📄 rfc2908.txt
字号:
exclude any addresses which have been or will be allocated by other
MAAS's within its domain.
When a client needs a multicast address, it first needs to decide
what the scope of the intended session should be, and locate a MAAS
capable of allocating addresses within that scope.
To pick a scope, the client will either simply choose a well-known
scope, such as the global scope, or it will enumerate the available
scopes (e.g., by sending a MADCAP query, or by listening to MZAP
messages over time) and allow a user to select one.
Thaler, et al. Informational [Page 9]
RFC 2908 MALLOC Architecture September 2000
Locating a MAAS can be done via a variety of methods, including
manual configuration, using a service location protocol such as SLP
[12], or via a mechanism provided by a Layer 1 protocol itself.
MADCAP, for instance, includes such a facility.
Once the client has chosen a scope and located a MAAS, it then
requests an address in that scope from the MAAS located. Along with
the request it also passes the acceptable range for the lifetimes of
the allocation it desires. For example, if the Layer 1 protocol in
use is MADCAP, the client sends a MADCAP REQUEST message to the MAAS,
and waits for a NAK message or an ACK message containing the
allocated information.
Upon receiving a request from a client, the MAAS then chooses an
unused address in a range for the specified scope, with a lifetime
which both satisfies the acceptable range specified by the client,
and is within the lifetime of the actual range.
The MAAS uses the Layer 2 mechanism/protocol to ensure that such an
address does not clash with any addresses allocated by other MAASs.
For example, if Layer 2 uses manual configuration of non-overlapping
ranges, then this simply consists of adhering to the range configured
in the local MAAS. If, on the other hand, AAP is used at Layer 2 to
provide less address space fragmentation, the MAAS advertises the
proposed allocation domain-wide using AAP. If no clashing AAP claim
is received within a short time interval, then the address is
returned to the client via the Layer 1 protocol/mechanism. If a
clashing claim is received by the MAAS, then it chooses a different
address and tries again. AAP also allows each MAAS to pre-reserve a
small "pool" of addresses for which it need not wait to detect
clashes.
If a domain ever begins to run out of available multicast addresses,
a Prefix Coordinator in that domain uses the Layer 3
protocol/mechanism to acquire more space.
6. Security Considerations
The architecture described herein does not prevent an application
from just sending to or joining a multicast address without
allocating it (just as the same is true for unicast addresses today).
However, there is no guarantee that data for unallocated addresses
will be delivered by the network. That is, routers may drop data for
unallocated addresses if they have some way of checking whether a
destination address has been allocated. For example, if the border
routers of a domain participate in the Layer 2 protocol/mechanism and
cache the set of allocated addresses, then data for unallocated
Thaler, et al. Informational [Page 10]
RFC 2908 MALLOC Architecture September 2000
addresses in a range allocated by that domain can be dropped by
creating multicast forwarding state with an empty outgoing interface
list and/or pruning back the tree branches for those groups.
A malicious application may attempt a denial-of-service attack by
attempting to allocate a large number of addresses, thus attempting
to exhaust the supply of available addresses. Other attacks include
releasing or modifying the allocation of another party. These
attacks can be combatted through the use of authentication with
policy restrictions (such as a maximum number of addresses that can
be allocated by a single party).
Hence, protocols/mechanisms that implement layers of this
architecture should be deployable in a secure fashion. For example,
one should support authentication with policy restrictions, and
should not allow someone unauthorized to release or modify the
allocation of another party.
7. Acknowledgments
Steve Hanna provided valuable feedback on this document. The members
of the MALLOC WG and the MBone community provided the motivation for
this work.
8. References
[1] Meyer, D., "Administratively Scoped IP Multicast", BCP 23, RFC
2365, July 1998.
[2] Mark Handley, "Multicast Session Directories and Address
Allocation", Chapter 6 of PhD Thesis entitled "On Scalable
Multimedia Conferencing Systems", University of London, 1997.
[3] Mark Handley, "An Analysis of Mbone Performance", Chapter 4 of
PhD Thesis entitled "On Scalable Multimedia Conferencing
Systems", University of London, 1997.
[4] Hanna, S., Patel, B. and M. Shah, "Multicast Address Dynamic
Client Allocation Protocol (MADCAP)", RFC 2730, December 1999.
[5] Handley, M. and S. Hanna, "Multicast Address Allocation Protocol
(AAP)", Work in Progress.
[6] Estrin, D., Govindan, R., Handley, M., Kumar, S., Radoslavov, P.
and D. Thaler, "The Multicast Address-Set Claim (MASC)
Protocol", RFC 2909, September 2000.
Thaler, et al. Informational [Page 11]
RFC 2908 MALLOC Architecture September 2000
[7] Deering, S., "Host Extensions for IP Multicasting", STD 5, RFC
1112, August 1989.
[8] Rekhter, Y. and T. Li, "A Border Gateway Protocol 4 (BGP-4)",
RFC 1771, March 1995.
[9] Handley, M., Thaler, D. and R. Kermode, "Multicast-Scope Zone
Announcement Protocol (MZAP)", RFC 2776, February 2000.
[10] Meyer, D. and P. Lothberg, "GLOP Addressing in 233/8", RFC 2770,
February 2000.
[11] Finlayson, R., "Abstract API for Multicast Address Allocation",
RFC 2771, February 2000.
[12] Guttman, E., Perkins, C., Veizades, J. and M. Day, "Service
Location Protocol, Version 2", RFC 2608, June 1999.
[13] Mills, D., "Network Time Protocol (Version 3) Specification,
Implementation and Analysis", RFC 1305, March 1992.
9. Authors' Addresses
Dave Thaler
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
EMail: dthaler@microsoft.com
Mark Handley
AT&T Center for Internet Research at ICSI
1947 Center St, Suite 600
Berkeley, CA 94704
EMail: mjh@aciri.org
Deborah Estrin
Computer Science Dept/ISI
University of Southern California
Los Angeles, CA 90089
EMail: estrin@usc.edu
Thaler, et al. Informational [Page 12]
RFC 2908 MALLOC Architecture September 2000
10. Full Copyright Statement
Copyright (C) The Internet Society (2000). All Rights Reserved.
This document and translations of it may be copied and furnished to
others, and derivative works that comment on or otherwise explain it
or assist in its implementation may be prepared, copied, published
and distributed, in whole or in part, without restriction of any
kind, provided that the above copyright notice and this paragraph are
included on all such copies and derivative works. However, this
document itself may not be modified in any way, such as by removing
the copyright notice or references to the Internet Society or other
Internet organizations, except as needed for the purpose of
developing Internet standards in which case the procedures for
copyrights defined in the Internet Standards process must be
followed, or as required to translate it into languages other than
English.
The limited permissions granted above are perpetual and will not be
revoked by the Internet Society or its successors or assigns.
This document and the information contained herein is provided on an
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Acknowledgement
Funding for the RFC Editor function is currently provided by the
Internet Society.
Thaler, et al. Informational [Page 13]
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -