Internet Area John Veizades Internet Draft Apple Computer, Inc. March 1992 The Transmission of Internet Packets Over AppleTalk Networks Status of this Memo This document describes a protocol, called MacIP, that is used to transport IP datagrams on AppleTalk networks. This protocol was developed in order to connect Macintosh computers on AppleTalk networks to hosts on TCP/IP networks. Using the AppleTalk network layer protocol, IP datagrams can be transmitted through AppleTalk networks to gateways that decapsulate the IP datagrams and act as front-end protocol processors for Macintosh hosts on AppleTalk internets. This protocol is elective but is required by all hosts that encapsulate IP datagrams over AppleTalk networks. Distribution of this memo is unlimited Introduction Macintosh computers historically have been equipped with a built-in network connector to LocalTalk, Apple's medium speed network specification, and software that implements the AppleTalk protocols. To enable AppleTalk clients to connect to the Internet, software was written that encapsulates IP datagrams in DDP packets (the Datagram Delivery Protocol, DDP, is AppleTalk's network layer protocol). Gateways were designed to forward these encapsulated packets from AppleTalk to Ethernet networks. The protocol that was used to accomplish these tasks was documented in the code and placed in the public domain. Several developers have made this functionality commercially available. Terminology Some of the AppleTalk terms that will be used in this document are described below. Refer to [1] for more comprehensive explanations. Name Binding Protocol (NBP) - The transport-level protocol that translates a character string name into the internet address of the corresponding socket client. Apple Transaction Protocol (ATP) - A transport protocol that ensures the loss-free delivery of DDP client packets from source to destination. Datagram Delivery Protocol (DDP) - The network-layer protocol that is responsible for the socket-to-socket delivery of datagrams over an AppleTalk internet. MacIP - A method for encapsulation of IP packets in AppleTalk DDP for Veizades [Page 1] Internet Draft MacIP March 1992 transport over AppleTalk internets, client address assignment service, and proxy ARP service for AppleTalk supported hosts. Architecture MacIP provides three services: 1) it assigns and allocates IP addresses for hosts in an AppleTalk internet, 2) it allows for the tunneling of IP datagrams from an AppleTalk internet to a TCP/IP internet and 3) it proxy ARPs for AppleTalk supported hosts on the IP internet. MacIP was developed because a TCP/IP node that was embedded in an AppleTalk network did not have direct Ethernet access, and could not respond to ARP requests for its IP address. Thus, a gateway acts on behalf of the embedded IP node and responds to ARP requests with the gateway's hardware address, much like proxy ARP [2]. However, this method differs from proxy ARP in that the gateway has been explicitly configured with a range of addresses, and the MacIP address allocation protocol has enabled ARP responses on behalf of its clients. The AppleTalk host finds the gateway that is supporting it, and either registers its IP address with the gateway, or asks the gateway to allocate an IP address for its use out of the gateway's pool of IP addresses. Once a host is communicating with its gateway, and has acquired an IP address, the gateway can then encapsulate and forward IP datagrams on behalf of the host. Datagrams that are destined to some IP host in the IP Internet are encapsulated in DDP and sent to the gateway for delivery. The gateway strips the DDP encapsulation, and retransmits the datagram using the encapsulation method of its attached IP network. The MacIP protocol uses three AppleTalk protocols. NBP to register, confirm, and find MacIP services and hosts; ATP to reliably acquire and transmit gateway information; and DDP to transmit datagrams in AppleTalk networks. NBP is a broadcast-based resource location protocol which translates resources named with ASCII strings into AppleTalk addresses. The MacIP protocol uses NBP to find the protocol gateway and to respond to address lookups in a fashion similar to ARP. ATP is used by MacIP in the ALO mode to reliably obtain IP specific information from the protocol gateway for the requesting host. ATP is used much like BootP to acquire DNS, gateway, and broadcast addresses. DDP is the packet transmission protocol for AppleTalk. Once the protocol gateway has been found by the end host, DDP is used to transport encapsulated IP packets. Veizades [Page 2] Internet Draft MacIP March 1992 Protocol Details - IP Address Resolution The gateway host acts as a protocol translator, taking IP packets encapsulated in DDP and placing them on the IP media in the standard media encapsulation. It