RFC 2983 (rfc2983) - Page 1 of 14


Differentiated Services and Tunnels



Alternative Format: Original Text Document



Network Working Group                                          D. Black
Request for Comments: 2983                              EMC Corporation
Category: Informational                                    October 2000


                  Differentiated Services and Tunnels

Status of this Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2000).  All Rights Reserved.

Abstract

   This document considers the interaction of Differentiated Services
   (diffserv) (RFC 2474, RFC 2475) with IP tunnels of various forms.
   The discussion of tunnels in the diffserv architecture (RFC 2475)
   provides insufficient guidance to tunnel designers and implementers.
   This document describes two conceptual models for the interaction of
   diffserv with Internet Protocol (IP) tunnels and employs them to
   explore the resulting configurations and combinations of
   functionality.  An important consideration is how and where it is
   appropriate to perform diffserv traffic conditioning in the presence
   of tunnel encapsulation and decapsulation.  A few simple mechanisms
   are also proposed that limit the complexity that tunnels would
   otherwise add to the diffserv traffic conditioning model.  Security
   considerations for IPSec tunnels limit the possible functionality in
   some circumstances.

1. Conventions used in this document

   An IP tunnel encapsulates IP traffic in another IP header as it
   passes through the tunnel; the presence of these two IP headers is a
   defining characteristic of IP tunnels, although there may be
   additional headers inserted between the two IP headers.  The inner IP
   header is that of the original traffic; an outer IP header is
   attached and detached at tunnel endpoints.  In general, intermediate
   network nodes between tunnel endpoints operate solely on the outer IP
   header, and hence diffserv-capable intermediate nodes access and
   modify only the DSCP field in the outer IP header.  The terms
   "tunnel" and "IP tunnel" are used interchangeably in this document.
   For simplicity, this document does not consider tunnels other than IP
   tunnels (i.e., for which there is no encapsulating IP header), such



Black                        Informational