idnits 2.17.00 (12 Aug 2021) /tmp/idnits35107/draft-boucadair-pcp-flow-examples-04.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (March 23, 2015) is 2609 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- == Unused Reference: 'RFC7220' is defined on line 1562, but no explicit reference was found in the text == Unused Reference: 'RFC7225' is defined on line 1565, but no explicit reference was found in the text Summary: 0 errors (**), 0 flaws (~~), 3 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 PCP WG M. Boucadair 3 Internet-Draft France Telecom 4 Intended status: Informational March 23, 2015 5 Expires: September 24, 2015 7 Port Control Protocol (PCP) Flow Examples 8 draft-boucadair-pcp-flow-examples-04 10 Abstract 12 This document provides a set of examples to illustrate Port Control 13 Protocol (PCP) operations. It is a companion document to the base 14 PCP specification. 16 Status of This Memo 18 This Internet-Draft is submitted in full conformance with the 19 provisions of BCP 78 and BCP 79. 21 Internet-Drafts are working documents of the Internet Engineering 22 Task Force (IETF). Note that other groups may also distribute 23 working documents as Internet-Drafts. The list of current Internet- 24 Drafts is at http://datatracker.ietf.org/drafts/current/. 26 Internet-Drafts are draft documents valid for a maximum of six months 27 and may be updated, replaced, or obsoleted by other documents at any 28 time. It is inappropriate to use Internet-Drafts as reference 29 material or to cite them other than as "work in progress." 31 This Internet-Draft will expire on September 24, 2015. 33 Copyright Notice 35 Copyright (c) 2015 IETF Trust and the persons identified as the 36 document authors. All rights reserved. 38 This document is subject to BCP 78 and the IETF Trust's Legal 39 Provisions Relating to IETF Documents 40 (http://trustee.ietf.org/license-info) in effect on the date of 41 publication of this document. Please review these documents 42 carefully, as they describe your rights and restrictions with respect 43 to this document. Code Components extracted from this document must 44 include Simplified BSD License text as described in Section 4.e of 45 the Trust Legal Provisions and are provided without warranty as 46 described in the Simplified BSD License. 48 Table of Contents 50 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 51 2. Basic MAP Operations . . . . . . . . . . . . . . . . . . . . 3 52 2.1. Suggested External Port Honored by the PCP Server . . . . 3 53 2.2. IPv6-enabled PCP Client . . . . . . . . . . . . . . . . . 4 54 2.3. Remove an Existing Mapping . . . . . . . . . . . . . . . 5 55 2.4. Suggested External Port Not Honored by the PCP Server . . 6 56 2.5. Suggested External IP Address . . . . . . . . . . . . . . 7 57 2.6. Create Mapping with Distinct External IP Addresses . . . 8 58 2.7. Mapping Nonce Doesn't Match: Base PCP Specification . . . 11 59 2.8. Mapping Nonce Doesn't Match: Updated Specification . . . 11 60 2.9. PREFER_FAILURE Option: Requested Port is Honored . . . . 12 61 2.10. PREFER_FAILURE Option: Requested Port is not Honored . . 13 62 2.11. Negative Impact of PREFER_FAILURE Option . . . . . . . . 14 63 2.12. Existing Implicit Mapping . . . . . . . . . . . . . . . . 15 64 2.13. Shortening a Mapping Lifetime in the Presence of Client- 65 Originated Traffic . . . . . . . . . . . . . . . . . . . 17 66 2.14. Create a Mapping for All Incoming Traffic of a Given 67 Protocol . . . . . . . . . . . . . . . . . . . . . . . . 17 68 2.15. Create a Mapping for All Protocols . . . . . . . . . . . 18 69 2.16. Malformed Request . . . . . . . . . . . . . . . . . . . . 18 70 2.17. Exceeded Port Quota . . . . . . . . . . . . . . . . . . . 19 71 2.18. Unsupported Address Family . . . . . . . . . . . . . . . 20 72 2.19. Unsupported Protocol . . . . . . . . . . . . . . . . . . 20 73 2.20. Unsolicited MAP Response . . . . . . . . . . . . . . . . 21 74 2.21. Mapping Repair . . . . . . . . . . . . . . . . . . . . . 22 75 3. NAT Detect Example . . . . . . . . . . . . . . . . . . . . . 23 76 4. Retrieve the External IP Address . . . . . . . . . . . . . . 24 77 5. THIRD_PARTY Examples . . . . . . . . . . . . . . . . . . . . 25 78 5.1. THIRD_PARTY Enabled at the Server Side . . . . . . . . . 25 79 5.2. THIRD_PARTY Disabled at the Server Side . . . . . . . . . 26 80 5.3. Malformed Request . . . . . . . . . . . . . . . . . . . . 26 81 6. MAP with FILTER Examples . . . . . . . . . . . . . . . . . . 27 82 6.1. Basic Filter Usage . . . . . . . . . . . . . . . . . . . 27 83 6.2. Remove All Filters . . . . . . . . . . . . . . . . . . . 28 84 6.3. Change an Existing Filter . . . . . . . . . . . . . . . . 29 85 7. Assess the Reachability of the PCP Server . . . . . . . . . . 30 86 8. PEER Operations . . . . . . . . . . . . . . . . . . . . . . . 31 87 8.1. No Mapping Exists for the Internal Port Number . . . . . 31 88 8.2. A Mapping Exists for the External Port Number . . . . . . 32 89 8.3. External IP Address Cannot be Honored . . . . . . . . . . 33 90 8.4. Extend the Lifetime . . . . . . . . . . . . . . . . . . . 34 91 8.5. Learn the Lifetime of a Mapping . . . . . . . . . . . . . 35 92 9. Version Negotiation . . . . . . . . . . . . . . . . . . . . . 36 93 10. Security Considerations . . . . . . . . . . . . . . . . . . . 37 94 11. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 37 95 12. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 37 96 13. References . . . . . . . . . . . . . . . . . . . . . . . . . 37 97 13.1. Normative References . . . . . . . . . . . . . . . . . . 37 98 13.2. Informative References . . . . . . . . . . . . . . . . . 37 99 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 37 101 1. Introduction 103 As a companion document to [RFC6887], this document provides examples 104 to help understanding the PCP machinery and exchanged PCP messages in 105 various usage contexts. 107 For more details about PCP protocol specification, the reader is 108 invited to refer to [RFC6887]. 110 Examples included in this document make use of the IPv4 and IPv6 111 address blocks for documentation purposes defined in [RFC5737] and 112 [RFC3849]. 