also acts as a configuration server, giving out configuration information to requesting hosts. The configuration process starts with the host registering itself on the connected AppleTalk network using NBP. NBP has a provision for registering service providers on a network. The gateway registers itself as a Network Visible Entity (NVE) of type "IPGATEWAY" on socket 72. This allows hosts needing MacIP services to discover the gateway. NBP lookups are made by specifying the zone name and type of the entity being searched for. The type of a MacIP gateway is "IPGATEWAY". The zone can be specified in one of two ways: - if the AppleTalk network consists of only one zone then the zone field should be set to "*". - if there is more than one zone in the AppleTalk network the zone name of where the MacIP gateway is being searched for may be specified (the list of zones can be acquired using the GetZoneList call which is part of the Zone Information Protocol [ZIP]). The object name should be set to "=" meaning that any service provider will be accepted. A gateway responds by placing the ASCII representation of its IP address (See ASCII IP Address Grammar) in the object name field and filling out the appropriate AppleTalk network number, node ID, and socket number. Once a host connected to an AppleTalk network has acquired an IP address, it registers itself using NBP with an NVE of type IPADDRESS on socket 72, and with an object name of its IP address in ASCII representation. The host responds to NBP lookups for its object name, that is, it provides its IP address. This is NBP ARP. After a host acquires an IP address, it queries the network for entities with the same IP address, verifying that it is the sole user of this address. The host must close its IP interface if another host is responding to ARPs for this IP address. MacIP gateways can be used from outside the zone in which they are registered since a host can do a directed NBP request into a zone. Since NBP lookups are zone specific and an IP address can only be unique in the zone specified, it is possible for an identical IP address to exist in another zone. This is an administrative issue since the protocol cannot prevent this from occurring. In the case of a server assigned address, a gateway periodically sends an NBP confirm to verify the continued accessibility of a Veizades [Page 3] Internet Draft MacIP March 1992 configured host. If a host does not respond to an NBP confirm after some interval (recommended to be 5 minutes and to be adjustable by the network administrator) the address mapping is invalidated and the IP address can be reused. If a host cannot respond to NBP confirms for some period of time it should assume that the AppleTalk to IP address binding is no longer valid and it should reacquire its address. All object names, entity types and zone names are specified as 8-bit ASCII strings as specified in Appendix D of Inside AppleTalk. Protocol Details - Address Management To acquire configuration information, the AppleTalk Transaction Protocol (ATP) At-least-once (ALO) transaction is used. Once a MacIP gateway is discovered, the host can query the gateway for configuration information. The format of an ATP packet is as follows: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | / Data Link Header / | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | / DDP Header / | | -- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ A | Control Info | Sequence # | Transaction ID | / b T +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+/u y P | always zero | s t -- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r e | Request Code | \ s +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | IP Address (only for STATIC and RELEASE) | | version number for VERSION request | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Refer to [1] for proper encoding of ALO operation in the Control Info field, and the sequence# and Transaction ID. There are several requests that an end host can make of a gateway. The type of request is set by specifying the appropriate request code. The following are the allowable requests: ASSIGN 1 Ask the server to assign an IP address NAME 2 Obsolete SERVER 3 Get server information Veizades [Page 4] Internet Draft MacIP March 1992 RELEASE 4 Notify the server that the host's IP address is no longer in use STATIC 5 Ask the server to allocate a statically assigned IP address VERSION 6 Used to find the version of the server. The RELEASE, STATIC and VERSION requests are new to this protocol version. A server, upon reception of an ATP "at least once" request, returns the following ATP packet: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ / ATP Header / +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Response Code | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Assigned