💾 Archived View for spam.works › mirrors › textfiles › internet › blacker.txt captured on 2023-06-14 at 17:22:39.

View Raw

More Information

-=-=-=-=-=-=-

 [ netinfo/blacker.doc ]



                   BLACKER INTERFACE CONTROL DOCUMENT

                             March 21, 1989






                                                       March 21, 1989

                            Table of Contents


    Section     Subject                                      Page


      1.   Introduction                                      1-1

      2.   Host/Red-Side Interface                           2-1

           2.1.  Physical Level                              2-1

           2.2.  Link Level                                  2-4

           2.3.  Packet Level                                2-4

           2.4.  Internet Protocol Features                  2-9  

           2.5.  Internet Control Message Protocol Features  2-11

      3.   Network/Black-Side Interface                      3-1

           3.1.  Physical Level                              3-1

           3.2.  Link Level                                  3-3

           3.3.  Packet Level                                3-3

           3.4.  Internet Protocol Features                  3-4

           3.5.  Internet Control Message Protocol Features  3-4

      A.   Initial DDN Sensitivity Labels                    A-1

      B.   References                                        B-1

      C.   BLACKER Generated Diagnostic Codes                C-1






                                                       March 21, 1989

    1.     INTRODUCTION

    1.0.1  The purpose of this document is to define the interface to
    the BLACKER Front Ends (BFE).  This document will define the
    services used on the network or black side where the BFE
    interfaces to the Defense Data Network (DDN) and will define the
    services offered on the host/gateway or red side.

                Host                  Network
                Plaintext             Ciphertext
                Red-Side              Black-Side
    +---------+           +---------+               +---------+
    | HOST OR |___________|   BFE   |_______________|   DDN   |
    | GATEWAY |           |         |               |   PSN   |
    +---------+           +---------+               +---------+


    1.0.2  The BFE acts as the Data Communication Equipment (DCE) of
    an X.25 Network to its attached host.  As such, the BFE offers
    the host an X.25 interface.  This interface is a modified version
    of the interface presented in the 1983 DDN X.25 Host Interface
    Specification.  Because of the additional security functionality
    of the BFE, there are additional requirements on the host
    interface at levels above the X.25 layer.  These additional
    requirements as well as the specific details of the X.25
    interface are defined in section 2 of this document.

    1.0.3  The following terminology will be used in this document. 
    Units of information at the link (X.25 level 2) level will be
    referred to as "frames".  Units at the network (X.25 level 3)
    level will be referred to as "packets".  Units at the Internet
    Protocol (IP) level will be referred to as "datagrams".  The
    information contained in a datagram that is passed on to the
    actual destination computer will be referred to as a message,
    with an appropriate modifier (e.g., Mail message).  A byte is a
    unit of data containing eight bits.

    1.0.4  The BLACKER System on the DDN uses the X.25 interface as a
    local interface only.  This means that the type of service
    offered does not provide the end-to-end services of X.25.  The
    BFE will offer a version of the DDN X.25 Standard Service as
    defined in the DDN X.25 Host Interface Specification, dated Dec
    1983, with the restrictions and modifications defined in this
    document.  This interface also conforms to FIPS PUB 100 (6 July
    1983), and CCITT Recommendation X.25 (1980), as well as the DDN 
    Host Interface Specification.  The BFE will not provide support
    for the ARPANET Host Interface Protocol (AHIP), also known as
    Bolt, Beranek, and Newman, Inc. (BBN) 1822 interface.



                                                             Page 1-1






                                                       March 21, 1989

    1.0.5  All values for fields defined in this document, unless
    otherwise designated, are decimal values.  The leftmost bit
    (byte) in any field is the high order bit (byte) of the value.

    1.0.6  All BFE parameters are loaded via a BLACKER Initialization
    Carrier (BIC).  These include site identification, Access Control
    Center (ACC) and Key Distribution Center (KDC) identification,
    security level, protocol parameters, and audit control values. 
    The BIC is inserted and read when the BFE is first powered on,
    and then is only needed after the BFE has been reset, zeroized,
    or has completely lost power.








































    Page 1-2






                                                       March 21, 1989

    2.     RED-SIDE HOST INTERFACE

    2.0.1  This section describes the host interface to the BLACKER
    Front End.  This interface is based upon standards defined for
    the 1983 DDN X.25 interface, and requires that the Internet
    Protocol (IP) be used as the next layer above X.25.  For hosts
    which already implement the current set of DDN X.25 protocols
    including IP, and use an RS-449 balanced interface, the changes
    should be minor.

    2.1    PHYSICAL LEVEL

    The BFE will conform to the following three specifications:

       1. "DEFENSE DATA NETWORK X.25 HOST INTERFACE SPECIFICATION",
           DCA, DECEMBER 1983

       2.  EIA STANDARD RS-449, NOVEMBER 1977

       3.  MILITARY STANDARD 188-114, MARCH 1976

    The BFE will support the signals as listed in Table B-2 of the
    DDN X.25 Specification.  Optional signals supported will be the
    signals identified as CCITT numbers 141 and 142 on the host side.

    In RS-449 terms, the BFE will support all Category I circuits in
    the balanced mode.  The BFE will also support all type Send-
    Receive mandatory circuits for synchronous primary channel
    operation (see Fig 5.1 in Specification 2).  The RS-449 37-
    position connector with a GLENAIR, INC., (or equal) backshell
    will be used on the host interface.

    The BFE will present a DCE interface to the host.

