| draft-ietf-bfd-seamless-base-02.txt | draft-ietf-bfd-seamless-base-03.txt | |||
|---|---|---|---|---|
| Internet Engineering Task Force N. Akiya | Internet Engineering Task Force N. Akiya | |||
| Internet-Draft C. Pignataro | Internet-Draft C. Pignataro | |||
| Updates: 5880 (if approved) D. Ward | Updates: 5880 (if approved) D. Ward | |||
| Intended status: Standards Track Cisco Systems | Intended status: Standards Track Cisco Systems | |||
| Expires: February 2, 2015 M. Bhatia | Expires: February 24, 2015 M. Bhatia | |||
| Ionos Networks | Ionos Networks | |||
| P. K. Santosh | S. Pallagatti | |||
| Juniper Networks | Juniper Networks | |||
| August 1, 2014 | August 23, 2014 | |||
| Seamless Bidirectional Forwarding Detection (S-BFD) | Seamless Bidirectional Forwarding Detection (S-BFD) | |||
| draft-ietf-bfd-seamless-base-02 | draft-ietf-bfd-seamless-base-03 | |||
| Abstract | Abstract | |||
| This document defines a simplified mechanism to use Bidirectional | This document defines a simplified mechanism to use Bidirectional | |||
| Forwarding Detection (BFD) with large portions of negotiation aspects | Forwarding Detection (BFD) with large portions of negotiation aspects | |||
| eliminated, thus providing benefits such as quick provisioning as | eliminated, thus providing benefits such as quick provisioning as | |||
| well as improved control and flexibility to network nodes initiating | well as improved control and flexibility to network nodes initiating | |||
| the path monitoring. | the path monitoring. | |||
| This document updates RFC5880. | This document updates RFC5880. | |||
| skipping to change at page 1, line 47 | skipping to change at page 1, line 47 | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on February 2, 2015. | This Internet-Draft will expire on February 24, 2015. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2014 IETF Trust and the persons identified as the | Copyright (c) 2014 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 2, line 26 | skipping to change at page 2, line 26 | |||
| include Simplified BSD License text as described in Section 4.e of | include Simplified BSD License text as described in Section 4.e of | |||
| the Trust Legal Provisions and are provided without warranty as | the Trust Legal Provisions and are provided without warranty as | |||
| described in the Simplified BSD License. | described in the Simplified BSD License. | |||
| Table of Contents | Table of Contents | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 | 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 | |||
| 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 | 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 | |||
| 3. Seamless BFD Overview . . . . . . . . . . . . . . . . . . . . 4 | 3. Seamless BFD Overview . . . . . . . . . . . . . . . . . . . . 4 | |||
| 4. S-BFD Discriminators . . . . . . . . . . . . . . . . . . . . 5 | 4. S-BFD Discriminators . . . . . . . . . . . . . . . . . . . . 5 | |||
| 4.1. Discriminator Pools . . . . . . . . . . . . . . . . . . . 5 | 4.1. S-BFD Discriminator Uniqueness . . . . . . . . . . . . . 5 | |||
| 4.2. S-BFD Discriminator Uniqueness . . . . . . . . . . . . . 6 | 4.2. Discriminator Pools . . . . . . . . . . . . . . . . . . . 6 | |||
| 5. Reflector BFD Session . . . . . . . . . . . . . . . . . . . . 7 | 5. Reflector BFD Session . . . . . . . . . . . . . . . . . . . . 7 | |||
| 6. State Variables . . . . . . . . . . . . . . . . . . . . . . . 7 | 6. State Variables . . . . . . . . . . . . . . . . . . . . . . . 7 | |||
| 6.1. New State Variables . . . . . . . . . . . . . . . . . . . 7 | 6.1. New State Variables . . . . . . . . . . . . . . . . . . . 7 | |||
| 6.2. State Variable Initialization and Maintenance . . . . . . 8 | 6.2. State Variable Initialization and Maintenance . . . . . . 8 | |||
| 7. S-BFD Procedures . . . . . . . . . . . . . . . . . . . . . . 8 | 7. S-BFD Procedures . . . . . . . . . . . . . . . . . . . . . . 8 | |||
| 7.1. S-BFD Packet Demultiplexing . . . . . . . . . . . . . . . 8 | 7.1. S-BFD Control Packet Demultiplexing . . . . . . . . . . . 8 | |||
| 7.2. Initiator Procedures . . . . . . . . . . . . . . . . . . 8 | 7.2. Initiator Procedures . . . . . . . . . . . . . . . . . . 8 | |||