114 2. Basic MAP Operations 116 The following figure illustrates the messages which are exchanged to 117 create a mapping in a PCP-controlled device with MAP opcode. 119 +------+ +------+ 120 | PCP | | PCP | 121 |Client| |Server| 122 +------+ +------+ 123 | (1) PCP MAP Request | 124 |--------------------------------->| 125 | (2) PCP MAP Response | 126 |<---------------------------------| 127 | | 129 Figure 1: Example of creating a mapping 131 The following sub-sections provide several examples depending on the 132 content of the MAP request and the decision of the PCP server. 134 2.1. Suggested External Port Honored by the PCP Server 136 This example illustrates the content of exchanged PCP messages when 137 the PCP client does not include any PCP Option in its request. In 138 this example, the PCP server assigns the suggested port number. In 139 reference to Figure 1, the content of exchanged PCP messages is as 140 follows: 142 Version: 2 143 R bit: Request (0) 144 opcode: MAP (0x01) 145 Requested Lifetime: 36000 sec 146 PCP client's IP Address: ::ffff:198.51.100.1 147 MAP Request: 148 Mapping Nonce: 15685 149 Protocol: UDP (17) 150 Internal Port: 3938 151 Suggested External Port: 3938 152 Suggested External IP Address: ::ffff:0.0.0.0 154 Figure 2: MAP request (suggested External Port Honored by the PCP 155 Server) 157 Version: 2 158 R bit: Response (1) 159 opcode: MAP (0x01) 160 Result Code: 0 161 Lifetime: 20000 sec 162 Epoch Time: 1250 163 MAP Response: 164 Mapping Nonce: 15685 165 Protocol: UDP (17) 166 Internal Port: 3938 167 Assigned External Port: 3938 168 Assigned External IP Address: ::ffff:192.0.2.1 170 Figure 3: MAP response (suggested External Port Honored by the PCP 171 Server) 173 2.2. IPv6-enabled PCP Client 175 This example illustrates the content of exchanged PCP messages when 176 the PCP client is assigned with an IPv6 address but the remote server 177 controls a NAT44 device. In reference to Figure 1, the content of 178 exchanged PCP messages is as follows: 180 Version: 2 181 R bit: Request (0) 182 opcode: MAP (0x01) 183 Requested Lifetime: 36000 sec 184 PCP client's IP Address: 2001:db8:0:0:1::1 185 MAP Request: 186 Mapping Nonce: 15685 187 Protocol: UDP (17) 188 Internal Port: 3938 189 Suggested External Port: 3938 190 Suggested External IP Address: ::ffff:0.0.0.0 192 Figure 4: MAP request (suggested External Port Honored by the PCP 193 Server) 195 Version: 2 196 R bit: Response (1) 197 opcode: MAP (0x01) 198 Result Code: 0 199 Lifetime: 20000 sec 200 Epoch Time: 1250 201 MAP Response: 202 Mapping Nonce: 15685 203 Protocol: UDP (17) 204 Internal Port: 3938 205 Assigned External Port: 3938 206 Assigned External IP Address: ::ffff:192.0.2.1 208 Figure 5: MAP response (suggested External Port Honored by the PCP 209 Server) 211 2.3. Remove an Existing Mapping 213 This example illustrates the content of exchanged PCP messages when 214 the PCP client request the removal of an existing mapping. 216 Version: 2 217 R bit: Request (0) 218 opcode: MAP (0x01) 219 Requested Lifetime: 0 sec 220 PCP client's IP Address: ::ffff:198.51.100.1 221 MAP Request: 222 Mapping Nonce: 15685 223 Protocol: UDP (17) 224 Internal Port: 3938 225 Suggested External Port: 3938 226 Assigned External IP Address: ::ffff:192.0.2.1 228 Figure 6: MAP request (Remove an Existing Mapping) 230 Version: 2 231 R bit: Response (1) 232 opcode: MAP (0x01) 233 Result Code: 0 234 Lifetime: 0 sec 235 Epoch Time: 1250 236 MAP Response: 237 Mapping Nonce: 15685 238 Protocol: UDP (17) 239 Internal Port: 3938 240 Assigned External Port: 3938 241 Assigned External IP Address: ::ffff:192.0.2.1 243 Figure 7: MAP response (Remove an Existing Mapping) 245 2.4. Suggested External Port Not Honored by the PCP Server 247 This example illustrates the content of exchanged PCP messages when 248 the PCP client does not include any PCP Option in its request. In 249 this example, the PCP server does not assign the suggested external 250 port number. In reference to Figure 1, the content of exchanged PCP 251 messages is as follows: 253 Version: 2 254 R bit: Request (0) 255 opcode: MAP (0x01) 256 Requested Lifetime: 36000 sec 257 PCP client's IP Address: ::ffff:198.51.100.1 258 MAP Request: 259 Mapping Nonce: 15685 260 Protocol: UDP (17) 261 Internal Port: 11000 262 Suggested External Port: 11000 263 Suggested External IP Address: ::ffff:0.0.0.0 265 Figure 8: MAP request (Suggested External Port Not Honored by the PCP 266 Server) 268 Version: 2 269 R bit: Response (1) 270 opcode: MAP (0x01) 271 Result Code: 0 272 Lifetime: 20000 sec 273 Epoch Time: 1250 274 MAP Response: 275 Mapping Nonce: 15685 276 Protocol: UDP (17) 277 Internal Port: 11000 278 Assigned External Port: 15200 279 Assigned External IP Address: ::ffff:192.0.2.1 281 Figure 9: MAP response (Suggested External Port Not Honored by the 282 PCP Server) 284 2.5. Suggested External IP Address 286 This example illustrates the content of exchanged PCP messages when 287 the PCP client does not include any PCP Option in its request. In 288 this example, the PCP client indicates a hinted external IP address 289 honored by the PCP server. In reference to Figure 1, the content of 290 exchanged PCP messages is as follows: 292 Version: 2 293 R bit: Request (0) 294 opcode: MAP (0x01) 295 Requested Lifetime: 36000 sec 296 PCP client's IP Address: ::ffff:198.51.100.1 297 MAP Request: 298 Mapping Nonce: 15685 299 Protocol: UDP (17) 300 Internal Port: 3938 301 Suggested External Port: 3938 302 Suggested External IP Address: ::ffff:192.0.2.1 304 Figure 10: MAP request (Suggested External IP Address) 306 Version: 2 307 R bit: Response (1) 308 opcode: MAP (0x01) 309 Result Code: 0 310 Lifetime: 20000 sec 311 Epoch Time: 1250 312 MAP Response: 313 Mapping Nonce: 15685 314 Protocol: UDP (17) 315 Internal Port: 3938 316 Assigned External Port: 15200 317 Assigned External IP Address: ::ffff:192.0.2.1 319 Figure 11: MAP response (Suggested External IP Address) 321 2.6. Create Mapping with Distinct External IP Addresses 323 Figure 12 shows a PCP server with a pool of public IPv4 addresses 324 (192.0.2/24) and two PCP clients associated with different 325 subscribers. The PCP clients each make a port mapping request to the 326 PCP server which creates the mapping from its 192.0.2/24 pool. 328 +--------+ +------+ +--------+ 329 | PCP | | PCP | | PCP | 330 |Client 1| |Server| |Client 2| 331 +--------+ +------+ +--------+ 332 | (1) PCP MAP Request | | 333 |---------------------------->| | 334 | (2) PCP MAP Response | | 335 |<----------------------------| (a) PCP MAP Request | 336 | |<---------------------------| 337 | | (b) PCP MAP Response | 338 | |--------------------------->| 339 | | | 341 Figure 12: Example of creating mappings with distinct external IP 342 addresses 344 In this example, the PCP clients were mapped to different public 345 addresses as illustrated in the content of the PCP messages listed 346 below. 