    The BFE will operate at speeds from 1.2 to 64 kilobits per
    second.  Only full duplex synchronous operation will be support-
    ed.  Data timing will originate from the network DCE to the
    BLACKER Data Terminal Equipment (DTE), and then from the BLACKER
    DCE to the host.  (Note: The signal names used below refer to the
    RS-449 names used in the following table.)  RT signal will supply
    the data strobe for RD,  ST will supply the data request for SD,
    and TT will supply the data acknowledge/data strobe for SD.  The
    DTE must use the incoming ST signal to generate the data strobe
    signal, TT.

    Interface signal electrical characteristics will be as defined by
    MIL-STD-188-114.  The single deviation from this specification is
    the Open Circuit Balanced Voltage Driver Output, which is 8 volts
    +/- 2 volts, instead of 6 volts +/- 2 volts.  Interface signal


                                                             Page 2-1






                                                       March 21, 1989

    functions, directions, and pin assignments will be as defined in
    RS-449.

    LISTING OF SIGNALS SUPPORTED BY THE BFE RED-SIDE

    PIN      RS-449 ABBREVIATION    DCE IS

    1        SHIELD                 NO CONNECTION
    2        SI                     +5
    3        SPARE
    4        SD                     BALANCED RECEIVER
    5        ST                     BALANCED GENERATOR
    6        RD                     BALANCED GENERATOR
    7        RS                     BALANCED RECEIVER
    8        RT                     BALANCED GENERATOR
    9        CS                     BALANCED GENERATOR
    10       LL                     UNBALANCED RECEIVER
    11       DM                     BALANCED GENERATOR
    12       TR                     BALANCED RECEIVER
    13       RR                     BALANCED GENERATOR
    14       RL                     IB-
    15       IC                     -5
    16       SF/SR                  IB+
    17       TT                     BALANCED RECEIVER
    18       TM                     UNBALANCED GENERATOR
    19       SG                     CIRCUIT GROUND
    20       RC                     DCE CIRCUIT GROUND
    21       SPARE
    22       SD  ( see pin 4 )
    23       ST  ( see pin 5 )
    24       RD  ( see pin 6 )
    25       RS  ( see pin 7 )
    26       RT  ( see pin 8 )
    27       CS  ( see pin 9 )
    28       IS                     IB+
    29       DM  ( see pin 11 )
    30       TR  ( see pin 12 )
    31       RR  ( see pin 13 )
    32       SS                     IB-
    33       SQ                     +5
    34       NS                     IB-
    35       TT  ( see pin 17 )
    36       SB                     -5
    37       SC                     DTE CIRCUIT GROUND


    ABBREVIATIONS OTHER THAN RS-449 SIGNAL NAMES
    IB-     PIN IS OPEN, INTERNAL BIAS OF MINUS FIVE VOLTS (OPTIONAL)
    IB+     PIN IS OPEN, INTERNAL BIAS OF FIVE VOLTS (OPTIONAL)


    Page 2-2






                                                       March 21, 1989

    2.2    LINK LEVEL

    The BFE will conform to the following Link Level specifications:

       1. "DEFENSE DATA NETWORK X.25 HOST INTERFACE SPECIFICATION",
           DCA, DECEMBER 1983

       2.  "INTERFACE BETWEEN DATA TERMINAL EQUIPMENT (DTE) AND
            DATA CIRCUIT TERMINATION EQUIPMENT (DCE) FOR TERMINALS
            OPERATING IN THE PACKET MODE ON PUBLIC DATA NETWORKS",
            RECOMMENDATION X.25, CCITT, 1980

       3.  "WD2512 X.25 PACKET NETWORK INTERFACE (LAPB)", WESTERN
            DIGITAL CORP., SEPT. 1988 (PRELIMINARY), 
            APRIL 1989 (EXPECTED FINAL PUBLICATION).

    At level 2, the BFE will use the DDN X.25 High Level Data Link
    Control, Link Access Procedure - Balanced (HDLC-LAPB) interface
    protocol.

    On the host/red side the BFE will be a DCE.

    The HDLC-LAPB interface in the BFE will be implemented using the
    Western Digital WD2512 Packet Network Interface Chip.  This chip
    handles bit oriented, full duplex serial data communications on
    its Level 1/Level 2 interface side.  The computer interface side
    uses direct memory access.

    The "Transparent Modes" of the WD2512 chip, as described in
    specification three above, will not be used.



    2.3    PACKET LEVEL

    2.3.1  The BFE will conform to the following Packet Level
    specifications.  Restrictions and extensions are described below. 
    (Note: All page and paragraph references refer to the DDN
    specification as number one below.  Paragraph references begin
    with the letter 'D').

      1. "DEFENSE DATA NETWORK X.25 HOST INTERFACE SPECIFICATION",
          DCA, DECEMBER 1983

      2. "INTERFACE BETWEEN DATA TERMINAL EQUIPMENT (DTE) AND
          DATA CIRCUIT TERMINATING EQUIPMENT (DCE) FOR TERMINALS
          OPERATING IN THE PACKET MODE ON PUBLIC DATA NETWORKS",
          RECOMMENDATION X.25, CCITT, 1980



                                                             Page 2-3






                                                       March 21, 1989

      3. "INTERFACE BETWEEN DATA TERMINAL EQUIPMENT (DTE) AND
          DATA CIRCUIT TERMINATING EQUIPMENT (DCE) FOR OPERATIONS
          WITH PACKET-SWITCHED DATA COMMUNICATIONS NETWORKS",
          FED-STD 1041; FIPS PUB 100, 6 JULY 1983

