Network Working Group M. Boucadair
Internet-Draft France Telecom
Intended status: Standards Track R. Penno
Expires: March 19, 2011 Juniper Networks
D. Wing
Cisco
September 15, 2010
UPnP IGD-PCP Interworking Function
draft-bpw-softwire-upnp-pcp-interworking-01
Abstract
This document specifies the behavior of the UPnP IGD (Internet
Gateway Device)/PCP interworking function. An UPnP IGD-PCP
Interworking function is required to be embedded in CP routers to
allow for transparent NAT control in environments where UPnP is used
in the LAN side and PCP in the external side of the CP router.
Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119].
Status of this Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on March 19, 2011.
Copyright Notice
Copyright (c) 2010 IETF Trust and the persons identified as the
document authors. All rights reserved.
Boucadair, et al. Expires March 19, 2011 [Page 1]
Internet-Draft UPnP IGD-PCP Interworking Function September 2010
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Overall Context . . . . . . . . . . . . . . . . . . . . . 3
1.2. Purpose of this Document . . . . . . . . . . . . . . . . . 3
2. Acronyms . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
3. Architecture Model . . . . . . . . . . . . . . . . . . . . . . 4
4. UPnP IGD-PCP Interworking Function: Overview . . . . . . . . . 6
5. Specification of the IGD-PCP Interworking Function . . . . . . 10
5.1. PCP Server Discovery . . . . . . . . . . . . . . . . . . . 10
5.2. Control of the Firewall . . . . . . . . . . . . . . . . . 11
5.3. NAT Control in LAN Side . . . . . . . . . . . . . . . . . 11
5.4. Port Mapping Tables . . . . . . . . . . . . . . . . . . . 11
5.5. Interworking Function Without NAT in the CP Router . . . . 13
5.6. NAT Embedded in the CP Router . . . . . . . . . . . . . . 13
5.7. Creating a Mapping . . . . . . . . . . . . . . . . . . . . 14
5.8. Listing One or a Set of Mappings . . . . . . . . . . . . . 16
5.9. Delete One or a Set of Mappings . . . . . . . . . . . . . 16
5.10. Mapping Synchronisation . . . . . . . . . . . . . . . . . 17
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 17
7. Security Considerations . . . . . . . . . . . . . . . . . . . 17
8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 17
9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 18
9.1. Normative References . . . . . . . . . . . . . . . . . . . 18
9.2. Informative References . . . . . . . . . . . . . . . . . . 18
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 18
Boucadair, et al. Expires March 19, 2011 [Page 2]
Internet-Draft UPnP IGD-PCP Interworking Function September 2010
1. Introduction
1.1. Overall Context
PCP [I-D.wing-softwire-port-control-protocol] discusses the
implementation of NAT control features that rely upon Provider NAT
devices such as DS-Lite AFTR [I-D.ietf-softwire-dual-stack-lite] or
NAT64 [I-D.ietf-behave-v6v4-xlate-stateful]. Nevertheless, in
environments where UPnP is used in the home LAN, an interworking
function between UPnP IGD and PCP is required to be embedded in the
CP router (an example is illustrated in Figure 1).
UPnP-PCP
UPnP Control Interworking
Point Function PCP Server
| | |
| (1) AddPortMapping | |
|--------------------->| |
| |(2) PCP Map Create Request|
| |------------------------->|
| | |
Figure 1: Flow Example
This specification takes into account the requirements identified in
PCP base document, particularly it avoids chatty exchanges (e.g., in
case of invoking AddPortMapping()) and prevents against overload
phenomena (e.g., avalanche restart). The UPnP IGD-PCP Interworking
Function maintains a local mapping table which stores all active
mappings instructed by internal UPnP Control Points. This design
choice restricts the amount of PCP messages to be exchanged with the
PCP Server.
Triggers for deactivating the UPnP IGD-PCP Interworking Function from
the CP router and relying on a PCP-only mode are out of scope of this
document.
1.2. Purpose of this Document
The objective of this document is to specify a UPnP IGD-PCP
Interworking Function to ensure successful control of PCP-controlled
devices by UPnP Control Points. Two configurations are considered:
o No NAT function is embedded in the CP router. This function is
required for instance in DS-Lite or NAT64 deployments;
o The CP router embeds a NAT function.
