Alternate Tunnel Encapsulation for Data
Frames in CAPWAPChina TelecomNo.109 Zhongshandadao avenueGuangzhou510630Chinazhangr@gsta.comCisco170 West Tasman DriveSan Jose, CA 95134USArpazhyan@cisco.comCisco170 West Tasman DriveSan Jose, CA 95134USAsgundave@cisco.comHuaweiXinxi Rd. 3Beijing100085Chinazhencao.ietf@gmail.comHuaweiXinxi Rd. 3Beijing 100085Chinadenghui02@gmail.comHuaweiNo.156 Beiqing Rd. Z-park, HaiDian DistrictBeijing100095Chinaduzongpeng@huawei.com
OPS
Opsawg Working GroupControl and Provisioning of Wireless Access Points (CAPWAP) defines a
specification to encapsulate a station's data frames between the
Wireless Transmission Point (WTP) and Access Controller (AC).
Specifically, the station's IEEE 802.11 data frames can be either
locally bridged or tunneled to the AC. When tunneled, a CAPWAP data
channel is used for tunneling. In many deployments encapsulating data
frames to an entity other than the AC (for example to an Access Router
(AR)) is desirable. Furthermore, it may also be desirable to use
different tunnel encapsulation modes between the WTP and the Access
Router. This document defines extension to CAPWAP protocol for
supporting this capability and refers to it as alternate tunnel
encapsulation. The alternate tunnel encapsulation allows 1) the WTP to
tunnel non-management data frames to an endpoint different from the AC
and 2) the WTP to tunnel using one of many known encapsulation types
such as IP-IP, IP-GRE, CAPWAP. The WTP may advertise support for
alternate tunnel encapsulation during the discovery and join process and
AC may select one of the supported alternate tunnel encapsulation types
while configuring the WTP.Service Providers are deploying very large Wi-Fi deployments (ranging
from hundreds of thousands of Access Points, APs (referred to as WTPs in
CAPWAP terminology) to millions of APs. These networks are designed to
carry traffic generated from mobile users. The volume in mobile user
traffic is already very large and expected to continue growing rapidly.
As a result, operators are looking for scalable solutions that can meet
the increasing demand. The scalability requirement can be met by
splitting the control/management plane from the data plane. This enables
the data plane to scale independent of the control/management plane.
This specification provides a way to enable such separation.CAPWAP (, ) defines a
tunnel mode that describes how the WTP handles the data plane (user
traffic). The following types are defined:Local Bridging: All data frames are locally bridged.802.3 Tunnel: All data frames are tunneled to the AC in 802.3
format.802.11 Tunnel: All data frames are tunneled to the AC in 802.11
format. describes a system with Local Bridging.
The AC is in a centralized location. The data plane is locally bridged
by the WTPs leading to a system with centralized control plane with
distributed data plane. This system has two benefits: 1) reduces the
scale requirement on data traffic handling capability of the AC and 2)
leads to more efficient/optimal routing of data traffic while
maintaining centralized control/management.The AC handles control of WTPs. In addition, the AC also handles the
IEEE 802.11 management traffic to/from the stations. There is CAPWAP
Control and Data Channel between the WTP and the AC. Note that even
though there is no user traffic transported between the WTP and AC,
there is still a CAPWAP Data Channel. The CAPWAP Data Channel carries
the IEEE 802.11 management traffic (like IEEE 802.11 Action Frames). shows a system where the
tunnel mode is configured to tunnel data frames between the WTP and the
AC either using 802.3 Tunnel or 802.11 Tunnel configurations. Operators
deploy this configuration when they need to tunnel the user traffic. The
tunneling requirement may be driven by the need to apply policy at the
AC or a legal requirement to support lawful intercept of user traffic.
This requirement could be met in the locally bridged system () if the access router implemented the required
policy. However, in many deployments the operator managing the WTP is
different than the operator managing the Access Router. When the
operators are different, the policy has to be enforced in a tunnel
termination point in the WTP operator's network. The key difference with the locally bridged system is that
the data frames are tunneled to the AC instead of being locally bridged.