IP address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | DNS Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Broadcast Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Unused Always Zero | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Subnet Mask | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Unused Always Zero | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Unused Always Zero | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Unused Always Zero | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | <= 128 byte ASCII text message zero terminated | / / / otherwise / / / | Domain Name Extension | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ The response code can be equal to the value of the corresponding request code, or a negative number error code when interpreted as a 32-bit signed number. When an error is encountered, the packet may contain an error message of up to 128 ASCII characters, zero terminated. Veizades [Page 5] Internet Draft MacIP March 1992 The following is a list of errors returned by the MacIP gateway: -1 some error occurred, look at error string for more details -2 command out of range -3 no addresses available -4 address already assigned -5 obsolete -6 address out of static range The RELEASE call does not return an error, STATIC may return -4, -5, ASSIGN may return -1 and -3, SERVER may return -1. Packets that are returned without error have the following semantics. For responses to requests of type ASSIGN, the IP address field will contain the host's assigned IP address. The other fields have the semantics as defined in the SERVER call. For responses to requests of type SERVER, the DNS address field will contain the IP address of the default domain name server. The broadcast address will contain the broadcast address for the network. All the other fields are zero. The domain name extension to be used by the host is in the message field of the packet. The RELEASE and STATIC ATP requests contain the IP address being released or being used in the long word after the request code. There is no MacIP response to a RELEASE packet though an ATP response is sent. A packet is sent in response to a STATIC request indicating that the gateway will respond on behalf of that address. The format of the STATIC response is identical to the ASSIGN response. The VERSION request contains the version number of the host implementation in the long word after the request code. The VERSION response contains the gateway version in the long word after the request code. This document defines version 1. Gateways that respond with the "command out of range" error implement a version previous to the protocol described by this document. Operational Details In an AppleTalk network, an IP address can be assigned to the host via MacIP, or by an administrator. The MacIP address server is configured with a range of server and static addresses. The address assigned by the server must not overlap the addresses assigned by the administrator. Addresses assigned by the server may or may not be assigned to the same host for each assignment request that the host makes. A host must not cache any of its assignment information from a previous assignment since the uniqueness of an IP address assignment cannot be guaranteed without the host's ability to defend this address. Host's Veizades [Page 6] Internet Draft MacIP March 1992 addresses may also be assigned statically. When a host uses a statically assigned address it sends out an NBP lookup to find its gateway and then issues an ATP request of type STATIC. This allows the gateway to record information as to who is using the statically assigned address. Hosts that try to register themselves with a static address that is already in use should receive the "address already assigned" error message from the gateway. When a gateway is brought on line, either after it has been shutdown or when it is being brought on line for the first time, it must send out a NBP lookup specifying "=" as the object identifier and IPADDRESS as the object type to all its configured zones; hosts may be in zones other than the zones on the local cable. This will allow the gateway to acquire address mapping (AppleTalk node ID to IP addresses) for all hosts that had already been initialized. Protocol Details - Encapsulation Once a host has been properly configured, it can begin operating as an IP host in an AppleTalk internet. IP packets are transmitted on an AppleTalk network by first deciding what the destination address is using NBP ARP, and then transmitting the IP packet in its DDP wrapper. A host can either send an IP packet directly to or through a gateway to the IP host with which it is communicating. When sending a packet, the host issues an NBP ARP request for the host with which it wishes to communicate. Packets are then sent to the host or the gateway using DDP, encapsulating the full IP packet as the DDP data and using the DDP packet type of 22 (decimal) and port number 72 (decimal). The above holds true for packets transmitted by the gateway to the requesting host though an NBP ARP need not be used. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Link Layer Header | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Network Layer Header (DDP) | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | IP Header | / / IP Packet Encapsulated in DDP Packet Gateways should send ICMP error messages when appropriate [4]. DDP limits the data size of a DDP packet to 586 bytes. This is the Maximum Transfer Unit (MTU) for IP datagrams encapsulated in AppleTalk internets. Other networking media have larger MTUs. The smaller MTU size of AppleTalk implies that gateways must fragment Veizades [Page 7] Internet Draft MacIP March 1992 packets bound for AppleTalk network which are larger than the AppleTalk MTU [3]. A Sample Transaction Stream Below is a sample transaction stream designed to illustrate the use of the gateway, ATP, and NBP to perform the ARP function on AppleTalk. Overview: An AppleTalk host wishes to find a MacIP gateway, obtain an IP address from that gateway, and open a TCP session with a host on Ethernet. AppleTalk Host Gateway Step 1 Perform NBP lookup for Object answers lookup with "=" (wildcard), type object value "90.70.0.1", the IPGATEWAY gateway's IP address. Step 2 Send gateway ATP Look in table of assigned transaction ASSIGN to addresses, using source gateway AppleTalk address as key. If entry found, respond with previously assigned address. If no entry found, create new entry and assign new IP address. Respond. Step 3 Send gateway ATP transaction Respond with IP addresses as SERVER to gateway. configured. Step 4 Register assigned address as an NBP NVE, the object being the IP address in ASCII with type IPADDRESS. Step 5 IP code wants to send TCP Respond to ARP for the SYN to IP address 136.25.2.4 gateway's IP address. either default to 136.25.2.4 as destination IP or decide that gateway is destination IP. Perform NBP ARP for host of gateway address, type IPADDRESS. Step 6 Encapsulate TCP SYN in DDP Remove DDP header, add Ethernet packet and send to gateway. header, perform Ethernet ARP function, if appropriate, and send packet on Ethernet. Veizades [Page 8] Internet Draft MacIP March 1992 AppleTalk Host Gateway Step 6 (cont.) Destination host (136.25.2.4) responds with SYN. Remove Ethernet header, add DDP header, perform NBP ARP function for destination address. Send DDP packet. Step 7 When the host will no longer Remove the IP address from use the IP address the host the in uses list and allow it sends the gateway the ATP to be reassigned. transaction RELEASE. All subsequent IP datagrams are sent as in Step 6. Veizades [Page 9] Internet Draft MacIP March 1992 AppleTalk Protocol Constants MacIP MTU 586 bytes DDP constants MacIP packet type 22(decimal) MacIP socket number 72(decimal) NBP constants gateway object type IPGATEWAY registered IP address object type IPADDRESS Gateway ATP Protocol Constants ATP request command codes ASSIGN assign IP address 1 NAME name server 2 (obsolete) SERVER get server info 3 RELEASE release IP address 4 STATIC register fixed address 5 VERSION send and recieve version #s 6 ATP response codes SUCCESS same as request code ERROR -1 command out of range -2 no addresses available -3 address already assigned -4 address out of range -5 MacIP Version 1 ASCII IP Address Grammar
::= "." "." "." ::= <0 to 255 decimal, leading zeros suppressed> References [1] Sidhu, G., Andrews, R., and Oppenheimer, A., Apple Computer, "Inside AppleTalk (Second Edition)", Addison-Wesley Publishing Company, Inc., Reading, MA, 1990. [2] Plummer, D., "An Ethernet Address Resolution Protocol," RFC-826, Symbolics, December 1982. [3] Postel J., "Internet Protocol," RFC-791, USC Information Sciences Institute, December 1981. [4] Brandon, R., and Postel, J., "Requirements for Internet Gateways," RFC-1009, USC Information Sciences Institute, June 1987. Veizades [Page 10] Internet Draft MacIP March 1992 Acknowledgments Many people contributed to this document the author would like to acknowledge some of the primary contributors. Brad Parker and Josh Littlefield for writing a version of this protocol document. Greg Minshall for also putting down his thoughts on what this protocol should look like and giving the document a title. Chris Ranch and Tom Evans for going to all lengths to keep me honest. Bill Croft for getting us into all of this by first implementing the protocol in the Seagate box at Stanford University. Author's Address John Veizades Apple Computer, Inc. 20525 Mariani Ave., MS: 35-K Cupertino, California 95014 Phone: 408 974-2672 EMail: veizades@apple.com Veizades [Page 11]