348 The content of PCP messages exchanged between PCP client 1 and the 349 PCP server is as follows: 351 Version: 2 352 R bit: Request (0) 353 opcode: MAP (0x01) 354 Requested Lifetime: 36000 sec 355 PCP client's IP Address: ::ffff:198.51.100.1 356 MAP Request: 357 Mapping Nonce: 15685 358 Protocol: TCP (6) 359 Internal Port: 15333 360 Suggested External Port: 15333 361 Suggested External IP Address: ::ffff:0.0.0.0 363 Figure 13: MAP request (PCP Client 1) 365 Version: 2 366 R bit: Response (1) 367 opcode: MAP (0x01) 368 Result Code: 0 369 Lifetime: 20000 sec 370 Epoch Time: 1250 371 MAP Response: 372 Mapping Nonce: 15685 373 Protocol: TCP (6) 374 Internal Port: 15333 375 Assigned External Port: 12000 376 Assigned External IP Address: ::ffff:192.0.2.1 378 Figure 14: MAP response (PCP Client 1) 380 The content of PCP messages exchanged between PCP client 2 and the 381 PCP server is as follows: 383 Version: 2 384 R bit: Request (0) 385 opcode: MAP (0x01) 386 Requested Lifetime: 36000 sec 387 PCP client's IP Address: ::ffff:198.51.100.2 388 MAP Request: 389 Mapping Nonce: 59869 390 Protocol: UDP (17) 391 Internal Port: 12000 392 Suggested External Port: 12000 393 Suggested External IP Address: ::ffff:0.0.0.0 395 Figure 15: MAP request (PCP Client 2) 397 Version: 2 398 R bit: Response (1) 399 opcode: MAP (0x01) 400 Result Code: 0 401 Lifetime: 20000 sec 402 Epoch Time: 1250 403 MAP Response: 404 Mapping Nonce: 59869 405 Protocol: UDP (17) 406 Internal Port: 12000 407 Assigned External Port: 6000 408 Assigned External IP Address: ::ffff:192.0.2.2 410 Figure 16: MAP response (PCP Client 2) 412 2.7. Mapping Nonce Doesn't Match: Base PCP Specification 414 CAUTION: The behavior described in this section is obsoleted by 415 [I-D.cheshire-pcp-unsupp-family]. This section records the behavior 416 as initially specified the base PCP specification [RFC6887]. 418 This example illustrates the content of exchanged PCP messages when 419 the PCP client does not include any PCP Option in its request. In 420 this example, the PCP client indicates a distinct Mapping Nonce than 421 the one stored by the PCP server. In reference to Figure 1, the 422 content of exchanged PCP messages is as follows: 424 Version: 2 425 R bit: Request (0) 426 opcode: MAP (0x01) 427 Requested Lifetime: 36000 sec 428 PCP client's IP Address: ::ffff:198.51.100.1 429 MAP Request: 430 Mapping Nonce: 45687 431 Protocol: UDP (17) 432 Internal Port: 3938 433 Suggested External Port: 3938 434 Suggested External IP Address: ::ffff:192.0.2.1 436 Figure 17: MAP request (Mapping Nonce Doesn't Match) 438 Version: 2 439 R bit: Response (1) 440 opcode: MAP (0x01) 441 Result Code: NOT_AUTHORIZED (0x02) 442 Lifetime: 35550 sec 443 Epoch Time: 1300 445 Figure 18: MAP response (Mapping Nonce Doesn't Match) 447 2.8. Mapping Nonce Doesn't Match: Updated Specification 449 Nonce validation checks are problematic in various scenarios as 450 discussed in [I-D.cheshire-pcp-unsupp-family]. As a consequence, the 451 nonce validation checks are relaxed as follows: If operating in the 452 Simple Threat Model (Section 18.1 of the PCP specification 453 [RFC6887]), and the internal port, protocol, internal address, and 454 external address family match an existing explicit dynamic mapping, 455 but the mapping nonce does not match, then the existing mapping is 456 not modified in any way, and a valid PCP reply is returned to the 457 client, using the client-specified nonce, reporting the external 458 address, port, and remaining lifetime of the existing mapping. An 459 example is shown in Figure 19 andFigure 3. 461 The request shown in Figure 19 matches an existing mapping (see 462 Figure 3). Even if the nonce of the exiting mapping does not match 463 the one indicated in the request, a positive answer is returned to 464 the requesting PCP client without any change to the existing mapping. 465 The nonce of the existing mapping (i.e., 15685) is not returned in 466 the response. 468 Version: 2 469 R bit: Request (0) 470 opcode: MAP (0x01) 471 Requested Lifetime: 36000 sec 472 PCP client's IP Address: ::ffff:198.51.100.1 473 MAP Request: 474 Mapping Nonce: 45687 475 Protocol: UDP (17) 476 Internal Port: 3938 477 Suggested External Port: 3938 478 Suggested External IP Address: ::ffff:192.0.2.1 480 Figure 19: MAP request 482 Version: 2 483 R bit: Response (1) 484 opcode: MAP (0x01) 485 Result Code: 0 486 Lifetime: 10000 sec 487 Epoch Time: 3500 488 MAP Response: 489 Mapping Nonce: 45687 490 Protocol: UDP (17) 491 Internal Port: 3938 492 Assigned External Port: 3938 493 Assigned External IP Address: ::ffff:192.0.2.1 495 Figure 20: MAP response 497 2.9. PREFER_FAILURE Option: Requested Port is Honored 499 This flow shows an example of the content of PCP messages that will 500 be exchanged to create a mapping in a PCP-controlled device. In this 501 example, the PCP client indicates a requested external UDP port 502 number and also a PREFER_FAILURE Option. In this example, we suppose 503 the requested port can be honored by the PCP server. In reference to 504 Figure 1, the content of exchanged PCP messages is as follows: 506 Version: 2 507 R bit: Request (0) 508 opcode: MAP (0x01) 509 Requested Lifetime: 36000 sec 510 PCP client's IP Address: ::ffff:198.51.100.1 511 MAP Request: 512 Mapping Nonce: 15685 513 Protocol: UDP (17) 514 Internal Port: 1234 515 Suggested External Port: 12536 516 Suggested External IP Address: ::ffff:0.0.0.0 517 Option Code: PREFER_FAILURE (0x02) Option Length: 0 bytes Data: (NULL) 519 Figure 21: MAP request ( PREFER_FAILURE Option: Requested Port is 520 