There are two shortcomings with the system in . 1) They do not allow the WTP to
tunnel data frames to an endpoint different from the AC and 2) They do
not allow the WTP to tunnel data frames using any encapsulation other
than CAPWAP (as specified in Section 4.4.2 of ). shows a system where the WTP tunnels
data frames to an alternate entity different from the AC. The WTP also
uses an alternate tunnel encapsulation such as L2TP, L2TPv3, IP-in-IP,
IP/GRE, etc. This enables 1) independent scaling of data plane and 2)
leveraging of commonly used tunnel encapsulations such as L2TP, GRE,
etc.The WTP may support widely used encapsulation types such as L2TP,
L2TPv3, IP-in-IP, IP/GRE, etc. The WTP advertises the different
alternate tunnel encapsulation types it can support. The AC configures
one of the advertised types. As shown in the figure there is a CAPWAP
control and data channel between the WTP and AC. The CAPWAP data channel
carries the stations' management traffic as in the case of the locally
bridged system. The main reason to maintain a CAPWAP data channel is to
maintain similarity with the locally bridged system. The WTP maintains
three tunnels: CAPWAP Control, CAPWAP Data, and another alternate tunnel
for the data frames. The data frames are transported by an alternate
tunnel between the WTP and a tunnel termination point such as an Access
Router. This specification describes how the alternate tunnel can be
established. The specification defines message elements for the WTP to
advertise support for alternate tunnel encapsulation, for the AC to
configure alternate tunnel encapsulation, and for the WTP to report
failure of the alternate tunnel.The alternate tunnel encapsulation also supports the third-party WLAN
service provider scenario (i.e. Virtual Network Operator, VNO). Under
this scenario, the WLAN provider owns the WTP and AC resources, while
the VNOs can rent the WTP resources from the WLAN provider for network
access. The AC belonging to the WLAN service provider manages the WTPs
in the centralized mode.As shown in , VNO 1&2 don't possess
the network access resources, however they provide services by acquiring
resources from the WLAN provider. Since a WTP is capable of supporting
up to 16 Service Set Identifiers (SSIDs), the WLAN provider may provide
network access service for different providers with different SSIDs. For
example, SSID1 is advertised by the WTP for VNO1; while SSID2 is
advertised by the WTP for VNO2. Therefore the data traffic from the user
can be directly steered to the corresponding access router of the VNO
who owns that user. As shown in , AC can
notify multiple AR addresses for load balancing or redundancy.The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in .Station (STA): A device that contains an IEEE 802.11 conformant
medium access control (MAC) and physical layer (PHY) interface to the
wireless medium (WM).Access Controller (AC): The network entity that provides WTP access
to the network infrastructure in the data plane, control plane,
management plane, or a combination therein.Access Router (AR): A specialized router usually residing at the
edge or boundary of a network. This router ensures the connectivity of
its network with external networks, a wide area network or the
Internet.Wireless Termination Point (WTP): The physical or network entity
that contains an RF antenna and wireless Physical Layer (PHY) to
transmit and receive station traffic for wireless access networks.CAPWAP Control Channel: A bi-directional flow defined by the AC IP
Address, WTP IP Address, AC control port, WTP control port, and the
transport-layer protocol (UDP or UDP-Lite) over which CAPWAP Control
packets are sent and received.CAPWAP Data Channel: A bi-directional flow defined by the AC IP
Address, WTP IP Address, AC data port, WTP data port, and the
transport-layer protocol (UDP or UDP-Lite) over which CAPWAP Data
packets are sent and received. In certain WTP modes, the CAPWAP Data
Channel only transports IEEE 802.11 management frames and not the data
plane (user traffic).This document was started to accommodate Service Provider's need of
a more flexible deployment mode with alternative tunnels . Experiments and tests have been done for this
alt-tunnel network infrastructure. However important, the deployment
of relevant technology is yet to complete. This experimental document
is intended to serve as an archival record for any future work as to
the operational and deployment requirements.The above example describes how the alternate tunnel encapsulation
may be established. When the WTP joins the AC, it should indicate its
alternate tunnel encapsulation capability. The AC determines whether an
alternate tunnel configuration is required. If an appropriate alternate
tunnel type is selected, then the AC provides the alternate tunnel
encapsulation message element containing the tunnel type and a
tunnel-specific information element. The tunnel-specific information
element, for example, may contain information like the IP address of the
tunnel termination point. The WTP sets up the alternate tunnel using the
alternate tunnel encapsulation message element.Since AC can configure a WTP with more than one AR available for the
WTP to establish the data tunnel(s) for user traffic, it may be useful
for the WTP to communicate the selected AR. To enable this, the IEEE
802.11 WLAN Configuration Response may carry the alternate tunnel
encapsulation message element containing the AR list element
corresponding to the selected AR as shown in .On detecting a tunnel failure, WTP SHALL forward data frames to the
AC and discard the frames. In addition, WTP may dissociate existing
clients and refuse association requests from new clients. Depending on
the implementation and deployment scenario, the AC may choose to
reconfigure the WLAN (on the WTP) to a local bridging mode or to tunnel
frames to the AC. When the WTP detects an alternate tunnel failure, the
WTP informs the AC using a message element, WTP Alternate Tunnel Fail
Indication (defined in this specification). It MAY be carried in the WTP
Event Request message which is defined in .The WTP also needs to notify the AC of which AR(s) are unavailable.