    2.3.2  Standard Service Restriction:  Only DDN "Standard Service"
    X.25 will be offered on the host interface. No provisions for
    "Basic Service" will be made.  Any call requests from the host
    indicating "Basic Service" will be rejected.  (pg. 3)

    2.3.3  Physical Address Restriction:  Only physical addressing
    will be supported.  All BFE ports will be assigned a physical
    address by the Defense Communications Agency.  The address will
    conform to the format defined in D2.1.1.1 with the following
    constraints.  All addresses will be 12 binary coded decimal (BCD)
    digits. Sub-addresses will not be supported.  The 'F' flag will
    be set to zero.  Requests for Logical Addressing facilities will
    result in a CLEAR INDICATION with an appropriate diagnostic code
    (146) being sent to the host.  Early serial number BFEs may
    return an Invalid Called Address (68) or Invalid Calling Address
    (69) diagnostic code.  (pg. 6)

    2.3.4  Standard Service Restriction:  In D2.1.2.1 for the Type of
    Service Facility on a CALL REQUEST, DDN "Standard Service" must
    always be selected.  Failure to specify DDN "Standard Service"
    will result in a CLEAR INDICATION packet with a diagnostic code
    of (155) being sent to the host.  (pg. 8)

    2.3.5  Call User Data Restriction:  In the Protocol Identifi-
    cation Field of a CALL REQUEST packet, as defined in D2.1.3, a
    DTE must indicate the use of the DoD Internet Protocol (IP).  The
    value defined for IP (11001100 binary, CC hex) must be the first
    and only byte present in the Call User Data Field of the CALL
    REQUEST Packet.  A Call User Data field that is not exactly one
    byte long will result in a CLEAR INDICATION with a diagnostic of
    either a packet too short (38) or packet too long (39). Selection
    of a different value will result in a CLEAR INDICATION packet
    with a diagnostic code of (156) being sent to the host.  (pg. 10)

    2.3.6  Packet Sizes Supported:  A maximum packet sizes of 128,
    256, 512, or 1024 octets will be supported by the BFE.  A maximum
    packet size of 1024 octets is required for hosts accredited to
    operate at multiple security levels.  A maximum packet size of
    1024 octets is strongly recommended for all hosts, in order to
    allow an IP datagram to fit within a single packet.  IP Datagram
    Size limitation is discussed in section 2.4.4 of this document. 
    (pg. 11)  

    2.3.7  Packet Size Limitation:  The maximum permissible number of
    data bits in a complete packet sequence must be no more than 896

    Page 2-4






                                                       March 21, 1989

    bytes (7168 bits).  An attempt to send more than 896 bytes will
    result in a CLEAR INDICATION with an appropriate diagnostic code
    (39) being sent to the host.  (pg. 11)

    2.3.8  D and Q Bit Restriction:  The D-bit and Q-bit have no
    significance to the BFE and are not passed to the destination. 
    These should be set to zero by the host.  (pg. A6)

    2.3.9    Logical Addressing:  There is no support for logical
    addressing.  Requests for logical addressing facilities will
    receive a CLEAR INDICATION packet with an appropriate diagnostic
    code (146) being sent to the host.  Early serial number BFEs may
    return an Invalid Called Address (67) or Invalid Calling Address
    (68) diagnostic code.  (pg. A7)

    2.3.10  Derivation of X.25 addresses in BLACKER:  (pg. A9)

    For devices directly connected to a BLACKER Front End, the IP
    address is a 32-bit quantity that consists of two parts, the
    first part defining a network, and the second being network
    specific.  The DDN Red Virtual Network (DDN-RVN) will be a class
    A network, having a network identifier field eight bits wide, and
    a network specific portion 24 bits wide.  The network number for
    the DDN-RVN will be 21.  The 24-bit network specific part will be
    defined as follows.  The first bit is zero.  The next three bits
    are a port number of the BFE.  The following ten bits are the
    domain number of the BFE, and the last ten bits are the BFE's
    number within its domain.  This is shown graphically as:

      IP             0                   1                   2
    ADDRESS          0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |    NETWORK    |0|PORT |    DOMAIN ID      |     BFE ID        |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

    The port field specifies a routing for the BFE.  It may take on 
    values between zero and seven.  The currently defined values are: 
    0 for the computer attached to the host port, 1 for the internal
    Access Control Module, and 2 for the internal Internet Control
    Message Protocol (ICMP) Server.  The domain ID and BFE ID fields
    may take on the values 000 to 999, inclusive.
    At the X.25 level, the DDN-RVN is an X.25 network supporting the
    version of DDN "Standard Service" described in this section.  For
    devices directly connected to the DDN-RVN, the X.25 address
    consists of 12 BCD digits in the form ZZZZ F DDDDDDD.  (See
    D2.1.1.1.)  The sub-address feature, defined in D2.1.1.1, is
    never used.  For the DDN-RVN, ZZZZ is a value to be decided by
    the administration.  It will initially be set to 0000.  F will be
    zero to indicate physical addressing.  DDDDDDD is directly mapped
    from the network specific portion of the IP address, where the

                                                             Page 2-5






                                                       March 21, 1989

    first digit is the port ID, the next three digits are the domain
    ID, and the last three digits are the intra-domain BFE ID.  The
    mapping is a value conversion from the binary representation to
    the BCD representation.  This is shown graphically as:

                          0         1         2  2
                          0         0         0  3
           IP:            BBBBBBBBBBBBBBBBBBBBBBBB  (bits)
                          |\ /\        /\        /
                          x |  --------  --------
                            |     |          |
          X.25:    0000 0   D    DDD        DDD     (BCD digits)


    For example, if your host was host number 45 in domain 10, and
    you wish to talk to the internal ICMP echo port,  you would
    address your message to network 21, domain 10, host 45, port 2. 
    In graphic form this IP address is:

     0                   1                   2                 3
     0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |0 0 0 1 0 1 0 1|0|0 1 0|0 0 0 0 0 0 1 0 1 0|0 0 0 0 1 0 1 1 0 1|
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |       21      | |  2  |         10        |         45        |

    The X.25 address for this port would be:  0000 0 2010045.

