rfc942.txt

RFC 相关的技术文档

  five network laboratories in other countries and over twenty computer
  manufacturers.

  The testing methodologies developed at the NBS are well documented,
  and the testing tools themselves are developed with the objective of
  portability in mind.  They are made available to many organizations
  engaged in protocol development and implementations.

 Assisting Users and Manufacturers

  The NBS works directly with government agencies to help them use
  evolving network technologies effectively and apply international and
  government networking standards properly.  When large amounts of
  assistance are required, the NBS provides it under contract.

  Assistance to industry is provided through cooperative research
  efforts and by the availability of NBS testing tools, industry wide
  workshops, and cooperative demonstration projects.  At this time, the
  NBS is working directly with over twenty computer manufacturers in the
  implementation of network protocol standards.



National Research Council                                       [Page 4]

RFC 942                                                    February 1985
Report Transport on Protocols

  Consistent with overall goals, NBS standards developments, research in
  testing methodologies, and technical assistance are characterized by
  direct industry and government
  cooperation and mutual support.

DOD OBJECTIVES

 The DOD has unique needs that could be affected by the Transport and
 Internet Protocol layers.  Although all data networks must have some of
 these capabilities, the DOD's needs for operational readiness,
 mobilization, and war-fighting capabilities are extreme.  These needs
 include the following:

  Survivability--Some networks must function, albeit at reduced
  performance, after many nodes and links have been destroyed.

  Security--Traffic patterns and data must be selectively protected
  through encryption, access control, auditing, and routing.

  Precedence--Systems should adjust the quality ot service on the basis
  of priority of use; this includes a capability to preempt services in
  cases of very high priority.

  Robustness--The system must not fail or suffer much loss of capability
  because of unpredicted situations, unexpected loads, or misuse.  An
  international crisis is the strongest test of robustness, since the
  system must operate immediately and with virtually full performance
  when an international situation flares up unexpectedly.

  Availability--Elements of the system needed for operational readiness
  or fighting must be continuously available.

  Interoperability--Different elements of the Department must be able to
  "talk" to one another, often in unpredicted ways between parties that
  had not planned to interoperate.

 These operational needs reflect themselves into five technical or
 managerial needs:

  1.   Functional and operational specifications (that is, will the
       protocol designs meet the operational needs?);

  2.   Maximum interoperability;

  3.   Minimum procurement, development, and support costs;

  4.   Ease of transition to new protocols; and

  5.   Manageability and responsiveness to changing DOD requirements.

 These are the criteria against which DOD options for using the ISO
 transport and internet protocols should be evaluated.


National Research Council                                       [Page 5]

RFC 942                                                    February 1985
Report Transport on Protocols

 Performance and Functionality

  The performance and functionality of the protocols must provide for
  the many unique operational needs of the DOD.  The following
  paragraphs discuss in some detail both these needs and the ways they
  can impact protocol design.

  Survivability includes protecting assets, hiding them, and duplicating
  them for redundancy.  It also includes endurance--the assurance that
  those assets that do survive can continue to perform in a battle
  environment for as long as needed (generally months rather than
  hours); restoral--the ability to restore some of the damaged assets to
  operating status; and reconstitution--the ability to integrate
  fragmented assets into a surviving and enduring network.

  The DOD feels that an important reason for adopting international and
  commercial standards is that under cases of very widespread damage to
  its own communications networks, it would be able to support DOD
  functions by using those civil communications that survive.  This
  would require interoperability up to the network layer, but neither
  TCP nor TP-4 would be needed.  The committee has not considered the
  extent to which such increased interoperability would increase
  survivability through better restoral and reconstitution.

  Availability is an indication of how reliable the system and its
  components are and how quickly they can be repaired after a failure.
  Availability is also a function of how badly the system has been
  damaged. The DDN objective for system availability in peacetime varies
  according to whether subscribers have access to l or 2 nodes of the
  DDN.  For subscribers having access to only one node of the DDN, the
  objective is that the system be available 99.3 percent of the time,
  that is, the system will be unavailable for no more than 60 hours per
  year.  For subscribers having access to 2 nodes, the objective is that
  the system be available 99.99 percent of the time, that is, the system
  will be unavailable for no more than one hour per year.