Honored) 522 Version: 2 523 R bit: Response (1) 524 opcode: MAP (0x01) 525 Result Code: 0 526 Lifetime: 36000 sec 527 Epoch Time: 1250 528 MAP Response: 529 Mapping Nonce: 15685 530 Protocol: UDP (17) 531 Internal Port: 1234 532 Assigned External Port: 12536 533 Assigned External IP Address: ::ffff:192.0.2.1 535 Figure 22: MAP response ( PREFER_FAILURE Option: Requested Port is 536 Honored) 538 2.10. PREFER_FAILURE Option: Requested Port is not Honored 540 This flow shows an example of the content of PCP messages that will 541 be exchanged to create a mapping in a PCP-controlled device. In this 542 example, the PCP client indicates a requested external UDP port 543 number and also a PREFER_FAILURE Option. In this example, we suppose 544 the requested port cannot be honored by the PCP server. In reference 545 to Figure 1, the content of exchanged PCP messages is as follows: 547 Version: 2 548 R bit: Request (0) 549 opcode: MAP (0x01) 550 Requested Lifetime: 36000 sec 551 PCP client's IP Address: ::ffff:198.51.100.1 552 MAP Request: 553 Mapping Nonce: 15685 554 Protocol: UDP (17) 555 Internal Port: 1234 556 Suggested External Port: 1234 557 Suggested External IP Address: ::ffff:0.0.0.0 558 Option Code: PREFER_FAILURE (0x02) Option Length: 0 bytes Data: (NULL) 560 Figure 23: MAP request (PREFER_FAILURE Option: Requested Port is not 561 Honored) 563 Version: 2 564 R bit: Response (1) 565 opcode: MAP (0x01) 566 Result Code: CANNOT_PROVIDE_EXTERNAL (0x11) 567 Lifetime: 1560 sec 568 Epoch Time: 1300 570 Figure 24: MAP response (PREFER_FAILURE Option: Requested Port is not 571 Honored) 573 2.11. Negative Impact of PREFER_FAILURE Option 575 The presence of PREFER_FAILURE option in a request may have negative 576 impact on an application which does not require it. Figure 25 shows 577 two examples: 579 1. With PREFER_FAILURE option: several round trips are needed for 580 the client to retrieve the requested mapping. 581 2. Without PREFER_FAILURE option: the client retrieves a mapping 582 without any extra delay. 584 (1) PREFER_FAILURE Option (2) No PREFER_FAILURE Option 586 +------+ +------+ +------+ +------+ 587 | PCP | | PCP | | PCP | | PCP | 588 |Client| |Server| |Client| |Server| 589 +------+ +------+ +------+ +------+ 590 | PCP MAP Request | | PCP MAP Request | 591 |Suggested External Port=8080| |Suggested External Port=8080| 592 | PREFER_FAILURE | |--------------------------->| 593 |--------------------------->| | | 594 | PCP MAP Response | | PCP MAP Response | 595 | CANNOT_PROVIDE_EXTERNAL | |Assigned External Port=6598 | 596 |<---------------------------| |<---------------------------| 597 | | | TCP SYN | 598 | PCP MAP Request | |--------------------------->| 599 |Suggested External Port=5485| 600 | PREFER_FAILURE | 601 |--------------------------->| 602 | PCP MAP Response | 603 | CANNOT_PROVIDE_EXTERNAL | 604 |<---------------------------| 605 .... 606 | PCP MAP Request | 607 |Suggested External Port=6591| 608 | PREFER_FAILURE | 609 |--------------------------->| 610 | PCP MAP Response | 611 | CANNOT_PROVIDE_EXTERNAL | 612 |<---------------------------| 614 Figure 25: Negative Impact of the mis-usage of PREFER_FAILURE option 616 2.12. Existing Implicit Mapping 618 This example illustrates the content of exchanged PCP messages when 619 the PCP client requests a mapping which matches an existing implicit 620 dynamic mapping (see Figure 26). In this example, the PCP-Controlled 621 device assigns 10000 as external port number when translating the 622 packet from the client having with source port set to 1234. 624 This behavior is specified in Section 11.3 of [RFC6887]. 626 +------+ +------+ 627 | PCP | | PCP | 628 |Client| |Server| 629 +------+ +------+ 630 | (a) TCP SYN(src:1234) | 631 |--------------------------------->| 632 | (1) PCP MAP Request | 633 |--------------------------------->| 634 | (2) PCP MAP Response | 635 |<---------------------------------| 636 | | 638 Figure 26: Example of creating a mapping 640 In reference to Figure 1, the content of exchanged PCP messages is as 641 follows: 643 Version: 2 644 R bit: Request (0) 645 opcode: MAP (0x01) 646 Requested Lifetime: 36000 sec 647 PCP client's IP Address: ::ffff:198.51.100.1 648 MAP Request: 649 Mapping Nonce: 15685 650 Protocol: TCP (0x06) 651 Internal Port: 1234 652 Suggested External Port: 3938 653 Suggested External IP Address: ::ffff:0.0.0.0 655 Figure 27: MAP request (Existing Implicit Mapping) 657 Version: 2 658 R bit: Response (1) 659 opcode: MAP (0x01) 660 Result Code: 0 661 Lifetime: 20000 sec 662 Epoch Time: 1250 663 MAP Response: 664 Mapping Nonce: 15685 665 Protocol: TCP (0x06) 666 Internal Port: 1234 667 Assigned External Port: 10000 668 Assigned External IP Address: ::ffff:192.0.2.1 670 Figure 28: MAP response (Existing Implicit Mapping) 672 2.13. Shortening a Mapping Lifetime in the Presence of Client- 673 Originated Traffic 675 Figure 29 shows an example illustrating the impact of requesting the 676 deletion of a mapping in the presence of traffic originated from the 677 client. In this example, the PCP server does not remove the 678 requested mapping immediately; the returned lifetime is set to the 679 remaining lifetime. 681 This behavior is specified in Section 15 of [RFC6887]. 683 +------+ +---------------------+ 684 | PCP | | PCP server | 685 |Client| |PCP-Controlled Device| 686 +------+ +---------------------+ 687 | | 688 |=========Traffic==================|===========> 689 | PCP MAP Request (Lifetime=0) | 690 |--------------------------------->| 691 | PCP MAP Response (Lifetime= | 692 | remaining idle-timeout) | 693 |<---------------------------------| 694 |<========Traffic==================|<========== 695 | | 697 Figure 29: Shortening a Mapping Lifetime in the Presence of Client- 698 Originated Traffic 700 2.14. Create a Mapping for All Incoming Traffic of a Given Protocol 702 This example illustrates the content of the PCP MAP request to create 703 a mapping for all incoming traffic of a given protocol (UDP is used 704 in this example). 