Particularly, in the VNO scenario, the AC of the WLAN service provider
needs to maintain the association of the AR addresses of the VNOs and
SSIDs, and provide this information to the WTP for the purpose of load
balancing or master-slave mode.The message element has a status field that indicates whether the
message denotes reporting a failure or the clearing of the previously
reported failure.For the case where AC is unreachable but the tunnel end point is
still reachable, the WTP behavior is up to the implementation. For
example, the WTP could either choose to tear down the alternate tunnel
or let the existing user's traffic continue to be tunneled.This message element is sent by a WTP to communicate its capability
to support alternate tunnel encapsulations. The message element
contains the following fields:Type: <IANA-1> for Supported Alternate Tunnel
EncapsulationsLength: The length in bytes, two bytes for each Alternative
tunnel type that is includedTunnel-Type: This is identified by value defined in Section
3.2. There may be one or more Tunnel-Types as shows in .This message element can be sent by the AC. This message element
allows the AC to select the alternate tunnel encapsulation. This
message element may be provided along with the IEEE 802.11 Add WLAN
message element. When the message element is present, the following
fields of the IEEE 802.11 Add WLAN element SHALL be set as follows:
MAC mode is set to 0 (Local MAC) and Tunnel Mode is set to 0 (Local
Bridging). Besides, the message element can also be sent by the WTP to
communicate the selected AR(s).The message element contains the following fields:Type: <IANA-2> for Alternate Tunnel Encapsulation
TypeLength: > 4Tunnel-Type: The tunnel type is specified by a 2 byte value.
This specification defines the values from zero (0) to six (6) as
given below. The remaining values are reserved for future
use.0: CAPWAP. This refers to a CAPWAP data channel described
in and .1: L2TP. This refers to tunnel encapsulation described in
.2: L2TPv3. This refers to tunnel encapsulation described in
.3: IP-in-IP. This refers to tunnel encapsulation described
in .4: PMIPv6-UDP. This refers to the UDP tunneling
encapsulation described in .5: GRE. This refers to GRE tunnel encapsulation as
described in .6: GTPv1-U. This refers to GTPv1 user plane mode as
described in .Info Element: This field contains tunnel specific configuration
parameters to enable the WTP to setup the alternate tunnel. This
specification provides details for this elements for CAPWAP,
PMIPv6, and GRE. This specification reserves the tunnel type
values for the key tunnel types and defines the most common
message elements. It is anticipated that message elements for the
other protocols (like L2TPv3, etc.) will be defined in other
specifications in the future.The WTP MAY include the Alternate Tunnel Failure Indication message
in a WTP Event Request message to inform the AC about the status of
the Alternate Tunnel. For the case where WTP establishes data tunnels
with multiple ARs (e.g., under VNO scenario), the WTP needs to notify
the AC of which AR(s) are unavailable. The message element contains
the following fields:Type: <IANA-3> for IEEE 802.11 WTP Alternate Tunnel
Failure IndicationLength: > 4WLAN ID: An 8-bit value specifying the WLAN Identifier. The
value MUST be between one (1) and 16.Status: An 8-bit boolean indicating whether the radio failure
is being reported or cleared. A value of zero is used to clear the
event, while a value of one is used to report the event.Reserved: MUST be set to a value of 0 and MUST be ignored by
the receiver.Access Router Information Element: IPv4 address or IPv6 address
of the Access Router that terminates the alternate tunnel. The
Access Router Information Elements allow the WTP to notify the AC
of which AR(s) are unavailable.If the CAPWAP encapsulation is selected by the AC and configured by
the AC to the WTP, the Info Element field defined in SHOULD contain the following information:Access Router Information: IPv4 address or IPv6 address of the
Access Router for the alternate tunnel.Tunnel DTLS Policy: The CAPWAP protocol allows optional
