CAPWAP Working Group H. Wen Internet-Draft Alcatel Shanghai Bell Expires: April 14, 2009 S. Jain Alcatel-Lucent October 15, 2008 CAPWAP Station IP Address draft-wen-capwap-station-ip-address-00.txt Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on April 14, 2009. Wen & Jain Expires April 14, 2009 [Page 1] Internet-Draft CAPWAP Station IP Address October 2008 Abstract In Control And Provisioning of Wireless Access Points Protocol, the Access Controller controls whether Wireless Termination Point should forward the traffic for some specified station. This document defines a mew messages elements, IEEE Station IP Address, which are used for better control of station's access in local-MAC mode of CAPWAP. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.1. Conventions used in this document . . . . . . . . . . . . 3 1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 2. CAPWAP Station IP Address. . . . . . . . . . . . . . . . . . . 4 3. Type Value Consideration . . . . . . . . . . . . . . . . . . 5 4. IANA Consideration . . . . . . . . . . . . . . . . . . . . . . 5 5. Security Considerations . . . . . . . . . . . . . . . . . . . 5 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 6 7. References . . . . . . . . . . . . . . . . . . . . . . . . . . 6 7.1. Normative References . . . . . . . . . . . . . . . . . . . 6 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 7 Intellectual Property and Copyright Statements . . . . . . . . . . 8 Wen & Jain Expires April 14, 2009 [Page 2] Internet-Draft CAPWAP Station IP Address October 2008 1. Introduction The Control And Provisioning of Wireless Access Points Protocol (CAPWAP) [I-D.ietf-capwap-protocol-specification] controls a Wireless Termination Point (WTP) whether it should forward the traffic for a station via the Access Controllers (AC) by the following message elements: Add Station, Add MAC ACL Entry, Add Static MAC ACL Entry. In order to avoid IP address anti-spoofing, for any authorized station, the WTP may be informed about the binding between the physical address and the authorized IP address. The AC should notify the binding to the WTP, which is done using CAPWAP Station IP Address message element. 1.1. Conventions used in this document The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119]. 1.2. Terminology This document uses terminology defined in [I-D.ietf-capwap-protocol- specification]. Wen & Jain Expires April 14, 2009 [Page 3] Internet-Draft CAPWAP Station IP Address October 2008 2. CAPWAP Station IP Address The CAPWAP Station IP message element accompanies the Add Station message element, and is used to deliver the IP address of the station from the AC to the WTP. This message element may be present in the station configuration request and used to control station's access to the network avoid IP address spoofing. The latest CAPWAP Station IP Adress message element overrides any previously received message elements. The Station IP Address message element has the format shown in the following figure: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Version| Rsvd | IP address ... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Type: Message_Element_Station_IP_Address (TBD) Version: 4-bit version field. When Version = 4, it means IPv4 address is used; When Version = 6, it means that IPv6 address is used. Rsvd: The 24-bit field is reserved for future use. All implementations MUST set this field to zero. Receivers MUST ignore all bits not defined for the version of the protocol. IP Address: The length of this field is either 4-bye or 16-byte, it depends on the value of Version field. When the version filed indicates that it's in IPv4 environment, IPv4 address allocated to the station is filled in this field. When the version field indicates it's in IPv6 environment, IPv6 address is used. Usage: This message element is used in Station Configuration Request as an optional message element when local-MAC mode is deployed. When this message element is used, it must directly follow Add Station message element. The purpose of this message is to enable WTP to implement the function of IP address anti-spoofing. When the WTP receives Station Configuration Request, its operations related to this message element are as follows: (1) When the WTP finds this message element following an Add Station , it creates the entry of for the IP Wen & Jain Expires April 14, 2009 [Page 4] Internet-Draft CAPWAP Station IP Address October 2008 address anti-spoofing table from the two message elements. (2) If there is no CAPWAP Station IP Address message element directly followed the Add Station, this means that IP address anti-spoofing rule doesn't be applied on this station. When IP address anti-spoofing is deployed in the centralized WLAN system, once the WTP receives the frame from a station, it will check the frame against the table before forwarding it: If (station's present in the table) Pass the frame Else Drop the frame 3. Type Value Consideration The following Message Element type value for CAPWAP Station IP Address message element MUST be assigned by CAPWAP working group: Message Element Value ----------------------------------------------------------- CAPWAP Station IP Address Station_IP_Address 4. IANA Consideration This document has no actions for IANA. 5. Security Considerations There is no more security issue introduced by this message element. Wen & Jain Expires April 14, 2009 [Page 5] Internet-Draft CAPWAP Station IP Address October 2008 6. Acknowledgements The following individuals are acknowledged for their contributions to this draft: Songwei MA. 7. References 7.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [I-D.ietf-capwap-protocol-specification] Calhoun, P., "CAPWAP Protocol Specification", draft-ietf-capwap-protocol-specification-13 (work in progress), September 19, 2008. Wen & Jain Expires April 14, 2009 [Page 6] Internet-Draft CAPWAP Station IP Address October 2008 Author's Address Haibo WEN Alcatel Shanghai Bell Co., Ltd. 388#, NingQiao Road, Pudong Jinqiao Shanghai 201206 P.R. China Phone: +86 (21) 5854-1240, extension. 9273 Email: Haibo.WEN@alcatel-sbell.com.cn Sudhanshu JAIN Alcatel-Lucent 755 Ravendale Dr, Mountain View, CA 94043 Phone: +1 650 623 3329 Email: Sudhanshu.jain@alcatel-lucent.com Wen & Jain Expires April 14, 2009 [Page 7] Internet-Draft CAPWAP Station IP Address October 2008 Full Copyright Statement Copyright (C) The IETF Trust (2008). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Intellectual Property The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org. Wen & Jain Expires April 14, 2009 [Page 8]