706 Version: 2 707 R bit: Request (0) 708 opcode: MAP (0x01) 709 Requested Lifetime: 36000 sec 710 PCP client's IP Address: ::ffff:198.51.100.1 711 MAP Request: 712 Mapping Nonce: 15685 713 Protocol: UDP (17) 714 Internal Port: 0 715 Suggested External Port: 0 716 Suggested External IP Address: ::ffff:0.0.0.0 718 Figure 30: MAP request (Create a mapping for all incoming traffic of 719 a given protocol) 721 The PCP server may honor the request or reject it by sending 722 UNSUPP_PROTOCOL (0x09) error. 724 2.15. Create a Mapping for All Protocols 726 This example illustrates the content of the PCP MAP request to create 727 a mapping for the traffic of all protocols. 729 Version: 2 730 R bit: Request (0) 731 opcode: MAP (0x01) 732 Requested Lifetime: 36000 sec 733 PCP client's IP Address: ::ffff:198.51.100.1 734 MAP Request: 735 Mapping Nonce: 15685 736 Protocol: ANY (0) 737 Internal Port: 0 738 Suggested External Port: 0 739 Suggested External IP Address: ::ffff:0.0.0.0 741 Figure 31: MAP request (Create a mapping for all protocols) 743 The PCP server may honor the request or reject it by sending 744 UNSUPP_PROTOCOL (0x09) error. 746 2.16. Malformed Request 748 This flow shows an example of the content of PCP messages that will 749 be exchanged when a malformed request is received by the PCP server. 750 In this example, the Protocol field is set to null. 752 Version: 2 753 R bit: Request (0) 754 opcode: MAP (0x01) 755 Requested Lifetime: 36000 sec 756 PCP client's IP Address: ::ffff:198.51.100.1 757 MAP Request: 758 Mapping Nonce: 45698 759 Protocol: ANY (0) 760 Internal Port: 5698 761 Suggested External Port: 3938 762 Suggested External IP Address: ::ffff:0.0.0.0 763 Option Code: PREFER_FAILURE (0x02) Option Length: 0 bytes Data: (NULL) 765 Figure 32: MAP request (Malformed Request) 767 Version: 2 768 R bit: Response (1) 769 opcode: MAP (0x01) 770 Result Code: MALFORMED_REQUEST (0x02) 771 Lifetime: 0 sec 772 Epoch Time: 1300 774 Figure 33: MAP response (Malformed Request) 776 2.17. Exceeded Port Quota 778 This flow shows an example of the content of PCP messages that will 779 be exchanged when a per-user quota is reached. A short lifetime is 780 returned so that the client may retry and see if the request can be 781 honored because another state has been removed. 783 Version: 2 784 R bit: Request (0) 785 opcode: MAP (0x01) 786 Requested Lifetime: 36000 sec 787 PCP client's IP Address: ::ffff:198.51.100.1 788 MAP Request: 789 Mapping Nonce: 45698 790 Protocol: UDP (17) 791 Internal Port: 8695 792 Suggested External Port: 3938 793 Suggested External IP Address: ::ffff:0.0.0.0 794 Option Code: PREFER_FAILURE (0x02) Option Length: 0 bytes Data: (NULL) 796 Figure 34: MAP request (Exceeded Port Quota) 798 Version: 2 799 R bit: Response (1) 800 opcode: MAP (0x01) 801 Result Code: USER_EX_QUOTA (10) 802 Lifetime: 300 sec 803 Epoch Time: 1300 805 Figure 35: MAP response (Exceeded Port Quota) 807 2.18. Unsupported Address Family 809 This flow shows an example of the content of PCP messages that will 810 be exchanged when the requested external address family is not 811 supported by the PCP server. In this example, IPv6 is indicated as 812 the requested AF. The PCP server answers with an UNSUPP_FAMILY (14) 813 error as defined in [I-D.cheshire-pcp-unsupp-family]. 815 Version: 2 816 R bit: Request (0) 817 opcode: MAP (0x01) 818 Requested Lifetime: 36000 sec 819 PCP client's IP Address: ::ffff:198.51.100.1 820 MAP Request: 821 Mapping Nonce: 45698 822 Protocol: UDP (17) 823 Internal Port: 8695 824 Suggested External Port: 3938 825 Suggested External IP Address: :: 827 Figure 36: MAP request (Unsupported Address Family) 829 Version: 2 830 R bit: Response (1) 831 opcode: MAP (0x01) 832 Result Code: UNSUPP_FAMILY (14) 833 Lifetime: 0 sec 834 Epoch Time: 1300 836 Figure 37: MAP response (Unsupported Address Family) 838 2.19. Unsupported Protocol 840 This flow shows an example of the content of PCP messages that will 841 be exchanged when the requested port is not supported by the PCP 842 server. In this example, SCTP is indicated as the requested 843 protocol. 845 Version: 2 846 R bit: Request (0) 847 opcode: MAP (0x01) 848 Requested Lifetime: 36000 sec 849 PCP client's IP Address: ::ffff:198.51.100.1 850 MAP Request: 851 Mapping Nonce: 45698 852 Protocol: SCTP (132) 853 Internal Port: 8695 854 Suggested External Port: 3938 855 Suggested External IP Address: ::ffff:0.0.0.0 857 Figure 38: MAP request (Unsupported Protocol) 859 Version: 2 860 R bit: Response (1) 861 opcode: MAP (0x01) 862 Result Code: UNSUPP_PROTOCOL (9) 863 Lifetime: 0 sec 864 Epoch Time: 1300 866 Figure 39: MAP response (Unsupported Protocol) 868 2.20. Unsolicited MAP Response 870 Suppose the client has instructed a UDP mapping for port 3938 871 (assigned external port is 15000 and assigned external IPv4 address 872 is: 192.0.2.1). Upon a change of a state: e.g., change of the 873 external IP Address, the PCP server issues an unsolicited MAP 874 response. The content of the MAP response sent by the PCP server is 875 shown below. The PCP client is now aware of the new assigned 876 external IP address. 878 Version: 2 879 R bit: Response (1) 880 opcode: MAP (0x01) 881 Result Code: 0 882 Lifetime: 20000 sec 883 Epoch Time: 1250 884 MAP Response: 885 Mapping Nonce: 15685 886 Protocol: TCP (0x06) 887 Internal Port: 1234 888 Assigned External Port: 10000 889 Assigned External IP Address: ::ffff:192.0.2.2 891 Figure 40: Unsolicited MAP Response 893 2.21. Mapping Repair 895 An example of mapping repair is shown in Figure 41. 897 +------+ +------+ 898 | PCP | | PCP | 899 |Client| |Server| 900 +------+ +------+ 901 | (1) PCP ANNOUNCE | 902 |<----------------------------| 903 | (2) PCP MAP REQUEST | 904 |---------------------------->| 905 | (3) PCP MAP RESPONSE | 906 |<----------------------------| 907 | | 909 Figure 41: Flow Example of a PING/PONG exchange: Check the 910 availability of the PCP Server 912 Version: 2 913 R bit: Response (1) 914 opcode: ANNOUNCE (0x00) 915 Result Code: 0 916 Lifetime: 0 sec 917 Epoch Time: 0 919 Figure 42: Unsolicited ANNOUNCE 921 Version: 2 922 R bit: Request (0) 923 opcode: MAP (0x01) 924 Requested Lifetime: 36000 sec 925 PCP client's IP Address: ::ffff:198.51.100.1 926 MAP Request: 927 Mapping Nonce: 15685 928 Protocol: UDP (17) 929 Internal Port: 11000 930 Assigned External Port: 15200 931 Assigned External IP Address: ::ffff:192.0.2.1 933 Figure 43: MAP request (Mapping Repair) 935 Version: 2 936 R bit: Response (1) 937 opcode: MAP (0x01) 938 Result Code: 0 939 Lifetime: 20000 sec 940 Epoch Time: 10 941 MAP Response: 942 Mapping Nonce: 15685 943 Protocol: UDP (17) 944 Internal Port: 11000 945 Assigned External Port: 15200 946 Assigned External IP Address: ::ffff:192.0.2.1 948 Figure 44: MAP response (Mapping Repair) 950 3. NAT Detect Example 952 Let us suppose a PCP-unaware NAT is located between the PCP server 953 and the PCP client. An example of PCP MAP request issued by the PCP 954 client is shown below. 