  Robustness is a measure of how well the system will operate
  successfully in face of the unexpected.  Robustness attempts to avoid
  or minimize system degradation because of user errors, operator
  errors, unusual load patterns, inadequate interface specifications,
  and so forth.  A well designed and tested system will limit the damage
  caused by incorrect or unspecified inputs to affect only the
  performance of the specific function that is requested.  Since
  protocols are very complex and can be in very many "states",
  robustness is an important consideration in evaluating and
  implementing protocols.

  Security attempts to limit the unauthorized user from gaining both the
  information communicated in the system and the patterns of traffic
  throughout the system.  Security also attempts to prevent spoofing of
  the system:  an agent attempting to appear as a legitimate user,
  insert false traffic, or deny services to users by repeatedly seeking
  system services.

National Research Council                                       [Page 6]

RFC 942                                                    February 1985
Report Transport on Protocols

  Finally, Security is also concerned with making sure that electronic
  measures cannot seriously degrade the system, confuse its performance,
  or cause loss of security in other ways.

  Encryption of communication links is a relatively straightforward
  element of security.  It is widely used, fairly well understood,
  constantly undergoing improvement, and becoming less expensive.  On
  the other hand, computer network security is a much newer field and
  considerably more complex.  The ability of computer network protocols
  to provide security is a very critical issue.  In the past decade much
  has been learned about vulnerability of computer operating systems,
  development of trusted systems, different levels of protection, means
  of proving that security has been achieved, and ways to achieve
  multilevel systems or a compartmented mode.  This is a dynamic field,
  however, and new experience and analysis will probably place new
  requirements on network protocols.

  Crisis-performance needs are a form of global robustness.  The nature
  of a national security crisis is that it is fraught with the
  unexpected.  Unusual patterns of communication traffic emerge.
  Previously unstressed capabilities become critical to national
  leaders.  Individuals and organizations that had not been
  communicating must suddenly have close, secure, and reliable
  communications.  Many users need information that they are not sure
  exists, and if it does, they do not know where it is or how to get it.
  The development of widely deployed, interoperable computer networks
  can provide important new capabilities for a crisis, particularly if
  there is some investment in preplanning, including the higher-level
  protocols that facilitate interoperability.  Presidential directives
  call for this. This will become a major factor in DOD's need for
  interoperability with other federal computer networks.  The DOD, as
  one of the most affected parties, has good reason to be concerned that
  its network protocols will stand the tests of a crisis.

  In addition, there are performance and functionality features that are
  measures of the capability of the network when it is not damaged or
  stressed by unexpected situations.  Performance includes quantifiable
  measures such as time delays, transmission integrity, data rates and
  efficiency, throughput, numbers of users, and other features well
  understood in computer networks.  Equally important is the extent of
  functionality: What jobs will the network do for the user?

  The DDN has established some performance objectives such as end-to-end
  delays for high-precedence and routine traffic, the probability of
  undetected errors, and the probability of misdelivered packets.  Such
  objectives are important to engineer a system soundly.  The DOD must
  place greater emphasis on more complex performance issues such as the
  efficiency with which protocols process and communicate data.

  The DOD has stated a need for an effective and robust system for
  precedence and preemption.  Precedence refers to the ability of the
  system to adaptively allocate network resources so that the network
  performance is related to the importance of the function being

National Research Council                                       [Page 7]

RFC 942                                                    February 1985
Report Transport on Protocols

  performed.  Preemption refers to the ability of the system to remove
  users (at least temporarily) until the needs of the high-priority user
  are satisfied.  The ARPANET environment in which the protocols were
  developed did not emphasize these capabilities, and the current MILNET
  does not function as effectively in this regard as DOD voice
  networks.

  The DOD has also stated a need for connectionless communications and a
  broadcast mode.  In the majority of network protocols, when two of
  more parties communicate, virtual circuits are established between the
  communicating parties.  (For reliability, additional virtual circuits
  may be established to provide an in place backup.)  DOD needs a
  connectionless mode where the message can be transmitted to one or
  more parties without the virtual circuit in order to enhance
  survivability; provide a broadcast capability (one sender to many
  receivers); and handle imagery, sensor data, and speech traffic
  quickly and efficiently.