protection of data packets using DTLS. Use of data packet
protection on a WTP is not mandatory but determined by the
associated AC policy (This is consistent with the WTP behavior
described in ).IEEE 802.11 Tagging Mode Policy: It is used to specify how the
CAPWAP data channel packet are to be tagged for QoS purposes (see
for more details).CAPWAP Transport Protocol: The CAPWAP protocol supports both
UDP and UDP-Lite (see ). When run over
IPv4, UDP is used for the CAPWAP data channels. When run over
IPv6, the CAPWAP data channel may use either UDP or UDP-lite.The message element structure for CAPWAP encapsulation is
shown in :Proxy Mobile IPv6 (PMIPv6) (defined in )
based user plane can also be used as alternate tunnel encapsulation
between the WTP and the AR. In this scenario, a WTP acts as the Mobile
Access Gateway (MAG) function that manages the mobility-related
signaling for a station that is attached to the WTP IEEE 802.11 radio
access. The Local Mobility Anchor (LMA) function is at the AR. If
PMIPv6 UDP encapsulation is selected by the AC and configured by the
AC to a WTP, the Info Element field defined in SHOULD contain the following information:Access Router (acting as LMA) Information: IPv4 or IPv6 address
for the alternate tunnel endpoint. The message element structure for PMIPv6 encapsulation is
shown in :Generic Routing Encapsulation (defined in )
mode based user plane can also be used as alternate tunnel
encapsulation between the WTP and the AR. In this scenario, a WTP and
the access router represent the two end points of the GRE tunnel. If
GRE encapsulation is selected by the AC and configured by the AC to a
WTP, the Info Element field defined in
SHOULD contain the following information:Access Router Information: IPv4 or IPv6 address for the
alternate tunnel endpoint.GRE Key Information: The Key field is intended to be used for
identifying an individual traffic flow within a tunnel .The message element structure for GRE encapsulation is shown
in :This section defines the various elements described in , , and .These information elements can only be included in the Alternate
Tunnel Encapsulations Type message element, and the IEEE 802.11 WTP
Alternate Tunnel Failure Indication message element as their
sub-elements.The Access Router Information Elements allow the AC to notify a WTP
of which AR(s) are available for establishing a data tunnel. The AR
information may be IPv4 address, or IPv6 address.This information
element SHOULD be contained whatever the tunnel type is.If the Alternate Tunnel Encapsulations Type message element is sent
by the WTP to communicate the selected AR(s), this Access Router
Information Element SHOULD be contained.The following are the Access Router Information Elements defined in
this specification. The AC can use one of them to notify the
destination information of the data tunnel to the WTP. The Elements
containing the AR IPv4 address MUST NOT be used if an IPv6 data
channel with IPv6 transport is used.This Element (see ) is used by
the AC to configure a WTP with the AR IPv4 address available for the
WTP to establish the data tunnel for user traffic.Type: 0Length: This refers to the total length in octets of the element
excluding the Type and Length fields.AR IPv4 Address: The IPv4 address of the AR. At least one IPv4
address SHALL be present. Multiple addresses may be provided for
load balancing or redundancy.This Element (see ) is used by
the AC to configure a WTP with the AR IPv6 address available for the
WTP to establish the data tunnel for user traffic.Type: 1Length: This refers to the total length in octets of the element
excluding the Type and Length fields.AR IPv6 Address: The IPv6 address of the AR. At least one IPv6
address SHALL be present. Multiple addresses may be provided for
load balancing or redundancy.The AC distributes its DTLS usage policy for the CAPWAP data tunnel
between a WTP and the AR. There are multiple supported options,
represented by the bit field below as defined in AC Descriptor message
elements. The WTP MUST abide by one of the options for tunneling user
traffic with AR. The Tunnel DTLS Policy Element obeys the definition
in . If, for reliability reasons, the AC has