| 7.2.1. SBFDInitiator State Machine . . . . . . . . . . . . . 9 | 7.2.1. SBFDInitiator State Machine . . . . . . . . . . . . . 9 | |||
| 7.2.2. Details of S-BFD Packet Sent by SBFDInitiator . . . . 10 | 7.2.2. Details of S-BFD Control Packet Sent by SBFDInitiator 10 | |||
| 7.3. Responder Procedures . . . . . . . . . . . . . . . . . . 10 | 7.3. Responder Procedures . . . . . . . . . . . . . . . . . . 10 | |||
| 7.3.1. Responder Demultiplexing . . . . . . . . . . . . . . 10 | 7.3.1. Responder Demultiplexing . . . . . . . . . . . . . . 11 | |||
| 7.3.2. Details of S-BFD Packet Sent by SBFDReflector . . . . 11 | 7.3.2. Details of S-BFD Control Packet Sent by SBFDReflector 11 | |||
| 7.4. Diagnostic Values . . . . . . . . . . . . . . . . . . . . 11 | 7.4. Diagnostic Values . . . . . . . . . . . . . . . . . . . . 11 | |||
| 7.5. The Poll Sequence . . . . . . . . . . . . . . . . . . . . 11 | 7.5. The Poll Sequence . . . . . . . . . . . . . . . . . . . . 11 | |||
| 7.6. Control Plane Independent (C) . . . . . . . . . . . . . . 11 | 7.6. Control Plane Independent (C) . . . . . . . . . . . . . . 12 | |||
| 7.7. Additional SBFDInitiator Behaviors . . . . . . . . . . . 12 | 7.7. Additional SBFDInitiator Behaviors . . . . . . . . . . . 12 | |||
| 7.8. Additional SBFDReflector Behaviors . . . . . . . . . . . 12 | 7.8. Additional SBFDReflector Behaviors . . . . . . . . . . . 12 | |||
| 8. Scaling Aspect . . . . . . . . . . . . . . . . . . . . . . . 13 | 8. Scaling Aspect . . . . . . . . . . . . . . . . . . . . . . . 13 | |||
| 9. Co-existence with Classical BFD Sessions . . . . . . . . . . 13 | 9. Co-existence with Classical BFD Sessions . . . . . . . . . . 13 | |||
| 10. S-BFD Echo Function . . . . . . . . . . . . . . . . . . . . . 13 | 10. S-BFD Echo Function . . . . . . . . . . . . . . . . . . . . . 13 | |||
| 11. Security Considerations . . . . . . . . . . . . . . . . . . . 14 | 11. Security Considerations . . . . . . . . . . . . . . . . . . . 14 | |||
| 12. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 15 | 12. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 15 | |||
| 13. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 15 | 13. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 15 | |||
| 14. Contributing Authors . . . . . . . . . . . . . . . . . . . . 15 | 14. Contributing Authors . . . . . . . . . . . . . . . . . . . . 15 | |||
| 15. References . . . . . . . . . . . . . . . . . . . . . . . . . 16 | 15. References . . . . . . . . . . . . . . . . . . . . . . . . . 16 | |||
| 15.1. Normative References . . . . . . . . . . . . . . . . . . 16 | 15.1. Normative References . . . . . . . . . . . . . . . . . . 16 | |||
| 15.2. Informative References . . . . . . . . . . . . . . . . . 16 | 15.2. Informative References . . . . . . . . . . . . . . . . . 16 | |||
| Appendix A. Loop Problem . . . . . . . . . . . . . . . . . . . . 16 | Appendix A. Loop Problem . . . . . . . . . . . . . . . . . . . . 17 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 18 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 18 | |||
| 1. Introduction | 1. Introduction | |||
| Bidirectional Forwarding Detection (BFD), [RFC5880] and related | Bidirectional Forwarding Detection (BFD), [RFC5880] and related | |||
| documents, has efficiently generalized the failure detection | documents, has efficiently generalized the failure detection | |||
| mechanism for multiple protocols and applications. There are some | mechanism for multiple protocols and applications. There are some | |||
| improvements which can be made to better fit existing technologies. | improvements which can be made to better fit existing technologies. | |||
| There is a possibility of evolving BFD to better fit new | There is a possibility of evolving BFD to better fit new | |||
| technologies. This document focuses on several aspects of BFD in | technologies. This document focuses on several aspects of BFD in | |||
| skipping to change at page 3, line 40 | skipping to change at page 3, line 40 | |||
| 2. Terminology | 2. Terminology | |||
| The reader is expected to be familiar with the BFD, IP and MPLS | The reader is expected to be familiar with the BFD, IP and MPLS | |||