    2.3.11  Interrupt Restriction:  INTERRUPT and INTERRUPT
    CONFIRMATION packets are not supported.

    2.3.12  Datagram Restriction:  DATAGRAM service as it is defined
    in reference two above is not supported.

    2.3.13  Permanent Virtual Circuit Restriction:  There will be no
    support for PERMANENT VIRTUAL CIRCUITS.  All calls will need to
    be established via CALL REQUEST Packets.

    2.3.14  X.25 Facilities

    The following facilities described in reference two above WILL BE
    supported by the BFE:

                                        1980 CCITT paragraph
    Nonstandard default window size             7.1.2
    Nonstandard default packet size             7.2.1
    Flow control parameter negotiation          7.2.2




    Page 2-6






                                                      March 21, 1989

   The following facilities described in reference two above WILL
   NOT BE supported by the BFE:

                                       1980 CCITT paragraph
   Extended packet sequence numbering          7.1.1
   Default Throughput Class Assignment         7.1.3
   Packet Retransmission                       7.1.4
   Incoming Calls Barred                       7.1.5
   Outgoing Called Barred                      7.1.6
   One-way logical channels outgoing           7.1.7
   One-way logical channels incoming           7.1.8
   Closed user group (all varieties)           7.1.9-7.1.15
   Reverse charging                            7.1.16
   Reverse charging acceptance                 7.1.17
   RPOA selection                              7.1.18
   Throughput class negotiation                7.2.3
   Fast select                                 7.2.4
   Fast select acceptance                      7.2.5
   D-bit modification                          7.2.6
   Datagram facilities (all varieties)         7.3

   2.3.14.1  Packet and Window Sizes: For selection of Flow Control
   Parameters the BFE will default to a packet size of 128 octets
   and a window size of 2 packets.  These default parameters may be
   changed if approved by the Defense Communications Agency. When
   requesting a BIC, a host administrator may specify non-standard
   defaults for packet sizes between 128 and 1024 octets, and for a
   window size of between 2 and 7 packets.  The host administrator
   must also specify whether or not the BFE should negotiate these
   values on a call by call basis.  If the host administrator
   chooses not to negotiate, the BFE will use the values specified
   by the host administrator for all calls, incoming and outgoing. 
   If negotiation is selected, the BFE will offer a packet size of
   1024 and a window size of 7 for incoming calls, and the host may
   then respond with a smaller size if desired.


   2.3.14.2  Emergency Mode Addressing: One new facility code has
   been defined for use with BLACKER.  It is called the Emergency
   Mode Addressing Facility, and is defined in section 2.3.17.3.


   2.3.15  Precedence:  The BFE does not reallocate resources based
   on the precedence facility supplied in a call request.  It does
   carry the precedence of a packet across the BFE to the call
   request on the opposite interface.  If the host does not supply
   precedence on a CALL REQUEST packet, the BFE will assume that
   precedence zero is requested, and send the CALL REQUEST out to
   the network with precedence zero.  This allows the host or
   network to continue to act upon the precedence of a call.

                                                            Page 2-7






                                                       March 21, 1989

    2.3.16  Diagnostics Codes

    2.3.16.1  The BFE passes certain diagnostic information back to
    the host to indicate status information on the communication path
    and to provide security related information.  Diagnostic informa-
    tion is provided when the BFE becomes aware of a reportable
    event.  Two examples of such reportable events are a notice that
    the BFE's network interface has come up, and that the BFE has
    lost contact with its Access Control Center.  However, there is
    no guarantee that the BFE will be able to detect, or report,
    anomalous situations that occur in the underlying black network.

    2.3.16.2  Diagnostic information is sent in the diagnostic field
    of an X.25 packet.  For the X.25 diagnostic codes, the BFE will
    use the values defined in the CCITT Recommendation and in the DDN
    Specification with the following interpretations.  DDN diagnostic
    code (128), PSN Unavailable, will indicate that the DDN packet
    switching node to which the BFE is connected is unavailable.  DDN
    diagnostic code (137), Remote PSN dead, will indicate that the
    destination BFE is unreachable.  See Appendix C for a full list
    of diagnostic codes that may be generated by BLACKER.

    2.3.16.3  Diagnostic information related to Emergency Mode status
    (see section 2.3.17 below) will also be passed to the host at the
    X.25 level. 