provided more than one AR address in the Access Router Information
Element, the same Tunnel DTLS Policy (the last one in ) is generally applied for all tunnels associated with
those ARs. Otherwise, Tunnel DTLS Policy MUST be bonded together with
each of the Access Router Information Elements, and the WTP will
enforce the independent tunnel DTLS policy for each tunnel with a
specific AR.Type: 2Length: This refers to the total length in octets of the element
excluding the Type and Length fields.Reserved: A set of reserved bits for future use. All
implementations complying with this protocol MUST set to zero any bits
that are reserved in the version of the protocol supported by that
implementation. Receivers MUST ignore all bits not defined for the
version of the protocol they support.D: DTLS-Enabled Data Channel Supported (see ).C: Clear Text Data Channel Supported (see ).R: A reserved bit for future use (see ).AR Information: This means Access Router Information Element. In
this context, each address in AR information MUST be one of previously
specified AR addresses.The last element having no AR Information in
is the default tunnel DTLS policy, and provides options for any
address not previously mentioned. Therefore, the AR information field
here is optional. If all ARs share the same tunnel DTLS policy, in
this element, there will not be AR information field and its specific
tunnel DTLS policy.In 802.11 networks, IEEE 802.11 Tagging Mode Policy Element is used
to specify how the WTP applies the QoS tagging policy when receiving
the packets from stations on a particular radio. When the WTP sends
out the packet to data channel to the AR(s), the packets have to be
tagged for QoS purposes (see ).The IEEE 802.11 Tagging Mode Policy abides the IEEE 802.11 WTP
Quality of Service defined in Section 6.22 of .If, for reliability reasons, the AC has provided more than one AR
address in the Access Router Information Element, the same IEEE 802.11
Tagging Mode Policy (the last one in ) is
generally applied for all tunnels associated with those ARs.
Otherwise, IEEE 802.11 Tagging Mode Policy MUST be bonded together
with each of the Access Router Information Elements, and the WTP will
enforce the independent IEEE 802.11 Tagging Mode Policy for each
tunnel with a specific AR.Type: 3Length: This refers to the total length in octets of the element
excluding the Type and Length fields.Reserved: A set of reserved bits for future use.P: When set, the WTP is to employ the 802.1p QoS mechanism (see
).Q: When the 'P' bit is set, the 'Q' bit is used by the AC to
communicate to the WTP how 802.1p QoS is to be enforced (see ).D: When set, the WTP is to employ the DSCP QoS mechanism (see ).O: When the 'D' bit is set, the 'O' bit is used by the AC to
communicate to the WTP how DSCP QoS is to be enforced on the outer
(tunneled) header (see ).I: When the 'D' bit is set, the 'I' bit is used by the AC to
communicate to the WTP how DSCP QoS is to be enforced on the station's
packet (inner) header (see ).AR Information: This means Access Router Information Element. In
this context, each address in AR information MUST be one of previously
specified AR addresses.The last element having no AR Information in
is the default IEEE 802.11 Tagging Mode Policy, and provides options
for any address not previously mentioned. Therefore, the AR
information field here is optional. If all ARs share the same IEEE
802.11 Tagging Mode Policy, in this element, there will not be AR
information field and its specific IEEE 802.11 Tagging Mode
Policy.The CAPWAP data tunnel supports both UDP and UDP-Lite (see ). When run over IPv4, UDP is used for the CAPWAP
data channels. When run over IPv6, the CAPWAP data channel may use
either UDP or UDP-lite. The AC specifies and configures the WTP for
which transport protocol is to be used for the CAPWAP data tunnel.The CAPWAP Transport Protocol Element abides the definition in
Section 4.6.14 of .If, for reliability reasons, the AC has provided more than one AR
address in the Access Router Information Element, the same CAPWAP
Transport Protocol (the last one in ) is
generally applied for all tunnels associated with those ARs.