| terminologies and protocol constructs. This section describes | terminologies and protocol constructs. This section describes | |||
| several new terminologies introduced by S-BFD. | several new terminologies introduced by S-BFD. | |||
| o Classical BFD - BFD session types based on [RFC5880]. | o Classical BFD - BFD session types based on [RFC5880]. | |||
| o S-BFD - Seamless BFD. | o S-BFD - Seamless BFD. | |||
| o S-BFD packet - a BFD control packet destined to or sourced from | o S-BFD control packet - a BFD control packet for the S-BFD | |||
| the well-known S-BFD port. | mechanism. | |||
| o S-BFD echo packet - a BFD echo packet for the S-BFD mechanism. | ||||
| o S-BFD packet - a BFD control packet or a BFD echo packet. | ||||
| o Entity - a function on a network node that S-BFD mechanism allows | o Entity - a function on a network node that S-BFD mechanism allows | |||
| remote network nodes to perform continuity test to. An entity can | remote network nodes to perform continuity test to. An entity can | |||
| be abstract (ex: reachability) or specific (ex: IP addresses, | be abstract (ex: reachability) or specific (ex: IP addresses, | |||
| router-IDs, functions). | router-IDs, functions). | |||
| o SBFDInitiator - an S-BFD session on a network node that performs a | o SBFDInitiator - an S-BFD session on a network node that performs a | |||
| continuity test to a remote entity by sending S-BFD packets. | continuity test to a remote entity by sending S-BFD packets. | |||
| o SBFDReflector - an S-BFD session on a network node that listens | o SBFDReflector - an S-BFD session on a network node that listens | |||
| for incoming S-BFD packets to local entities and generates | for incoming S-BFD control packets to local entities and generates | |||
| response S-BFD packets. | response S-BFD control packets. | |||
| o Reflector BFD session - synonymous with SBFDReflector. | o Reflector BFD session - synonymous with SBFDReflector. | |||
| o S-BFD discriminator - a BFD discriminator allocated for a local | o S-BFD discriminator - a BFD discriminator allocated for a local | |||
| entity and is being listened by an SBFDReflector. | entity and is being listened by an SBFDReflector. | |||
| o BFD discriminator - a BFD discriminator allocated for an | o BFD discriminator - a BFD discriminator allocated for an | |||
| SBFDInitiator. | SBFDInitiator. | |||
| o Initiator - a network node hosting an SBFDInitiator. | o Initiator - a network node hosting an SBFDInitiator. | |||
| o Responder - a network node hosting an SBFDReflector. | o Responder - a network node hosting an SBFDReflector. | |||
| Below figure describes the relationship between S-BFD terminologies. | Below figure describes the relationship between S-BFD terminologies. | |||
| +---------------------+ +---------------------+ | +---------------------+ +------------------------+ | |||
| | Initiator | | Responder | | | Initiator | | Responder | | |||
| | +-----------------+ | | +-----------------+ | | | +-----------------+ | | +-----------------+ | | |||
| | | SBFDInitiator |--- S-BFD packet -->| SBFDReflector | | | | | SBFDInitiator |---S-BFD ctrl pkt----->| SBFDReflector | | | |||
| | | +-------------+ | | | | +-------------+ | | | | | +-------------+ |<--S-BFD ctrl pkt------| +-------------+ | | | |||
| | | | BFD discrim | | | | | |S-BFD discrim| | | | | | | BFD discrim | | | | | |S-BFD discrim| | | | |||
| | | +-------------+ |<-- S-BFD packet ---| +----------^--+ | | | | | | | |---S-BFD echo pkt---+ | | | | | | |||
| | +-----------------+ | | +------------|----+ | | | | +-------------+ | | | | | +----------^--+ | | | |||
| | | | | | | | +-----------------+<-------------------+ +------------|----+ | | |||
| | | | +---v----+ | | | | | | | | |||
| | | | | Entity | | | | | | +---v----+ | | |||
| | | | +--------+ | | | | | | Entity | | | |||
| +---------------------+ +---------------------+ | | | | +--------+ | | |||
| +---------------------+ +------------------------+ | ||||
| Figure 1: S-BFD Terminology Relationship | Figure 1: S-BFD Terminology Relationship | |||
| 3. Seamless BFD Overview | 3. Seamless BFD Overview | |||
| An S-BFD module on each network node allocates one or more S-BFD | An S-BFD module on each network node allocates one or more S-BFD | |||