    DIAGNOSTIC packets may be sent by the BFE with the following
    diagnostic codes:
                                                   Code
    Entering Emergency Mode                        224
    Leaving Emergency Mode                         225
    Emergency Mode Window Open                     226


    CLEAR INDICATION packets may be sent by the BFE with the follow-
    ing diagnostic codes:


                                                                   Code
    Call Failed--Address Translation Information Required          227
    Call Failed--Emergency Window Open, BFE not in Emergency Mode  228



    2.3.17  EMERGENCY MODE

    2.3.17.1  One aspect of the BLACKER System operation is the ability
    to communicate between BFEs in the absence of Access Control
    Centers (ACCs) and/or Key Distribution Centers (KDCs).  This
    capability is referred to as Emergency Mode.  The use of Emergency

    Page 2-8






                                                       March 21, 1989

    Mode may involve the host in some of the processing.  When the
    conditions exist which could result in the BFE entering Emergency
    Mode, the BFEs action depends upon a start-up parameter contained
    in the BIC.  This parameter specifies one of three possible courses
    of action.  These actions are 1) remain in normal mode, i.e., not
    communicate with BFEs that are operating in Emergency Mode, 2)
    automatically enter Emergency Mode and so notify the host, or 3)
    notify the host that conditions exist which allow the BFE to enter
    Emergency Mode, but do not make the transition into Emergency Mode
    until directed by the host.  Paragraphs 2.3.16.3 and 2.3.17.3
    provide further information on Emergency Mode diagnostic codes and
    addressing.

    2.3.17.2  Additionally, since the address translation table
    contained in a BFE is maintained by the ACC, and in Emergency Mode
    the BFE may not be able to communicate with the ACC, a host may be
    limited as to what other hosts it can communicate with.  In
    Emergency Mode, the BFE will continue to be able to communicate
    with all other hosts for which it has address translations,
    providing all other access controls are passed.  The optional X.25
    facility defined in 2.3.17.3 allows a host to provide address
    translation information to its BFE, and must be used if a host
    requires flexibility while in Emergency Mode.

    2.3.17.3  An additional optional user facility will be supported. 
    This facility will allow the DTE to provide the DDN address (Black
    Internet Address) of the destination BFE for the address specified
    in the CALL REQUEST.  This facility will be accepted only when
    Emergency Mode is enabled.  The format is:


     0                   1                   2                   3
     0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |1 1 0 0 0 0 0 1|0 0 0 0 0 1 0 0|          32  bit  Black         |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |       Internet  Address       |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

    The first byte in the facility is the identification code, 193 for
    Black Internet Address.  The second byte contains the length of the
    following parameter value field.  It must always contain the value
    four.  The remaining bytes contain the Black IP Address of the
    destination host for this call.  This address will be stored with
    bits 0-7 in octet 3, bits 8-15 in octet 4, bits 16-23 in octet 5
    and bits 24-31 in octet 6.  Bit 0 will be the leftmost bit of octet
    3, etc.  A supplied address of all zeros is used to tell the BFE
    that it should enter Emergency Mode and is sent in response to the
    BFE message advertising the opening of the Emergency Mode Window
    (2.3.16.3).  If it is necessary for the host to provide the enter

                                                             Page 2-9






                                                       March 21, 1989

    Emergency Mode command along with address translation information,
    this facility must appear twice in the CALL REQUEST packet, with
    the enter Emergency Mode command appearing first.

    2.3.17.4  When a host administrator has requested that his BFE
    never enter Emergency Mode, the host is not notified when the
    Emergency Mode window opens or closes.  A host whose administrator
    has requested that his BFE always enter Emergency Mode is notified
    via the diagnostic codes described in 2.3.16.3 when the BFE enters
    and exits emergency mode.  If a host administrator has requested
    that his host participate in the BFE's decision to enter Emergency
    Mode, the BFE will send the Emergency Mode Window Open diagnostic
    to the host when the conditions for Emergency Mode exist.   If the
    host desires the BFE to enter Emergency Mode, it responds by using
    the Emergency Mode Address Facility (2.3.17.3) with the address set
    to all zeros.  If the host does not wish to enter Emergency Mode,
    no response is necessary.  When the BFE restores contact with its
    administrative nodes, it will send the host a Leaving Emergency
    Mode diagnostic message.

    2.3.18  Logical Channels:  The BFE will support up to 128 simul-
    taneous open logical channels.  A logical channel for the BFE is
    defined as the intersection of a source X.25 address, a destination
    X.25 address, and an X.25 precedence.


    2.4    INTERNET PROTOCOL FEATURES

    2.4.1  In addition to the X.25 interface, the BFE requires the use
    of IP as defined in MIL STD 1777.  The only restrictions on the use
    of IP are as follows:

    2.4.2  The IP address is a 32-bit value consisting of a network
    identifier and a network specific host field.  There are different
    formats for this address.  The DDN Red Virtual Network (RVN) is a
    class A network (net number 21) with the following format (see also
    2.3.10):

     0                   1                   2                   3
     0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |    NETWORK    |                     HOST                      |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

    2.4.3  The host connected to the BFE will provide the Red IP
    destination address for the actual destination of each datagram. 
    The host will also supply the appropriate DDN-RVN X.25 address to
    the BFE.  In most cases, the X.25 address supplied by the host will
    correspond to the actual destination red IP address, but in some
    cases (e.g., IP devices not directly connected to a BFE) may be an

    Page 2-10






                                                       March 21, 1989

    X.25 address corresponding to a red gateway which is the next hop
    to the actual red IP destination.

    2.4.4  The maximum BLACKER IP datagram size is 896 eight-bit bytes
    (octets).  As required by MIL-STD 1777 (Para 9.2.2.2), IP datagrams
    of more than 576 octets should only be sent if there is assurance
    that the destination is prepared to accept the larger datagram.  An
    IP datagram must be sent as an X.25 complete packet sequence if the
    datagram does not fit within a single X.25 packet.  A packet or
    complete packet sequence must contain exactly one IP datagram.  If
    IP datagrams are sent in multiple X.25 packets, no more than 32
    incomplete datagrams (unfinished packet sequences) may be sent at
    one time.  Only single level hosts are allowed to send datagrams as
    packet sequences.  Hosts accredited to send datagrams at multiple
    security levels must send and receive datagrams in single packets. 
    Any packet received from such a host with the 'more' bit set will
    result in the call being CLEARed.