Boucadair, et al. Expires March 19, 2011 [Page 3]
Internet-Draft UPnP IGD-PCP Interworking Function September 2010
2. Acronyms
This document make use of the following abbreviations:
o CP router: Customer Premise router
o DS-Lite: Dual-Stack Lite
o IGD: Internet Gateway Device
o IE: Informational Element
o IWF: Interworking Function
o NAT: Network Address Translation
o PCP: Port Control Protocol
o UPnP: Universal Plug and Play
3. Architecture Model
As a reminder, Figure 2 illustrates the architecture model adopted by
UPnP IGD. In Figure 2, the following UPnP terminology is used:
o Client refers to a host located in the local network.
o IGD Control Point is a UPnP control point using UPnP to control an
IGD (Internet Gateway Device).
o Host represents a remote host reachable in the Internet.
Boucadair, et al. Expires March 19, 2011 [Page 4]
Internet-Draft UPnP IGD-PCP Interworking Function September 2010
+-------------+
| IGD Control |
| Point |-----+
+-------------+ | +-----+ +------+
+---| | | |
| IGD |-------| Host |
+---| | | |
+-------------+ | +-----+ +------+
| Client |-----+
+-------------+
Figure 2: UPnP IGD Model
This model is not valid when PCP is used to control a Provider NAT
while internal hosts continue to use UPnP. In such scenarios,
Figure 3 shows the updated model.
+-------------+
| IGD Control |
| Point |-----+
+-------------+ | +-----+ +--------+ +------+
+---| IGD-| |Provider| |Remote|
| PCP |-------| NAT |--<Internet>---| Host |
+---| IWF | | | | |
+-------------+ | +-----+ +--------+ +------+
| Local Host |-----+
+-------------+
LAN Side External Side
<======UPnP IGD==========><======PCP=====>
IWF: Interworking Function
Figure 3: UPnP IGD-PCP Interworking Model
In the updated model depicted in Figure 3, one or two levels of NAT
can be encountered in the data path. Indeed, in addition to the
Provider NAT, the CP router may embed a NAT function (Figure 4).
Boucadair, et al. Expires March 19, 2011 [Page 5]
Internet-Draft UPnP IGD-PCP Interworking Function September 2010
+-------------+
| IGD Control |
| Point |-----+
+-------------+ | +-----+ +----+ +------+
+---| IGD-| | | |Remote|
| PCP |-------|NAT2|--<Internet>---| Host |
+---| IWF | | | | |
+-------------+ | +-----+ +----+ +------+
| Local Host |-----+ NAT1
+-------------+
Figure 4: Cascaded NAT scenario
To ensure a successful interworking between UPnP IGD and PCP, an
interworking function is embedded in the CP router. In the model
defined in Figure 3, all UPnP IGD server-oriented functions, a PCP
Client [I-D.wing-softwire-port-control-protocol] and a UPnP IGD-PCP
Interworking Function are embedded in the CP router (i.e., IGD). In
the rest of the document, IGD-PCP Interworking Function refers to PCP
Client and UPnP IGD-PCP Interworking Function.
UPnP IGD-PCP Interworking Function is responsible for generating a
well-formed PCP (resp., UPnP IGD) message from a received UPnP IGD
(resp., PCP) message.
4. UPnP IGD-PCP Interworking Function: Overview
Table 1 provides the mapping between WANIPConnection parameters and
PCP parameters while Table 2 focuses on the correspondence between
supported methods. Note that some enhancements have been integrated
in WANIPConnection as documented in [IGD2].
In the following table, IE stands for Informational Element. PCP IEs
are defined in the base PCP document.