  If intermediate nodes are destroyed or become otherwise unavailable,
  there is still a chance that the data can be sent via alternate paths.
  The broadcast capability is particularly important in tactical
  situations where many parties must be informed almost simultaneously
  and where the available assets may be disappearing and appearing
  dynamically.  The Department of Defense requires an internetting
  capability whereby different autonomous networks of users can
  communicate with each other.

 Interoperability

  Presidential and DOD directives place a high priority on
  interoperability, which is related to the internetworking previously
  discussed.

  Interoperability is primarily important at two levels:  network access
  and applications.  To achieve interoperability at the level of network
  access,users of backbone communications nets must utilize the same
  lower-level protocols that are utilized by the network.  Generally
  these protocols are layers 1, 2, and 3, up to and including part of
  the IP layer.  In other words, interoperability for network access
  does not depend on either implementation of the transport layer (TP-4
  or TCP) or of all of the internet (IP) layer.  The primary advantages
  of network access interoperability are twofold:

   1.   Significant economies of scale are possible since the various
        users can share the resources of the backbone network including
        hardware, software, and development and support costs.

   2.   Network survivability for all users can be increased
        significantly since the network has high redundancy and, as the
        threat increases, the redundancy can also be increased.

  Interoperability at the applications layer allows compatible users at
  different nodes to talk to each other, that is, to share their data,

National Research Council                                       [Page 8]

RFC 942                                                    February 1985
Report Transport on Protocols

  support each other, and thereby coordinate and strengthen the
  management of forces and other assets.  Interoperability at the
  applications layer can be achieved through the use of specialized
  software that performs those functions of higher-layer protocols (such
  as TCP or TP-4, file transfer, and virtual terminal) that are needed
  by the particular application.  If some of the higher-layer transport
  and utility protocols have been developed for particular hosts or work
  stations, their use greatly reduces development, integration, and
  support costs, although with a potential sacrifice of performance.
  Interoperability at the applications level, that is, full functional
  interoperability, is important to specialized communities of users
  such as the logistics, command and control, or research and
  development communities.  As these different communities utilize the
  DDN, they have the advantages of shared network resources. Within each
  community there is full functional interoperability but generally
  there is much less need for one community to have functional
  interoperability with members of another community.

  The implementation of TCP or TP-4 within network users, but without
  the implementation of higher-level protocols and application
  interoperability, is not generally an immediate step in increasing
  interoperability. It does have these immediate advantages:

   It represents an important step in investing in longer-term
   interoperability.

   It generally represents an economical near-term investment on which
   communities of interest can build their own applications.

   It facilitates the development of devices for general network use
   such as Terminal Access Controllers (TACs).

  Interoperability at the applications level will become increasingly
  important among the following communities:  Worldwide Military Command
  and Control Systems, including systems of subordinate commands;
  Department of Defense Intelligence Information Systems; U.S. tactical
  force headquarters (fixed and mobile); NATO force headquarters; other
  U.S. intelligence agencies; the State Department; and the Federal
  Bureau of Investigation and other security agencies.

  Although interoperability of applications within the DOD has the
  highest priority, it is clear that government wide and international
  interoperability will be an objective with increasing priority.  The
  NATO situation is especially important (6).

  



-----
(6)  Europe has been a major force in the development of ISO standards.
Consistent with this is a NATO commitment to adopt ISO standards so long
as they meet military requirements.

National Research Council                                       [Page 9]

RFC 942                                                    February 1985
Report Transport on Protocols

  In a somewhat longer time period, DOD will want applications
  interoperability with many commercial information services.  As
  interoperable computer networks become more common, processing and
  data services will burgeon in the marketplace.  These will include
  specialized data bases and analytic capabilities that all large
  organizations will need in order to be up-to-date and competitive.

  With regard to interoperability at the network level, DOD will want to
  be able to utilize commercially available networks for both
  survivability and operational effectiveness and economy.  In the case
  of a major war in Europe, for example, the United States would want to
  be able to use surviving PTTs (Postal, Telegraphy, and Telephony
  Ministries) for restoral and reconstitution.  During peacetime there
  will be cases where special DOD needs can be best satisfied with
  commercially available capabilities.

  As technology continues to provide less expensive, smaller, and more
  reliable data processing equipment, computer networks will become
  increasingly prevalent at lower levels of the tactical forces--land,
  air, and sea.  It will be important that these tactical networks be
  capable of interope