    2.4.5  All IP datagrams must contain a sensitivity label as defined
    by the Revised IP Security Option (IPSO) described in change 1 to
    MIL-STD 1777.  This must be the first option on all IP datagrams. 
    BLACKER is designed to make cryptographic distinctions on up to
    eight hierarchical levels and sixteen non-hierarchical categories. 
    Appendix A provides the configuration to be used for the initial
    BLACKER deployment on DSNET I.

    2.4.6  The BFE has a limited amount of space available to buffer
    datagrams.  Datagrams for which authorizations already exist in the
    BFE, are subject to normal flow control procedures, and are not a
    problem.  Outgoing datagrams that require new authorizations,
    however, must be buffered until the proper permissions (or denials)
    are received from the ACC.  Up to five of these datagrams can be
    buffered by the BFE at any time.  The receipt of additional
    outgoing datagrams requiring communication with the ACC will
    overflow available buffer space, and such datagrams will be
    discarded without notice.  In order to minimize the likelihood of
    such an event, a host administrator should ensure that the keys for
    essential and high volume destinations are marked for preplacement
    at the time the BIC is ordered from the ACC administrator.

    2.4.7  The BLACKER System can support dual or multiple homing of a
    host.  The host must have one BFE for each port that is to be
    connected to the network.  Each BFE connected to this host must
    have a different network and internet addresses.  It is the
    responsibility of two hosts to select which BFE of a multi-homed
    host will be used for a connection between those hosts. (BLACKER
    ACCs and KDCs can not be set up to have multiple addresses.)




                                                            Page 2-11






                                                       March 21, 1989

    2.5    INTERNET CONTROL PROTOCOL FEATURES

    2.5.1  The BFE also makes use of ICMP messages to indicate certain
    information to the host.

    2.5.2  The BFE will respond to ICMP ECHO REQUEST messages with ICMP
    ECHO REPLY messages.

    2.5.3  The BFE passes diagnostic information back to the host to
    indicate status information on the communication path and to
    provide security related information.  Diagnostic information is
    provided when the BFE becomes aware of a reportable event. 
    However, there is no guarantee that the BFE will be able to detect,
    or report, all anomalous situations.

    2.5.4  Diagnostic information will be passed in ICMP messages.  A
    DESTINATION UNREACHABLE (type 3) message will be sent when a
    Request Denied message is received by the BFE from the ACC.  Code
    1, Host Unreachable, will be sent if the Request Denied message
    indicates that the destination BFE is down.  Code 10, Communication
    with Destination Host Administratively Prohibited, will be sent if
    the Request Denied message indicates that access is denied.





























    Page 2-12






                                                       March 21, 1989

    3.     BLACK-SIDE NETWORK INTERFACE

    3.0.1  This section describes the DDN interface of all BLACKER
    equipment connecting to the DDN.  Host implementors need not
    concern themselves with this section, except as background, or to
    assist in ordering the proper type of interface line from DCA.

    3.1    PHYSICAL LEVEL

    The BFE will confirm to the following specifications:

       1. "DEFENSE DATA NETWORK X.25 HOST INTERFACE SPECIFICATION",
           DCA, DECEMBER 1983

       2.  EIA STANDARD RS-449, NOVEMBER 1977

       3.  MILITARY STANDARD 188-114, MARCH 1976

    The BFE will support the signals as listed in Table B-2 of the DDN
    X.25 Specification.  No optional signals will be supported on the
    network side.

    In RS-449 terms, the BFE will support all Category I circuits in
    the balanced mode.  The BFE will also support all type Send-Receive
    mandatory circuits for synchronous primary channel operation (see
    Fig 5.1 in Specification 2).  The RS-449 37-position connector with
    a GLENAIR, INC., (or equal) backshell will be used on the network
    interface.

    The BFE will present a DTE interface to the network.

    The BFE will operate at speeds from 1.2 to 64 kilobits per second. 
    Only full duplex synchronous operation will be supported.  Data
    timing will originate at the DCE.  (Note: The signal names used
    below refer to the RS-449 names used in the following table.)  RT
    signal will supply the data strobe for RD,  ST will supply the data
    request for SD, and TT will supply the data acknowledge/data strobe
    for SD.  This implies that the DCE will control data transfer rates
    via RT and ST, and the DTE will use ST to generate the data strobe
    signal, TT.  The network DCE supplies timing to the BLACKER DTE and
    the BLACKER DCE supplies timing to the host DTE.

    Interface signal electrical characteristics will be as defined by
    MIL-STD-188-114.  The single deviation from this specification is
    the Open Circuit Balanced Voltage Driver Output, which is 8 volts
    +/- 2 volts, instead of 6 volts +/- 2 volts.  Interface signal
    functions, directions, and pin assignments will be as defined in
    RS-449.