956 Version: 2 957 R bit: Request (0) 958 opcode: MAP (0x01) 959 Requested Lifetime: 36000 sec 960 PCP client's IP Address: ::ffff:198.51.100.1 961 MAP Request: 962 Mapping Nonce: 15685 963 Protocol: UDP (17) 964 Internal Port: 11000 965 Assigned External Port: 15200 966 Assigned External IP Address: ::ffff:0.0.0.0 968 Figure 45: MAP request (NAT Detect) 970 This message will be translated by the PCP-unaware NAT. The source 971 IP address if the resulting message will be another address than 972 198.51.100.1. Upon receipt of this message, the PCP server compares 973 the source IP address and the content of PCP client's IP Address 974 field. Because the two addresses are not equal, the PCP server 975 concludes there is PCP-unaware device in the path. As a result, the 976 PCP server will issue the following error message: 978 Version: 2 979 R bit: Response (1) 980 opcode: MAP (0x01) 981 Result Code: ADDRESS_MISMATCH (12) 982 Lifetime: 0 sec 983 Epoch Time: 36000 985 Figure 46: MAP Response (NAT Detect) 987 This behavior is specified in Section 8.2 of [RFC6887]. 989 4. Retrieve the External IP Address 991 In order to retrieve the IP address used on the external side of the 992 PCP-controlled device, the PCP client sends a short-lived mapping 993 (e.g., Discard service (TCP/9 or UDP/9) or other port). The returned 994 IP address can be displayed by any application requiring such 995 information. 997 Version: 2 998 R bit: Request (0) 999 opcode: MAP (0x01) 1000 Requested Lifetime: 5 sec 1001 PCP client's IP Address: ::ffff:198.51.100.1 1002 MAP Request: 1003 Mapping Nonce: 15685 1004 Protocol: UDP (17) 1005 Internal Port: 9 1006 Suggested External Port: 9 1007 Suggested External IP Address: ::ffff:0.0.0.0 1009 Figure 47: MAP request (Retrieve the External IP Address) 1011 Version: 2 1012 R bit: Response (1) 1013 opcode: MAP (0x01) 1014 Result Code: 0 1015 Lifetime: 60 sec 1016 Epoch Time: 1250 1017 MAP Response: 1018 Mapping Nonce: 15685 1019 Protocol: UDP (17) 1020 Internal Port: 9 1021 Suggested External Port: 9 1022 Assigned External IP Address: ::ffff:192.0.2.1 1024 Figure 48: MAP Response (Retrieve the External IP Address) 1026 This behavior is specified in Section 11.6 of [RFC6887]. 1028 5. THIRD_PARTY Examples 1030 These examples follow the behavior specified in Section 13.1 of 1031 [RFC6887]. 1033 5.1. THIRD_PARTY Enabled at the Server Side 1035 The following messages are exchanged when the THIRD_PARTY option is 1036 enabled in the PCP server side. In this example the PCP client 1037 creates a mapping for the host assigned with 198.51.100.2. 1039 Version: 2 1040 R bit: Request (0) 1041 opcode: MAP (0x01) 1042 Requested Lifetime: 36000 sec 1043 PCP client's IP Address: ::ffff:198.51.100.1 1044 MAP Request: 1045 Mapping Nonce: 16584 1046 Protocol: UDP (17) 1047 Internal Port: 8080 1048 Suggested External Port: 8080 1049 Suggested External IP Address: ::ffff:0.0.0.0 1050 Option Code: THIRD_PARTY (0x01) Option Length: 16 bytes Data: 1051 ::ffff:198.51.100.2 1053 Figure 49: MAP request with THIRD_PARTY 1055 Version: 2 1056 R bit: Response (1) 1057 opcode: MAP (0x01) 1058 Result Code: 0 1059 Lifetime: 20000 sec 1060 Epoch Time: 1250 1061 MAP Response: 1062 Mapping Nonce: 16584 1063 Protocol: UDP (17) 1064 Internal Port: 8080 1065 Assigned External Port: 15000 1066 Assigned External IP Address: ::ffff:161.105.194.14 1067 Option Code: THIRD_PARTY (0x01) Option Length: 16 bytes Data: 1068 ::ffff:198.51.100.2 1070 Figure 50: MAP Response with THIRD_PARTY 1072 5.2. THIRD_PARTY Disabled at the Server Side 1074 The following messages are exchanged when the THIRD_PARTY option is 1075 disabled in the PCP server side. In this example the PCP client 1076 tries to create a mapping for the host assigned with 198.51.100.2. 1078 Version: 2 1079 R bit: Request (0) 1080 opcode: MAP (0x01) 1081 Requested Lifetime: 36000 sec 1082 PCP client's IP Address: ::ffff:198.51.100.1 1083 MAP Request: 1084 Mapping Nonce: 16584 1085 Protocol: UDP (17) 1086 Internal Port: 8080 1087 Suggested External Port: 8080 1088 Suggested External IP Address: ::ffff:0.0.0.0 1089 Option Code: THIRD_PARTY (0x01) Option Length: 16 bytes Data: 1090 ::ffff:198.51.100.2 1092 Figure 51: MAP request with THIRD_PARTY 1094 Version: 2 1095 R bit: Response (1) 1096 opcode: MAP (0x01) 1097 Result Code: UNSUPP_OPTION (0x05) 1098 Lifetime: 0 sec 1099 Epoch Time: 1562 1101 Figure 52: MAP Response with THIRD_PARTY 1103 5.3. Malformed Request 1105 In this example the PCP client inserts a THIRD_PARTY option which 1106 include the IP address of the PCP client. 1108 Version: 2 1109 R bit: Request (0) 1110 opcode: MAP (0x01) 1111 Requested Lifetime: 36000 sec 1112 PCP client's IP Address: ::ffff:198.51.100.1 1113 MAP Request: 1114 Mapping Nonce: 16584 1115 Protocol: UDP (17) 1116 Internal Port: 8080 1117 Suggested External Port: 8080 1118 Suggested External IP Address: ::ffff:0.0.0.0 1119 Option Code: THIRD_PARTY (0x01) Option Length: 16 bytes Data: 1120 ::ffff:198.51.100.1 1122 Figure 53: MAP request with THIRD_PARTY 1124 Version: 2 1125 R bit: Response (1) 1126 opcode: MAP (0x01) 1127 Result Code: MALFORMED_REQUEST (0x03) 1128 Lifetime: 0 sec 1129 Epoch Time: 1562 1131 Figure 54: MAP Response with THIRD_PARTY 1133 6. MAP with FILTER Examples 1135 These examples follow the behavior specified in Section 13.3 of 1136 [RFC6887]. 1138 6.1. Basic Filter Usage 1140 This example illustrates the content of exchanged PCP messages when 1141 the PCP client wants to receive traffic only from 192.0.2.200:5968. 