| discriminators for local entities, and creates a reflector BFD | discriminators for local entities, and creates a reflector BFD | |||
| session. Allocated S-BFD discriminators may be advertised by | session. Allocated S-BFD discriminators may be advertised by | |||
| applications (ex: OSPF/IS-IS). Required result is that applications, | applications (ex: OSPF/IS-IS). Required result is that applications, | |||
| on other network nodes, possess the knowledge of the mapping from | on other network nodes, possess the knowledge of the mapping from | |||
| remote entities to S-BFD discriminators. The reflector BFD session | remote entities to S-BFD discriminators. The reflector BFD session | |||
| is to, upon receiving an S-BFD packet targeted to one of local S-BFD | is to, upon receiving an S-BFD control packet targeted to one of | |||
| discriminator values, transmit a response S-BFD packet back to the | local S-BFD discriminator values, transmit a response S-BFD control | |||
| initiator. | packet back to the initiator. | |||
| Once above setup is complete, any network nodes, having the knowledge | Once above setup is complete, any network nodes, having the knowledge | |||
| of the mapping from a remote entity to an S-BFD discriminator, can | of the mapping from a remote entity to an S-BFD discriminator, can | |||
| quickly perform a continuity test to the remote entity by simply | quickly perform a continuity test to the remote entity by simply | |||
| sending S-BFD packets with corresponding S-BFD discriminator value in | sending S-BFD control packets with corresponding S-BFD discriminator | |||
| the "your discriminator" field. | value in the "your discriminator" field. | |||
| For example: | For example: | |||
| <------- IS-IS Network -------> | <------- IS-IS Network -------> | |||
| +---------+ | +---------+ | |||
| | | | | | | |||
| A---------B---------C---------D | A---------B---------C---------D | |||
| ^ ^ | ^ ^ | |||
| | | | | | | |||
| skipping to change at page 5, line 30 | skipping to change at page 5, line 35 | |||
| 123 456 | 123 456 | |||
| Figure 2: S-BFD for IS-IS Network | Figure 2: S-BFD for IS-IS Network | |||
| The IS-IS with SystemID xxx (node A) allocates an S-BFD discriminator | The IS-IS with SystemID xxx (node A) allocates an S-BFD discriminator | |||
| 123, and advertises the S-BFD discriminator 123 in an IS-IS TLV. The | 123, and advertises the S-BFD discriminator 123 in an IS-IS TLV. The | |||
| IS-IS with SystemID yyy (node D) allocates an S-BFD discriminator | IS-IS with SystemID yyy (node D) allocates an S-BFD discriminator | |||
| 456, and advertises the S-BFD discriminator 456 in an IS-IS TLV. A | 456, and advertises the S-BFD discriminator 456 in an IS-IS TLV. A | |||
| reflector BFD session is created on both network nodes (node A and | reflector BFD session is created on both network nodes (node A and | |||
| node D). When network node A wants to check the reachability to | node D). When network node A wants to check the reachability to | |||
| network node D, node A can send an S-BFD packet, destined to node D, | network node D, node A can send an S-BFD control packet, destined to | |||
| with "your discriminator" field set to 456. When the reflector BFD | node D, with "your discriminator" field set to 456. When the | |||
| session on node D receives this S-BFD packet, then response S-BFD | reflector BFD session on node D receives this S-BFD control packet, | |||
| packet is sent back to node A, which allows node A to complete the | then response S-BFD control packet is sent back to node A, which | |||
| continuity test. | allows node A to complete the continuity test. | |||
| 4. S-BFD Discriminators | 4. S-BFD Discriminators | |||
| 4.1. Discriminator Pools | 4.1. S-BFD Discriminator Uniqueness | |||
| This document defines following suggestions for discriminator | One important characteristics of an S-BFD discriminator is that it | |||
| management on SBFDInitiator and SBFDReflector sessions, to minimize | MUST be unique within an administrative domain. If multiple network | |||
| the collision between required S-BFD discriminators on a local | nodes allocated a same S-BFD discriminator value, then S-BFD control | |||
| device. | packets falsely terminating on a wrong network node can result in a | |||
| reflector BFD session to generate a response back, due to "your | ||||
| discriminator" matching. This is clearly not desirable. If only IP | ||||
| based S-BFD is considered, then it is possible for the reflector BFD | ||||
| session to require demultiplexing of incoming S-BFD control packets | ||||
| with combination of destination IP address and "your discriminator". | ||||
| Then S-BFD discriminator only has to be unique within a local node. | ||||
| However, S-BFD is a generic mechanism defined to run on wide range of | ||||
| environments: IP, MPLS, etc. For other transports like MPLS, because | ||||
| of the need to use non-routable IP destination address, it is not | ||||
| possible for reflector BFD session to demultiplex using IP | ||||
| destination address. With PHP, there may not be any incoming label | ||||
| stack to aid in demultiplexing either. Thus, S-BFD imposes a | ||||
| requirement that S-BFD discriminators MUST be unique within an | ||||
| administrative domain. | ||||
| 4.2. Discriminator Pools | ||||
| This subsection describes a discriminator pool implementation | ||||
| technique to minimize S-BFD discriminator collisions. The result | ||||
| will allow an implementation to better satisfy the S-BFD | ||||
| discriminator uniqueness requirement defined in Section 4.1. | ||||
| o SBFDInitiator is to allocate a discriminator from the BFD | o SBFDInitiator is to allocate a discriminator from the BFD | |||
| discriminator pool. If the system also supports classical BFD | discriminator pool. If the system also supports classical BFD | |||
| that runs on [RFC5880], then the BFD discriminator pool SHOULD be | that runs on [RFC5880], then the BFD discriminator pool SHOULD be | |||
| shared by SBFDInitiator sessions and classical BFD sessions. | shared by SBFDInitiator sessions and classical BFD sessions. | |||
| o SBFDReflector is to allocate a discriminator from the S-BFD | o SBFDReflector is to allocate a discriminator from the S-BFD | |||
| discriminator pool. The S-BFD discriminator pool SHOULD be a | discriminator pool. The S-BFD discriminator pool SHOULD be a | |||
| separate pool than the BFD discriminator pool. | separate pool than the BFD discriminator pool. | |||
| skipping to change at page 6, line 31 | skipping to change at page 7, line 7 | |||
| Even when following the separate discriminator pool approach, | Even when following the separate discriminator pool approach, | |||
| collision is still possible between one S-BFD application to another | collision is still possible between one S-BFD application to another | |||
| S-BFD application, that may be using different values and algorithms | S-BFD application, that may be using different values and algorithms | |||
| to derive S-BFD discriminator values. If the two applications are | to derive S-BFD discriminator values. If the two applications are | |||
| using S-BFD for a same purpose (ex: network reachability), then the | using S-BFD for a same purpose (ex: network reachability), then the | |||
| colliding S-BFD discriminator value can be shared. If the two | colliding S-BFD discriminator value can be shared. If the two | |||
| applications are using S-BFD for a different purpose, then the | applications are using S-BFD for a different purpose, then the | |||
| collision must be addressed. How such collisions are addressed is | collision must be addressed. How such collisions are addressed is | |||
| outside the scope of this document. | outside the scope of this document. | |||
| 4.2. S-BFD Discriminator Uniqueness | ||||
| One important characteristics of an S-BFD discriminator is that it | ||||
| MUST be unique within an administrative domain. If multiple network | ||||
| nodes allocated a same S-BFD discriminator value, then S-BFD packets | ||||
| falsely terminating on a wrong network node can result in a reflector | ||||
| BFD session to generate a response back, due to "your discriminator" | ||||
| matching. This is clearly not desirable. If only IP based S-BFD is | ||||
| considered, then it is possible for the reflector BFD session to | ||||
| require demultiplexing of incoming S-BFD packets with combination of | ||||