Otherwise, CAPWAP Transport Protocol MUST be bonded together with each
of the Access Router Information Elements, and the WTP will enforce
the independent CAPWAP Transport Protocol for each tunnel with a
specific AR.Type: 4Length: 1Transport: The transport to use for the CAPWAP Data channel. The
following enumerated values are supported:1 - UDP-Lite: The UDP-Lite transport protocol is to be used for the
CAPWAP Data channel. Note that this option MUST NOT be used if the
CAPWAP Control channel is being used over IPv4 and AR address is IPv4
contained in the AR Information Element.2 - UDP: The UDP transport protocol is to be used for the CAPWAP
Data channel.AR Information: This means Access Router Information Element. In
this context, each address in AR information MUST be one of previously
specified AR addresses.The last element having no AR Information in is the default CAPWAP Transport Protocol, and
provides options for any address not previously mentioned. Therefore,
the AR information field here is optional. If all ARs share the same
CAPWAP Transport Protocol, in this element, there will not be AR
information field and its specific CAPWAP Transport Protocol.If a WTP receives the GRE Key Element in the Alternate Tunnel
Encapsulation message element for GRE selection, the WTP MUST insert
the GRE Key to the encapsulation packet (see ). An AR acting as decapsulating tunnel endpoint
identifies packets belonging to a traffic flow based on the Key
value.The GRE Key Element field contains a four octet number defined in
.If, for reliability reasons, the AC has provided more than one AR
address in the Access Router Information Element, a GRE Key Element
MAY be bonded together with each of the Access Router Information
Elements, and the WTP will enforce the independent GRE Key for each
tunnel with a specific AR.Type: 5Length: This refers to the total length in octets of the element
excluding the Type and Length fields.GRE Key: The Key field contains a four octet number which is
inserted by the WTP according to .AR Information: This means Access Router Information Element. In
this context, it SHOULD be restricted to a single address, and MUST be
the address of one of previously specified AR addresses.Any address not explicitly mentioned here does not have a GRE
key.If AC has chosen a tunneling mechanism based on IPv6, it SHOULD
support the minimum IPv6 MTU requirements .
This issue is described in .
AC SHOULD inform the WTP about the IPv6 MTU information in the "Tunnel
Info Element" field.If, for reliability reasons, the AC has provided more than one AR
address in the Access Router Information Element, an IPv6 MTU Element
MAY be bonded together with each of the Access Router Information
Elements, and the WTP will enforce the independent IPv6 MTU for each
tunnel with a specific AR.Type: 6Length: This refers to the total length in octets of the element
excluding the Type and Length fields.Minimum IPv6 MTU: The field contains a two octet number indicate
the minimum IPv6 MTU in the tunnel.AR Information: This means Access Router Information Element. In
this context, each address in AR information MUST be one of previously
specified AR addresses.This document requires the following IANA considerations. <IANA-1>. This specification defines the Supported
Alternate Tunnel Encapsulations Type message element in . This elements needs to be registered in
the existing CAPWAP Message Element Type registry, defined in . The Type value for this element needs to be
between 1 and 1023 (see Section 15.7 in ).<IANA-2>. This specification defines the Alternate Tunnel
Encapsulations Type message element in . This element needs to be registered in the
existing CAPWAP Message Element Type registry, defined in . The Type value for this element needs to be
between 1 and 1023.<IANA-3>. This specification defines the IEEE 802.11 WTP
Alternate Tunnel Failure Indication message element in . This element needs to be registered in
the existing CAPWAP Message Element Type registry, defined in . The Type value for this element needs to be
between 1024 and 2047.Alternate Tunnel-Types Registry: This specification defines the
Alternate Tunnel Encapsulations Type message element. This element
contains a field Tunnel-Type. The namespace for the field is 16 bits
(0-65535). This specification defines values, zero (0) through six
(6) and can be found in . Future
allocations of values in this name space are to be assigned by IANA
using the "Specification Required" policy. IANA needs to create a
registry called CAPWAP Alternate Tunnel-Types. The registry format
is given below. Alternate Tunnel Sub-elements Registry: This specification
defines the Alternate Tunnel Sub-elements. Currently, these
information elements can only be included in the Alternate Tunnel
Encapsulations Type message element, and the IEEE 802.11 WTP
Alternate Tunnel Failure Indication message element as their
sub-elements. These information elements contains a Type field. The
namespace for the field is 16 bits (0-65535). This specification
defines values, zero (0) through six (6) in . This namespace is managed by IANA and
assignments require an Expert Review.This document introduces three new CAPWAP WTP message elements. These
elements are transported within CAPWAP Control messages as the existing
message elements. Therefore, this document does not introduce any new
security risks to the control plane compared to
and . In the data plane, if the encapsulation
type selected itself is not secured, it is suggested to protect the
tunnel by using known secure methods, such as IPSec.The authors would like to thank Andreas Schultz, Hong Liu, Yifan
Chen, Chunju Shao, Li Xue, Jianjie You, Jin Li, Joe Touch, Alexey
Melnikov, Kathleen Moriarty, Mirja Kühlewind, Catherine Meadows,
and Paul Kyzivat for their valuable comments.3rd Generation Partnership Project; Technical Specification
Group Core Network and Terminals; General Packet Radio System (GPRS)
Tunnelling Protocol User Plane (GTPv1-U)