1142 In reference to Figure 1, the content of exchanged PCP messages is as 1143 follows: 1145 Version: 2 1146 R bit: Request (0) 1147 opcode: MAP (0x01) 1148 Requested Lifetime: 36000 sec 1149 PCP client's IP Address: ::ffff:198.51.100.1 1150 MAP Request: 1151 Mapping Nonce: 15685 1152 Protocol: UDP (17) 1153 Internal Port: 3938 1154 Suggested External Port: 3938 1155 Suggested External IP Address: ::ffff:0.0.0.0 1156 Option Code: FILTER (0x03) Option Length: 20 bytes Data: 1157 Prefix Length: 128 1158 Remote Peer Port: 5968 1159 Remote Peer IP Address: ::ffff:192.0.2.200 1161 Figure 55: MAP request (Basic Filter Usage) 1163 Version: 2 1164 R bit: Response (1) 1165 opcode: MAP (0x01) 1166 Result Code: 0 1167 Lifetime: 20000 sec 1168 Epoch Time: 1250 1169 MAP Response: 1170 Mapping Nonce: 15685 1171 Protocol: UDP (17) 1172 Internal Port: 3938 1173 Assigned External Port: 3938 1174 Assigned External IP Address: ::ffff:192.0.2.1 1175 Option Code: FILTER (0x03) Option Length: 20 bytes Data: 1176 Prefix Length: 128 1177 Remote Peer Port: 5968 1178 Remote Peer IP Address: ::ffff:192.0.2.200 1180 Figure 56: MAP Response (Basic Filter Usage) 1182 6.2. Remove All Filters 1184 This example illustrates the content of exchanged PCP messages when 1185 the PCP client wants to remove all filters. In reference to 1186 Figure 1, the content of exchanged PCP messages is as follows: 1188 Version: 2 1189 R bit: Request (0) 1190 opcode: MAP (0x01) 1191 Requested Lifetime: 36000 sec 1192 PCP client's IP Address: ::ffff:198.51.100.1 1193 MAP Request: 1194 Mapping Nonce: 15685 1195 Protocol: UDP (17) 1196 Internal Port: 3938 1197 Suggested External Port: 3938 1198 Suggested External IP Address: ::ffff:0.0.0.0 1199 Option Code: FILTER (0x03) Option Length: 20 bytes Data: 1200 Prefix Length: 0 1201 Remote Peer Port: 0 1202 Remote Peer IP Address: ::ffff:0:0 1204 Figure 57: MAP request (Remove All Filters) 1206 Version: 2 1207 R bit: Response (1) 1208 opcode: MAP (0x01) 1209 Result Code: 0 1210 Lifetime: 20000 sec 1211 Epoch Time: 1250 1212 MAP Response: 1213 Mapping Nonce: 15685 1214 Protocol: UDP (17) 1215 Internal Port: 3938 1216 Assigned External Port: 3938 1217 Assigned External IP Address: ::ffff:192.0.2.1 1218 Option Code: FILTER (0x03) Option Length: 20 bytes Data: 1219 Prefix Length: 0 1220 Remote Peer Port: 0 1221 Remote Peer IP Address: ::ffff:0:0 1223 Figure 58: MAP response (Remove All Filters) 1225 6.3. Change an Existing Filter 1227 This example illustrates the content of exchanged PCP messages when 1228 the PCP client wants to change an existing filter. In reference to 1229 Figure 1, the content of exchanged PCP messages is as follows: 1231 Version: 2 1232 R bit: Request (0) 1233 opcode: MAP (0x01) 1234 Requested Lifetime: 36000 sec 1235 PCP client's IP Address: ::ffff:198.51.100.1 1236 MAP Request: 1237 Mapping Nonce: 15685 1238 Protocol: UDP (17) 1239 Internal Port: 3938 1240 Suggested External Port: 3938 1241 Suggested External IP Address: ::ffff:0.0.0.0 1242 Option Code: FILTER (0x03) Option Length: 20 bytes Data: 1243 Prefix Length: 0 1244 Remote Peer Port: 0 1245 Remote Peer IP Address: ::ffff:0:0 1246 Option Code: FILTER (0x03) Option Length: 20 bytes Data: 1247 Prefix Length: 128 1248 Remote Peer Port: 5968 1249 Remote Peer IP Address: ::ffff:192.0.2.201 1251 Figure 59: MAP request (Change an Existing Filter) 1253 7. Assess the Reachability of the PCP Server 1255 In this example, the PCP client issues a PCP ANNOUNCE request to a 1256 PCP server. Once received by the PCP server, since it is configured 1257 to reply to such request, it sends back a PCP ANNOUNCE response. 1258 This procedure can be used to retrieve the Epoch time. 1260 +------+ +------+ 1261 | PCP | | PCP | 1262 |Client| |Server| 1263 +------+ +------+ 1264 | (1) PCP ANNOUNCE REQUEST | 1265 |---------------------------->| 1266 | (2) PCP ANNOUNCE RESPONSE | 1267 |<----------------------------| 1268 | | 1270 Figure 60: Flow example of a PING/PONG exchange: Check the 1271 availability of the PCP server 1273 Version: 2 1274 R bit: Request (0) 1275 opcode: ANNOUNCE (0x00) 1276 Requested Lifetime: 0 sec 1277 PCP client's IP Address: ::ffff:198.51.100.1 1279 Figure 61: ANNOUNCE request (Assess the Reachability of the PCP 1280 Server) 1282 Version: 2 1283 R bit: Response (1) 1284 opcode: ANNOUNCE (0x00) 1285 Result Code: 0 1286 Lifetime: 0 sec 1287 Epoch Time: 3600 1289 Figure 62: ANNOUNCE response (Assess the Reachability of the PCP 1290 Server) 1292 8. PEER Operations 1294 The following figure illustrates the messages which are exchanged 1295 when PEER opcode is used: 1297 +------+ +------+ 1298 | PCP | | PCP | 1299 |Client| |Server| 1300 +------+ +------+ 1301 | (1) PCP PEER Request | 1302 |--------------------------------->| 1303 | (2) PCP PEER Response | 1304 |<---------------------------------| 1305 | | 1307 Figure 63: Typical usage of PEER message 1309 Examples listed below follow the behavior specified in Section 12.2 1310 and Section 12.3 of [RFC6887]. 1312 8.1. No Mapping Exists for the Internal Port Number 1314 In reference to Figure 63, the content of exchanged PEER messages 1315 when no mapping is maintained by the PCP server for the indicated 1316 external port number: 1318 Version: 2 1319 R bit: Request (0) 1320 opcode: PEER (0x02) 1321 Requested Lifetime: 36000 sec 1322 PCP client's IP Address: ::ffff:198.51.100.1 1323 PEER Request: 1324 Mapping Nonce: 15685 1325 Protocol: UDP (17) 1326 Internal Port: 3938 1327 Suggested External Port: 3938 1328 Suggested External IP Address: ::ffff:0.0.0.0 1329 Remote Peer Port: 12456 1330 Remote IP Address: ::ffff:198.51.100.2 1332 Figure 64: PEER request (No Mapping Exists for the Internal Port 1333 Number) 1335 Version: 2 1336 R bit: Response (1) 1337 opcode: PEER (0x02) 1338 Result Code: 0 1339 Lifetime: 20000 sec 1340 Epoch Time: 1250 1341 PEER Response: 1342 Mapping Nonce: 15685 1343 Protocol: UDP (17) 1344 Internal Port: 3938 1345 Assigned External Port: 3938 1346 Assigned External IP Address: ::ffff:192.0.2.1 1347 Remote Peer Port: 12456 1348 Remote IP Address: ::ffff:198.51.100.2 1350 Figure 65: PEER response (No Mapping Exists for the Internal Port 1351 Number) 1353 8.2. A Mapping Exists for the External Port Number 1355 In reference to Figure 63, the content of exchanged PEER messages 1356 when a mapping is maintained by the PCP server for the indicated 