Boucadair, et al. Expires March 19, 2011 [Page 6]
Internet-Draft UPnP IGD-PCP Interworking Function September 2010
+----------------------------+-----------+--------------------------+
| WANIPConnection | PCP | Comments |
+----------------------------+-----------+--------------------------+
| PortMappingEnabled | NA | When set to 1, this |
| | | parameter MUST NOT be |
| | | reproduced as an |
| | | argument in PCP |
| | | messages. If set to 0, |
| | | this is the default PCP |
| | | mode (no explicit |
| | | indication in PCP |
| | | messages). PCP does not |
| | | support deactivating the |
| | | dynamic NAT mapping |
| | | since the initial goal |
| | | of PCP is to ease the |
| | | traversal of Provider |
| | | NAT. Supporting such |
| | | per-subscriber function |
| | | may overload the |
| | | Provider NAT. |
| --- | | |
| PortMappingLeaseDuration | Requested | PCP recommends 3600s as |
| | Mapping | default value. When |
| | Lifetime | PortMappingLeaseDuration |
| | | is set to 0, a maximum |
| | | lifetime value MAY be |
| | | included in the |
| | | corresponding PCP |
| | | message. PCP allows for |
| | | a maximum value of 65536 |
| | | seconds while UPnP IGD |
| | | allows 604800 seconds |
| | | (i.e., one week) as a |
| | | maximum bound. |
| --- | | |
| ExternalPort | Hinted | PCP does not support |
| | External | explicit wildcard |
| | Port | values. If ExternalPort |
| | Number | is a wildcard value, no |
| | | Hinted External Port |
| | | Number MUST be enclosed |
| | | in the corresponding PCP |
| | | message. |
| --- | | |
| InternalPort | Internal | None. |
| | Port | |
| | Number | |
Boucadair, et al. Expires March 19, 2011 [Page 7]
Internet-Draft UPnP IGD-PCP Interworking Function September 2010
| --- | | |
| PortMappingProtocol | Transport | IGD only supports TCP |
| | Protocol | and UDP. |
| --- | | |
| InternalClient | Internal | InternalClient can be an |
| | IP | IP address or a FQDN. |
| | Address | Only an IP address |
| | | scheme is supported in |
| | | PCP. |
| -- | | |
| ExternalIPAddress | External | |
| | IP | |
| | Address | |
| --- | | |
| PortMappingDescription | NA | Not supported in PCP. |
| | | When present in UPnP IGD |
| | | messages, this parameter |
| | | MUST NOT be propagated |
| | | in the corresponding PCP |
| | | messages. [[NOTE: can |
| | | be added as an optional |
| | | PCP IE]] |
| --- | | |
| RemoteHost | | PCP RECOMMENDS to |
| | | configure the CP |
| | | router's firewall |
| | | instead of overloading |
| | | the Provider NAT. |
| --- | | |
| PossibleConnectionTypes | NA | Out of scope of PCP |
| -- | | |
| ConnectionStatus | NA | Out of scope of PCP |
| -- | | |
| PortMappingNumberOfEntries | NA | Managed locally by the |
| | | UPnP IGD-PCP |
| | | Interworking Function |
| -- | | |
| SystemUpdateID | NA | Managed locally by the |
| | | UPnP IGD-PCP |
| | | Interworking Function |
+----------------------------+-----------+--------------------------+
Table 1: UPnP IGD-PCP: Variables
Boucadair, et al. Expires March 19, 2011 [Page 8]
Internet-Draft UPnP IGD-PCP Interworking Function September 2010
+-----------------------------+-------------+-----------------------+
| WANIPConnection | PCP | Comments |
+-----------------------------+-------------+-----------------------+
| GetGenericPortMappingEntry | PCP does | IGD-PCP Interworking |
| | not support | Function maintains an |
| | yet a | updated list of |
| | method for | active mappings |
| | listing | instantiated in the |
| | active | PCP Server by |
| | mappings | internal hosts (See |
| | | Section 5.8 and |
| | | Section 5.10 for more |
| | | information). |
| --- | | |
| GetSpecificPortMappingEntry | PCP does | Under normal |
| | not support | conditions, the |
| | yet a | IGD-PCP Interworking |
| | method for | Function maintains an |
| | listing | updated list of |
| | active | active mapping as |
| | mappings | instantiated in the |
| | | PCP Server. The |
| | | IGD-PCP Interworking |
| | | Function locally |
| | | handles this request |
| | | and provides back the |
| | | port mapping entry |
| | | based on the |
| | | ExternalPort, the |
| | | PortMappingProtocol, |
| | | and the RemoteHost. |
| --- | | |
| AddPortMapping | PINxy | We recommend the use |
| | | of |
| | | AddAnyPortMapping() |
| | | instead of |
| | | AddPortMapping(). |
| | | Refer to |
| | | Section 5.7.2 for |
| | | more details if |
| | | AddPorMapping() is |
| | | used. |
| --- | | |
| DeletePortMapping | PINxy with | None. |
| | a lifetime | |
| | positioned | |
| | to 0 | |
| --- | | |
Boucadair, et al. Expires March 19, 2011 [Page 9]
Internet-Draft UPnP IGD-PCP Interworking Function September 2010
| GetExternalIPAddress | [Open | |
| | discussion: | |
| | PCP does | |
| | not support | |
| | yet a | |
| | method for | |
| | retrieving | |
| | the | |
| | external IP | |
| | address] | |
| --- | | |
| DeletePortMappingRange() | PINxy with | A range of port |
| | a lifetime | numbers can be |
| | positioned | included in a PCP |
| | to 0 | request to delete |
| | | mappings |
| --- | | |
| GetListOfPortMappings() | PCP does | |
| | not support | |
| | yet a | |
| | method for | |
| | listing | |
| | active | |
| | mappings | |
| --- | | |
| AddAnyPortMapping() | PINxy | No issue is |
| | | encountered to proxy |
| | | this request to the |
| | | PCP Server. |
+-----------------------------+-------------+-----------------------+
Table 2: IGD-PCP: Methods
[NOTE: Add IGD-PCP error table]
5. Specification of the IGD-PCP Interworking Function
This section covers the scenarios with or without NAT in the CP
router.