                                                               Page 3-1






                                                       March 21, 1989

    LISTING OF SIGNALS SUPPORTED BY THE BFE BLACK-SIDE

    PIN      RS-449 ABBREVIATION    DTE IS

    1        SHIELD                 NO CONNECTION
    2        SI                     IB+
    3        SPARE
    4        SD                     BALANCED GENERATOR
    5        ST                     BALANCED RECEIVER
    6        RD                     BALANCED RECEIVER
    7        RS                     BALANCED GENERATOR
    8        RT                     BALANCED RECEIVER
    9        CS                     BALANCED RECEIVER
    10       LL                     -5
    11       DM                     BALANCED RECEIVER
    12       TR                     BALANCED GENERATOR
    13       RR                     BALANCED RECEIVER
    14       RL                     -5
    15       IC                     IB-
    16       SF/SR                  +5
    17       TT                     BALANCED GENERATOR
    18       TM                     IB-
    19       SG                     CIRCUIT GROUND
    20       RC                     DCE CIRCUIT GROUND
    21       SPARE
    22       SD  ( see pin 4 )
    23       ST  ( see pin 5 )
    24       RD  ( see pin 6 )
    25       RS  ( see pin 7 )
    26       RT  ( see pin 8 )
    27       CS  ( see pin 9 )
    28       IS                     +5
    29       DM  ( see pin 11 )
    30       TR  ( see pin 12 )
    31       RR  ( see pin 13 )
    32       SS                     -5
    33       SQ                     IB+
    34       NS                     -5
    35       TT  ( see pin 17 )
    36       SB                     IB-
    37       SC                     DTE CIRCUIT GROUND

    ABBREVIATIONS OTHER THAN RS-449 SIGNAL NAMES
    IB-     PIN IS OPEN, INTERNAL BIAS OF MINUS FIVE VOLTS (OPTIONAL)
    IB+     PIN IS OPEN, INTERNAL BIAS OF FIVE VOLTS (OPTIONAL)






    Page 3-2






                                                       March 21, 1989

    3.2    LINK LEVEL

    The BFE will conform to the following Link Level specifications:

       1. "DEFENSE DATA NETWORK X.25 HOST INTERFACE SPECIFICATION",
           DCA, DECEMBER 1983

       2. "INTERFACE BETWEEN DATA TERMINAL EQUIPMENT (DTE) AND
           DATA CIRCUIT TERMINATION EQUIPMENT (DCE) FOR TERMINALS
           OPERATING IN THE PACKET MODE ON PUBLIC DATA NETWORKS",
           RECOMMENDATION X.25, CCITT, 1980

       3. "WD2512 X.25 PACKET NETWORK INTERFACE (LAPB)", WESTERN
           DIGITAL CORP., SEPTEMBER 1988 (PRELIMINARY),
           APRIL 1989 (EXPECTED FINAL DATE).

    At level 2, the BFE will use the DDN X.25 High Level Data Link
    Control, Link Access Procedure - Balanced (HDLC-LAPB) interface
    protocol.

    On the PSN/black side the BFE will be a DTE.

    The HDLC-LAPB interface in the BFE will be implemented using the
    Western Digital WD2512 Packet Network Interface Chip.  This chip
    handles bit oriented, full duplex serial data communications on its
    Level 1/Level 2 interface side.  The computer interface side uses
    direct memory access.  

    The "Transparent Modes" of the WD2512 chip, as described in
    specification three above, will not be used.


    3.3    PACKET LEVEL

    3.3.1  The BFE network interface to DDN conforms to the DDN
    interface specification dated December 1983.

    3.3.2  Type of Service:  The BFE interface offers a DDN Standard
    Service interface to the network.  It may operate with a DDN Basic
    Service interface on the network side only.

    3.3.3  Packet Size:  The BFE is designed to operate with a maximum
    packet size of 1024 bytes but will also operate at 128, 256, or 512
    bytes. Operating with a maximum packet size of less than 1024 bytes
    may significantly degrade performance.

    3.3.4  The BFE does NOT make use of INTERRUPT service and does not
    set the D-bit or Q-bit.



                                                               Page 3-3






                                                       March 21, 1989

    3.3.5  Call User Data Restriction:  For the protocol identification
    information in the X.25 call, the BFE will use CC hex (11001100
    binary) to indicate that IP is the next higher level protocol. 
    When IP is not used on the network interface, the value C5 hex
    (11000101 binary) is used to indicate that the next layer of
    protocol is the encryption layer.  IP is only used on the black
    side of the BFE when the connection will have to pass through a
    gateway on the black network.

    3.3.6  Call Request:  The BFE supports INCOMING CALL and CALL
    REQUEST packets that specify either a logical or physical address. 
    However, it has no capability to issue declarative CALL REQUEST
    packets which add or delete logical names.


    3.4     INTERNET PROTOCOL (IP) FEATURES

    3.4.1  The BFE will send IP datagrams of up to 1024 bytes.

    3.4.2  IP Header:  The BFE may include or omit an IP header on the
    network side when sending various types of datagrams.  These
    datagrams will be marked in accordance with section 3.3.5.  The BFE
    will use an IP header when sending datagrams through a gateway on
    the black network, or when sending traffic that is not encrypted
    (e.g., ICMP ECHO REPLIES to a black network host).

    3.4.3  IP Address:  The BFE takes the DDN-RVN address (2.3.10) and
    generates the Black IP address via a table lookup.  This table in
    the BFE contains address translations for the BFE's domain, and
    some interdomain BFE address translation information.  This table
    is normally maintained by the Access Control Center (ACC) for the
    BFE.  However, information for this table may also be provided by
    the host when the BFE is in Emergency mode (2.3.17.3).

    3.4.4  X.25 Address:  The Black X.25 network address is generated
    from the Black IP address via the algorithm defined for DDN.  The
    BFE will support the full DDN address translation algorithm for
    both physical and logical addresses.


    3.5    INTERNET CONTROL MESSAGE PROTOCOL (ICMP) FEATURES

    3.5.1  The BFE will be capable of receiving all ICMP message types
    and of generating at least ECHO REPLY, PARAMETER PROBLEM, and
    DESTINATION UNREACHABLE messages.