1357 external port number: 1359 Version: 2 1360 R bit: Request (0) 1361 opcode: PEER (0x02) 1362 Requested Lifetime: 36000 sec 1363 PCP client's IP Address: ::ffff:198.51.100.1 1364 PEER Request: 1365 Mapping Nonce: 15685 1366 Protocol: UDP (17) 1367 Internal Port: 3938 1368 Suggested External Port: 3938 1369 Suggested External IP Address: ::ffff:0.0.0.0 1370 Remote Peer Port: 12456 1371 Remote IP Address: ::ffff:198.51.100.2 1373 Figure 66: PEER request (A Mapping Exists for the External Port 1374 Number) 1376 Version: 2 1377 R bit: Response (1) 1378 opcode: PEER (0x02) 1379 Result Code: CANNOT_PROVIDE_EXTERNAL 1380 Lifetime: 0 sec 1381 Epoch Time: 36000 1383 Figure 67: PEER response (A Mapping Exists for the External Port 1384 Number) 1386 8.3. External IP Address Cannot be Honored 1388 In reference to Figure 63, the content of exchanged PEER messages 1389 when the suggested external IP address does not match an existing 1390 mapping is shown below: 1392 Version: 2 1393 R bit: Request (0) 1394 opcode: PEER (0x02) 1395 Requested Lifetime: 36000 sec 1396 PCP client's IP Address: ::ffff:198.51.100.1 1397 PEER Request: 1398 Mapping Nonce: 15685 1399 Protocol: UDP (17) 1400 Internal Port: 3938 1401 Suggested External Port: 3938 1402 Suggested External IP Address: ::ffff:192.0.2.5 1403 Remote Peer Port: 12456 1404 Remote IP Address: ::ffff:198.51.100.2 1406 Figure 68: PEER request (External IP Address Cannot be Honored) 1408 Version: 2 1409 R bit: Response (1) 1410 opcode: PEER (0x02) 1411 Result Code: CANNOT_PROVIDE_EXTERNAL 1412 Lifetime: 0 sec 1413 Epoch Time: 36000 1415 Figure 69: PEER response (External IP Address Cannot be Honored) 1417 8.4. Extend the Lifetime 1419 In reference to Figure 70, the content of exchanged PEER messages to 1420 extend the lifetime of a mapping. 1422 +------+ +------+ 1423 | PCP | | PCP | 1424 |Client| |Server| 1425 +------+ +------+ 1426 | (a) TCP SYN(src:3938) | 1427 |--------------------------------->| 1428 | (1) PCP PEER Request | 1429 |--------------------------------->| 1430 | (2) PCP PEER Response | 1431 |<---------------------------------| 1432 | | 1434 Figure 70: Example of creating a mapping 1436 Version: 2 1437 R bit: Request (0) 1438 opcode: PEER (0x02) 1439 Requested Lifetime: 36000 sec 1440 PCP client's IP Address: ::ffff:198.51.100.1 1441 PEER Request: 1442 Mapping Nonce: 15685 1443 Protocol: TCP (6) 1444 Internal Port: 3938 1445 Suggested External Port: 0 1446 Suggested External IP Address: ::ffff:0.0.0.0 1447 Remote Peer Port: 12456 1448 Remote IP Address: ::ffff:198.51.100.2 1450 Figure 71: PEER request (Extend the Lifetime) 1452 Version: 2 1453 R bit: Response (1) 1454 opcode: PEER (0x02) 1455 Result Code: 0 1456 Lifetime: 20000 sec 1457 Epoch Time: 1250 1458 PEER Response: 1459 Mapping Nonce: 15685 1460 Protocol: TCP (6) 1461 Internal Port: 3938 1462 Assigned External Port: 11000 1463 Assigned External IP Address: ::ffff:192.0.2.1 1464 Remote Peer Port: 12456 1465 Remote IP Address: ::ffff:198.51.100.2 1467 Figure 72: PEER response (Extend the Lifetime) 1469 8.5. Learn the Lifetime of a Mapping 1471 In reference to Figure 70, the content of exchanged PEER messages to 1472 learn the lifetime of a mapping is shown below: 1474 Version: 2 1475 R bit: Request (0) 1476 opcode: PEER (0x02) 1477 Requested Lifetime: 5 sec 1478 PCP client's IP Address: ::ffff:198.51.100.1 1479 PEER Request: 1480 Mapping Nonce: 15685 1481 Protocol: TCP (6) 1482 Internal Port: 3938 1483 Suggested External Port: 0 1484 Suggested External IP Address: ::ffff:0.0.0.0 1485 Remote Peer Port: 12456 1486 Remote IP Address: ::ffff:198.51.100.2 1488 Figure 73: PEER request (Learn the Lifetime of a Mapping) 1490 Version: 2 1491 R bit: Response (1) 1492 opcode: PEER (0x02) 1493 Result Code: 0 1494 Lifetime: 20000 sec 1495 Epoch Time: 1250 1496 PEER Response: 1497 Mapping Nonce: 15685 1498 Protocol: TCP (6) 1499 Internal Port: 3938 1500 Assigned External Port: 11000 1501 Assigned External IP Address: ::ffff:192.0.2.1 1502 Remote Peer Port: 12456 1503 Remote IP Address: ::ffff:198.51.100.2 1505 Figure 74: PEER response (Learn the Lifetime of a Mapping) 1507 9. Version Negotiation 1509 The following exchange occurs between a PCP client that supports PCP 1510 version 1 and the PCP server that supports PCP version 2. 1512 Version: 1 1513 R bit: Request (0) 1514 opcode: MAP (0x01) 1515 Requested Lifetime: 36000 sec 1516 PCP client's IP Address: ::ffff:198.51.100.1 1517 MAP Request: 1518 Protocol: UDP (17) 1519 Internal Port: 3938 1520 Suggested External Port: 3938 1521 Suggested External IP Address: ::ffff:0.0.0.0 1523 Figure 75: MAP request with Version 1 1525 Version: 2 1526 R bit: Response (1) 1527 opcode: MAP (0x01) 1528 Result Code: UNSUPP_VERSION (1) 1529 Lifetime: 0 sec 1530 Epoch Time: 3600 1532 Figure 76: MAP response (Unsupported Version) 1534 Version negotiation is specified in Section 9 of [RFC6887]. 1536 10. Security Considerations 1538 PCP security considerations are discussed in [RFC6887]. 1540 11. IANA Considerations 1542 This document has no IANA actions. 1544 12. Acknowledgements 1546 Many thanks to C. Jacquenet and D. Wing for the comments. 1548 13. References 1550 13.1. Normative References 1552 [RFC3849] Huston, G., Lord, A., and P. Smith, "IPv6 Address Prefix 1553 Reserved for Documentation", RFC 3849, July 2004. 1555 [RFC5737] Arkko, J., Cotton, M., and L. Vegoda, "IPv4 Address Blocks 1556 Reserved for Documentation", RFC 5737, January 2010. 1558 [RFC6887] Wing, D., Cheshire, S., Boucadair, M., Penno, R., and P. 1559 Selkirk, "Port Control Protocol (PCP)", RFC 6887, April 1560 2013. 1562 [RFC7220] Boucadair, M., Penno, R., and D. Wing, "Description Option 1563 for the Port Control Protocol (PCP)", RFC 7220, May 2014. 1565 [RFC7225] Boucadair, M., "Discovering NAT64 IPv6 Prefixes Using the 1566 Port Control Protocol (PCP)", RFC 7225, May 2014. 1568 13.2. Informative References 1570 [I-D.cheshire-pcp-unsupp-family] 1571 Cheshire, S. and S. Perreault, "Updates to the PCP 1572 Specification", draft-cheshire-pcp-unsupp-family-06 (work 1573 in progress), October 2013. 1575 Author's Address 1577 Mohamed Boucadair 1578 France Telecom 1579 Rennes 35000 1580 France 1582 Email: mohamed.boucadair@orange.com