5.1. PCP Server Discovery
The IGD-PCP Interworking Function implements one of the discovery
methods identified in [I-D.wing-softwire-port-control-protocol]
(e.g., DHCP [I-D.bpw-softwire-pcp-dhcp]). The IGD-PCP Interworking
Function behaves as a PCP Client when communicating with the
provisioned PCP Server.
Boucadair, et al. Expires March 19, 2011 [Page 10]
Internet-Draft UPnP IGD-PCP Interworking Function September 2010
When the IGD-PCP Interworking Function encounters reachability
problems (e.g., failure to retrieve an IP address of the PCP Server,
routing issue, etc.) to reach a PCP Server, and if an IP address has
been successfully assigned to the external interface of the device
embedding the IGD-PCP Interworking Function, IGD-PCP Interworking
Function MUST NOT be invoked. Indeed, UPnP machinery is used to
control that device.
Once the PCP Sever is reachable, the IGD-PCP Interworking Function
MUST synchronise its states as specified in Section 5.10.
5.2. Control of the Firewall
In order to configure security policies to be applied to inbound and
outbound traffic, UPnP IGD can be used to control a local firewall
engine.
No IGD-PCP Interworking Function is therefore required for that
purpose.
5.3. NAT Control in LAN Side
Internal UPnP Control Points are not aware of the presence of the
IGD-PCP Interworking Function in the CP router (IGD). Especially,
UPnP Control Points MUST NOT be aware of the deactivation of the NAT
in the CP router.
No modification is required in the UPnP Control Point.
5.4. Port Mapping Tables
IGD-PCP Interworking Function MUST store locally all the mappings
instantiated by internal UPnP Control Points in the PCP Server. Port
Forwarding mappings SHOULD be stored in a permanent storage. If not,
upon reset or reboot, the IGD-PCP Interworking Function MUST
synchronise its states as specified in Section 5.10.
Upon receipt of a PCP PINxy Response from the PCP Server, the IGD-PCP
Interworking Function MUST retrieve the enclosed mapping(s) and MUST
store it in the local mapping table. The local mapping table is an
image of the mapping table as maintained by the PCP Server for a
given subscriber.
In case a NAT function is enabled in the CP router, the following
sub-section describes the structure of the NAT table.
Boucadair, et al. Expires March 19, 2011 [Page 11]
Internet-Draft UPnP IGD-PCP Interworking Function September 2010
5.4.1. Structure of CP Router NAT Table
In order to behave in a multi-levels of NAT, the NAT mapping table of
the CP router should be structured appropriately. All required
information to handle incoming packets must be stored locally. The
IGD-PCP Interworking Function MUST be able to notify the external
reachability information, as assigned by the last NAT in the chain,
to the requesting UPnP Control Point.
When two levels of NAT are present, the following information MUST be
stored in the NAT mapping table of the first NAT:
o Internal IP address: the IP address of a host as assigned in the
LAN;
o Internal port number: the port number used by a host;
o Local IP address: the IP address assigned by the first NAT upon
receipt of a mapping request. This address is bound to the
external interface of the first NAT. This address is maintained
by the second NAT as being the internal IP address of the
requesting PCP Client (i.e., IGD-PCP Interworking Function);
o Local port number: the port number assigned by the first NAT.
This port number is maintained by the second NAT as being the
internal port number of the requesting PCP Client;
o External IP address: the IP address assigned by the second NAT.
Under normal conditions, this is the address which MUST be
communicated by the IGD-PCP Interworking Function to the
requesting UPnP Control Point;
o External port number: the port number allocated by the second NAT.