    Page 3-4






                                                       March 21, 1989

    A.     Initial DDN Sensitivity Labels

    Hierarchical Levels

       Value      Code       Name
         7      0000 0001    (undefined)
         6      0011 1101    TOP SECRET
         5      0101 1010    SECRET
         4      1001 0110    CONFIDENTIAL
         3      0110 0110    (undefined)
         2      1100 1100    (undefined)
         1      1010 1011    Unclassified
         0      1111 0001    (undefined)

    Non-Hierarchical Compartments

       Value    Option Type    *Bit number     Name
         0         BASIC            0          GENSER
         1         BASIC            1          SIOP-ESI
         2         BASIC            2          SCI
         3         BASIC            3          NSA
       4 - 15   (undefined)    (undefined)     (undefined)

    *numbered from left to right



























                                                               Page A-1






                                                       March 21, 1989

    B.     REFERENCES

       1. "DEFENSE DATA NETWORK X.25 HOST INTERFACE SPECIFICATION",
    DCA, DECEMBER 1983, available from the Defense Technical
    Information Center, Cameron Station, Alexandria Va 22314, (202)
    274-7633, order number AD-A137 427.

       2. EIA STANDARD RS-449, NOVEMBER 1977, available from The
    Electronic Industries Association, 2001 Eye Street, N.W.,
    Washington, DC 20006.

       3. MILITARY STANDARD 188-114, MARCH 1976, available from the
    Naval Publications and Forms Center, 5801 Tabor Avenue,
    Philadelphia, PA 19120.

       4. "INTERFACE BETWEEN DATA TERMINAL EQUIPMENT (DTE) AND DATA
    CIRCUIT TERMINATING EQUIPMENT (DCE) FOR TERMINALS OPERATING IN THE
    PACKET MODE ON PUBLIC DATA NETWORKS", RECOMMENDATION X.25, CCITT,
    1980, available from the National Technical Information Center,
    U.S.Department of Commerce, Springfield, VA 22161, order number
    PB82-187766.

       5. "INTERFACE BETWEEN DATA TERMINAL EQUIPMENT (DTE) AND DATA
    CIRCUIT TERMINATING EQUIPMENT (DCE) FOR OPERATIONS WITH PACKET-
    SWITCHED DATA COMMUNICATION NETWORKS", FED-STD 1041; FIPS PUB 100,
    6 JULY 1983, also available from the National Technical Information
    Center, U.S.Department of Commerce, Springfield, VA 22161.

       6.  "WD2512 X.25 PACKET NETWORK INTERFACE (LAPB)", WESTERN
    DIGITAL CORP., SEPT. 1988 (PRELIMINARY), APRIL 1989 (FINAL),
    available from Western Digital, 2445 McCabe Way, Irvine CA 92714,
    (714) 474-2033.

       7.  "REVISED INTERNET PROTOCOL SECURITY OPTION", Department of
    Defense, to be issued, (change 1 to MIL STD Internet Protocol / MIL
    STD 1777, 12 Aug 1983), available from the Naval Publications and
    Forms Center, 5801 Tabor Avenue, Philadelphia, PA 19120.














                                                               Page B-1






                                                       March 21, 1989

    C.     BLACKER Generated Diagnostic Codes

    Diagnostic Code                                         Value

    No additional information                                   0
      Invalid P(S)                                              1
      Invalid P(R)                                              2

    Packet type invalid                                         -
      for state r1                                             17
      for state r3                                             19
      for state p1                                             20
      for state p3                                             22
      for state p7                                             26
      for state d1                                             27
      for state d3                                             29

    Packet not allowed                                         32
      Packet too short                                         38
      Packet too long                                          39
      Restart with nonzero LCGN and LCN                        41

    Timer expired                                              48
      for incoming call                                        49
      for clear indication                                     50
      for reset indication                                     51
      for restart indication                                   52

    Call set-up problem                                        64
      Facility code not allowed                                65
      Facility parameter not allowed                           66
      Invalid called address                                   67
      Invalid calling address                                  68
      Invalid facility length                                  69

    Local PSN Unavailable                                     128
    Network side interface came up                            130
    Remote BFE dead                                           131
    Local resources not available                             133
    Remote resources not available                            134
    Remote host (or red gateway) unavailable                  136
    Remote PSN (or black gateway) unavailable                 137
    Calling logical address not enabled                       141
    Calling logical name incorrect for this DTE               142
    Called logical name not authorized                        143
    Called logical name not enabled                           144
    Called logical name has no DTEs                           145




                                                               Page C-1






                                                       March 21, 1989

    Diagnostic Code                                         Value

    Logical addressing invalid for the Black network          146
    Standard Service not requested (see 2.3.4)                155
    Invalid protocol identification (see 2.3.5)               156
    Cleared due to higher precedence call                     192
    Requested precedence too high                             194
    Entering Emergency Mode (see 2.3.17)                      224
    Leaving Emergency Mode (see 2.3.17)                       225
    Emergency Mode Window Open (see 2.3.17)                   226
    Address translation needed (see 2.3.17)                   227
    Emergency Mode Window Open but not in
         Emergency Mode (see 2.3.17)                          228






    Diagnostic Code 0 will be sent in:

    - a CLEAR INDICATION when

        - more than 32 calls have unfinished packet sequences.
        - a multilevel host uses the M bit.
        - BFE table resources are at full capacity.
        - a logical channel idle timer expires.
        - the host sends a non-zero CLEAR REQUEST code.

    - a RESET INDICATION when

        - a packet reassembly timer expires.
        - the host sends a non-zero RESET REQUEST code.


















    Page C-2