed Khalil
Ericsson, Inc.
6300 Legacy Dr.
Plano, TX 75024
USA
EMail: Mohamed.khalil@ericsson.com
Sri Gundavelli
Cisco
170 West Tasman Drive
San Jose, CA 95134
USA
EMail: sgundave@cisco.com
Kent Leung
Cisco
170 West Tasman Drive
San Jose, CA 95134
USA
EMail: kleung@cisco.com
Muhanna, et al. Standards Track [Page 23]