Under normal conditions, this is the port number which MUST be
communicated by the IGD-PCP Interworking Function to the
requesting UPnP Control Point.
For illustration purposes, let consider a host requesting a mapping
for (Internal IP address=IP1, Internal port number=P1). This mapping
request is received by the first level of NAT which assigns a local
mapping corresponding to (IP2, P2), a PCP mapping request is then
generated and sent to the second NAT which returns (IP3, P3) as the
external reachability information for that request.
o The first NAT, updates its mapping table with the full entry which
includes ((IP1, P1), (IP2, P2), (IP3, P3)).
Boucadair, et al. Expires March 19, 2011 [Page 12]
Internet-Draft UPnP IGD-PCP Interworking Function September 2010
o The first NAT communicates to the requesting UPnP Control Point
its external reachability information as assigned by the PCP
Server: (IP3, P3).
o The second NAT maintains a mapping entry which includes ((IP2,
P2), (IP3, P3)).
o Upon receipt of a datagrams matching this mapping, the second NAT
undertakes a NAPT operation which corresponds to translating (IP3,
P3) into (IP2, P2).
o Upon receipt of a datagrams matching this mapping, the first NAT
undertakes a NAPT operation which corresponds to translating (IP2,
P2) into (IP1, P1).
5.5. Interworking Function Without NAT in the CP Router
When no NAT is embedded in the CP router, the content of received
WANIPConnection and PCP messages is not altered by the IGD-PCP
Interworking Function (i.e., the content of WANIPConnection messages
are copied to the PCP messages (and vice versa) according to
Table 1).
5.6. NAT Embedded in the CP Router
Unlike the scenario with one level of NAT (Section 5.5), the IGD-PCP
Interworking Function MUST update their content of received mapping
messages with the IP address and/or port number belonging to the
external interface of the CP router (i.e., after the NAT1 operation
in Figure 4) and not as initially positioned by the UPnP Control
Point.
All WANIPConnection messages issued by the UPnP Control Point (resp.,
PCP Server) are intercepted by the IGD-PCP Interworking Function.
Then, the corresponding messages (see Table 1 and Table 2) are
generated by the IGD-PCP Interworking Function and sent to the
provisioned PCP Server (resp., corresponding UPnP Control Point).
The content of PCP messages received by the PCP Server reflects the
mapping information as enforced in the first NAT. In particular, the
internal IP address and/or port number of the requests are replaced
with the IP address and port number as assigned by the NAT of the CP
router. For the reverse path, PCP response messages are intercepted
by the IGD-PCP Interworking Function. The content of the
corresponding WANIPConnection messages are updated:
o The internal IP address and/or port number as initially positioned
by the UPnP Control Point and stored in the CP router NAT are used
to update the corresponding fields in received PCP responses.
Boucadair, et al. Expires March 19, 2011 [Page 13]
Internet-Draft UPnP IGD-PCP Interworking Function September 2010
o The external IP and port number are not altered by the IGD-PCP
Interworking Function.
o The NAT mapping entry in the first NAT is updated with the result
of PCP request.
The lifetime of the mappings instantiated in all involved NATs SHOULD
be the one assigned by the terminating PCP Server. In any case, the
lifetime MUST be lower or equal to the one assigned by the
terminating PCP Server.
[[ NOTE:
Do we need to indicate somehow that some flows are not meant to exit
a local domain and then there is no need to instantiate a mapping in
the upstream NAT?
A flow has local (private) significance, Internet-only significance
or both.
* In the case of private-only significance, UPnP provides a mapping
on its own.
* In the case of Internet-only, without a PCP server, the UPnP side
can deny the request
* In the case of both, without a PCP server, UPnP still provides a
mapping. Synch procedure is needed after PCP Server is reachable.
The open question is that we lack a mechanism to determine the
significance (possibly out of scope). If there is a mechanism the
rules above can be followed. Without a mechanism if PCP Client is
enabled but PCP Server in unreachable, UPnP should always return a
mapping and synch later. ]]
5.7. Creating a Mapping
Two methods can be used to create a mapping: AddPortMapping() or
AddAnyPortMapping(). AddAnyPortMapping() is the RECOMMENDED method.
5.7.1. AddAnyPortMapping()
When an UPnP Control Point issues a AddAnyPortMapping(), this request
is received by the UPnP Server. This request is then relayed to the
IGD-PCP Interworking Function which generates a PCP PINxy Request
(see Table 1 for mapping between WANIPConnection and PCP parameters).
