[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

QoS selectors (was LAST CALL: IKE)


> Several folks have asked for the ability to place traffic with 
> different TOS values on different SAs, which requires that the TOS 
> field (IPv4) and the flow spec field (IPv6) be useable as selectors. 
> If we agree to add this feature, we need the ability to negootiate 
> this in IKE.

That would be the 6 bit DS Field, as defined in RFC 2780.  The other
two bits in the same header octets are used for ECN and should not be
used as selectors.  There are some subtle issues in QoS specification
across administrative domain boundaries - in full generality, the
DiffServ Code Point (DSCP) values used in the DS Field do not have
global validity or meaning.

It's ok to use DSCPs when the values are only expected to be
meaningful to one end of the connection (e.g., receiver tells
sender to set DSCP to <x> in inner IP header for tunnel mode
SA), or something in the middle can be expected to do the
translation if necessary - the latter does not apply to IKE
for obvious reasons.  For more general negotiation, where both
ends are expected to understand what is being negotiated,
PHBIDs (RFC 3140) are appropriate.

David L. Black, Senior Technologist
EMC Corporation, 176 South St., Hopkinton, MA  01748
+1 (508) 293-7953             FAX: +1 (508) 293-7786
black_david@emc.com        Mobile: +1 (978) 394-7754