Upon receipt of PCP PINxy Response from the PCP Server, an XML
mapping is returned to the requesting UPnP Control Point (the content
Boucadair, et al. Expires March 19, 2011 [Page 14]
Internet-Draft UPnP IGD-PCP Interworking Function September 2010
of the messages follows the recommendations listed in Section 5.6 or
Section 5.5 according to the deployed scenario).
If a PCP Error is received from the PCP Server, a corresponding
WANIPConnection error code is generated by the IGD-PCP Interworking
Function and sent to the requesting UPnP Control Point.
5.7.2. AddPortMapping()
Upon receipt of AddPortMapping() from an UPnP Control Point, the IGD-
PCP Interworking Function first checks if the requested external port
number is not used by another Internal UPnP Control Point. In case a
mapping bound to the requested external port number is found in the
local table, the IGD-PCP Interworking Function MUST send back an
error to the requesting UPnP Control Point. This exchange is re-
iterated until an external port number that is not in use is
requested by the UPnP Control Point. Then, the IGD-PCP Interworking
Function generates a PCP PINxy Request with all requested mapping
information as indicated by the UPnP Control Point if no NAT is
embedded in the CP router or updated as specified in Section 5.6. A
shortened requested lifetime SHOULD be used by the IGD-PCP
Interworking Function when generating the corresponding request to
the PCP Server (this is motivated by port usage optimisation needs).
Once received by the PCP Server, a PCP PINxy Response or a PCP Error
MUST be issued. In case a positive answer from the PCP Server is
received by the IGD-PCP Interworking Function, the returned mapping
MAY be different from the one requested by the UPnP Control Point.
The returned mapping MUST be stored by the IGD-PCP Interworking
Function in its local mapping table.
o If the returned mapping matches the mapping requested by the UPnP
Control Point, a positive answer MUST be sent to the requesting
UPnP Control Point. This answer terminates this exchange;
o If not, the IGD-PCP Interworking Function uses the stored mapping
as the only valid candidate to reply to any subsequent-related
request from the same UPnP Control Point pointing to the same
internal Client. Especially, no PCP message related to this
mapping request MUST be relayed to the PCP Server until that
mapping expires.
* If the UPnP Control Point succeeds to retrieve the mapping from
the IGD-PCP Interworking Function, the UPnP Control Point
should refresh the mapping if the mapping is still in use.
* The IGD-PCP Interworking Function SHOULD delete the mapping in
the PCP Server if the UPnP Control Point abandoned to create a
mapping for the same internal port number and IP address (a
Boucadair, et al. Expires March 19, 2011 [Page 15]
Internet-Draft UPnP IGD-PCP Interworking Function September 2010
timer can be defined for this purpose). If no explicit delete
request is sent by the IGD-PCP Interworking Function, the
corresponding mapping MUST be dropped by the PCP Server upon
expiration of the lifetime.
5.8. Listing One or a Set of Mappings
In order to list active mappings, an UPnP Control Point may issue
GetGenericPortMappingEntry(), GetSpecificPortMappingEntry() or
GetListOfPortMappings().
These methods MUST NOT be proxied to the PCP Server since a local
mapping is maintained by the IGD-PCP Interworking Function.
5.9. Delete One or a Set of Mappings
An UPnP Control Point proceeds to the deletion of one or a list of
mappings by issuing DeletePortMapping() or DeletePortMappingRange().
When one of these messages is received by the IGD-PCP Interworking
Function, it first checks if the requested mapping to be removed is
present in the local mapping table.
o If no mapping matching the request is found in the local table, an
error is sent back to the UPnP Control Point;
o Otherwise, PCP PINxy delete request is generated taking into
account the input arguments
* as included in DeletePortMapping() or DeletePortMappingRange()
if no NAT is enabled in the CP router;
* or the corresponding local IP address and port number as
assigned by the local NAT if a NAT is enabled in the CP router.
o Once received by the PCP Server, it proceeds to removing the
corresponding entry(ies), a PCP PINxy Delete Response is sent back
if the removal of the corresponding entry(ies) was successful; if
not, a PCP Error is sent back to the IGD-PCP Interworking Function
including the corresponding error cause (e.g., not authorised).
When a positive answer is received from the PCP Server, the IGD-PCP
Interworking Function updates its local mapping table (i.e., remove
the corresponding entry(ies)) and notifies the UPnP Control Point
about the result of the removal operation.
Boucadair, et al. Expires March 19, 2011 [Page 16]
Internet-Draft UPnP IGD-PCP Interworking Function September 2010
5.10. Mapping Synchronisation
[[Note: This section needs further discussion among authors]]
Under normal conditions, since a valid copy of the mapping table is
stored locally in the CP router, the IGD-PCP Interworking Function
SHOULD NOT issue any subsequent PCP request to handle a request
received from an UPnP Control Point to list active mappings.
Nevertheless, in case of loss of synchronisation (e.g., reboot,
system crashes, power outage, etc.), the IGD-PCP Interworking
Function SHOULD generate a PCP Map List Request to retrieve all
active mappings in the PCP Server and update its local mapping table
without waiting for an explicit request from a UPnP Control Point.
Doing so, the IGD-PCP Interworking Function maintains an updated
mapping table.
In case of massive reboot of CP routers (e.g., avalanche restart
phenomenon), PCP request bursts SHOULD be avoided. For this aim, we
recommend the use of a given timer denoted as PCP_SERVICE_WAIT. This
timer can be pre-configured in the CP router or to be provisioned
using a dedicated means such as DHCP (See Section 3.3 of
[I-D.bpw-softwire-pcp-dhcp]). Upon reboot of the CP router, PCP
messages SHOULD NOT be sent immediately. A random value is selected
between 0 and PCP_SERVICE_WAIT. This value is referred to as
RAND(PCP_SERVICE_WAIT). Upon the expiration of
RAND(PCP_SERVICE_WAIT), the CP router SHOULD proceed to its
synchronisation operations (i.e., retrieve all active mappings which
have been instructed by internal UPnP Control Point(s)).
6. IANA Considerations
This document makes no request of IANA.
Note to RFC Editor: this section may be removed on publication as an
RFC.
7. Security Considerations
This document does not introduce any new security consideration
compared to what is elaborated in
[I-D.wing-softwire-port-control-protocol] and [Sec_DCP].
8. Acknowledgements
Authors would like to thank F. Fontaine and C. Jacquenet for their
Boucadair, et al. Expires March 19, 2011 [Page 17]
Internet-Draft UPnP IGD-PCP Interworking Function September 2010
review and comments.
9. References
9.1. Normative References
[I-D.wing-softwire-port-control-protocol]
Wing, D., Penno, R., and M. Boucadair, "Pinhole Control
Protocol (PCP)",
draft-wing-softwire-port-control-protocol-02 (work in
progress), July 2010.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
9.2. Informative References
[I-D.bpw-softwire-pcp-dhcp]
Boucadair, M., Penno, R., and D. Wing, "DHCP and DHCPv6
Options for Port Control Protocol (PCP)",
draft-bpw-softwire-pcp-dhcp-01 (work in progress),
May 2010.
[I-D.ietf-behave-v6v4-xlate-stateful]
Bagnulo, M., Matthews, P., and I. Beijnum, "Stateful
NAT64: Network Address and Protocol Translation from IPv6
Clients to IPv4 Servers",
draft-ietf-behave-v6v4-xlate-stateful-12 (work in
progress), July 2010.
[I-D.ietf-softwire-dual-stack-lite]
Durand, A., Droms, R., Woodyatt, J., and Y. Lee, "Dual-
Stack Lite Broadband Deployments Following IPv4
Exhaustion", draft-ietf-softwire-dual-stack-lite-06 (work
in progress), August 2010.
[IGD2] UPnP Forum, "UPnP IGD1 vs. IGD2 (http://www.upnp.org/
resources/documents/UPnPIGDv2vsIGDv1_20100412.pdf)",
March 2010.
[Sec_DCP] UPnP Forum, "Device Protection:1", November 2009.
Boucadair, et al. Expires March 19, 2011 [Page 18]
Internet-Draft UPnP IGD-PCP Interworking Function September 2010
Authors' Addresses
Mohamed Boucadair
France Telecom
Rennes, 35000
France
Email: mohamed.boucadair@orange-ftgroup.com
Reinaldo Penno
Juniper Networks
1194 N Mathilda Avenue
Sunnyvale, California 94089
USA
Email: rpenno@juniper.net
Dan Wing
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134
USA
Email: dwing@cisco.com
Boucadair, et al. Expires March 19, 2011 [Page 19]