| destination IP address and "your discriminator". Then S-BFD | ||||
| discriminator only has to be unique within a local node. However, | ||||
| S-BFD is a generic mechanism defined to run on wide range of | ||||
| environments: IP, MPLS, etc. For other transports like MPLS, because | ||||
| of the need to use non-routable IP destination address, it is not | ||||
| possible for reflector BFD session to demultiplex using IP | ||||
| destination address. With PHP, there may not be any incoming label | ||||
| stack to aid in demultiplexing either. Thus, S-BFD imposes a | ||||
| requirement that S-BFD discriminators MUST be unique within an | ||||
| administrative domain. | ||||
| 5. Reflector BFD Session | 5. Reflector BFD Session | |||
| Each network node creates one or more reflector BFD sessions. This | Each network node creates one or more reflector BFD sessions. This | |||
| reflector BFD session is a session which transmits S-BFD packets in | reflector BFD session is a session which transmits S-BFD control | |||
| response to received S-BFD packets with "your discriminator" having | packets in response to received S-BFD control packets with "your | |||
| S-BFD discriminators allocated for local entities. Specifically, | discriminator" having S-BFD discriminators allocated for local | |||
| this reflector BFD session is to have following characteristics: | entities. Specifically, this reflector BFD session is to have | |||
| following characteristics: | ||||
| o MUST NOT transmit any S-BFD packets based on local timer expiry. | o MUST NOT transmit any S-BFD packets based on local timer expiry. | |||
| o MUST transmit an S-BFD packet in response to a received S-BFD | o MUST transmit an S-BFD control packet in response to a received | |||
| packet having a valid S-BFD discriminator in the "your | S-BFD control packet having a valid S-BFD discriminator in the | |||
| discriminator" field, unless prohibited by local policies (ex: | "your discriminator" field, unless prohibited by local policies | |||
| administrative, security, rate-limiter, etc). | (ex: administrative, security, rate-limiter, etc). | |||
| o MUST be capable of sending only two states: UP and ADMINDOWN. | o MUST be capable of sending only two states: UP and ADMINDOWN. | |||
| One reflector BFD session may be responsible for handling received | One reflector BFD session may be responsible for handling received | |||
| S-BFD packets targeted to all locally allocated S-BFD discriminators, | S-BFD control packets targeted to all locally allocated S-BFD | |||
| or few reflector BFD sessions may each be responsible for subset of | discriminators, or few reflector BFD sessions may each be responsible | |||
| locally allocated S-BFD discriminators. This policy is a local | for subset of locally allocated S-BFD discriminators. This policy is | |||
| matter, and is outside the scope of this document. | a local matter, and is outside the scope of this document. | |||
| Note that incoming S-BFD packets may be IPv4, IPv6 or MPLS based. | Note that incoming S-BFD control packets may be IPv4, IPv6 or MPLS | |||
| How such S-BFD packets reach an appropriate reflector BFD session is | based. How such S-BFD control packets reach an appropriate reflector | |||
| also a local matter, and is outside the scope of this document. | BFD session is also a local matter, and is outside the scope of this | |||
| document. | ||||
| 6. State Variables | 6. State Variables | |||
| S-BFD introduces new state variables, and modifies the usage of | S-BFD introduces new state variables, and modifies the usage of | |||
| existing ones. | existing ones. | |||
| 6.1. New State Variables | 6.1. New State Variables | |||
| A new state variable is added to the base specification in support of | A new state variable is added to the base specification in support of | |||
| S-BFD. | S-BFD. | |||
| o bfd.SessionType: The type of this session. Allowable values are: | o bfd.SessionType: This is a variable introduced by | |||
| [I-D.ietf-bfd-multipoint] and describes the type of this session. | ||||
| Allowable values for S-BFD sessions are: | ||||
| * SBFDInitiator - an S-BFD session on a network node that | * SBFDInitiator - an S-BFD session on a network node that | |||
| performs a continuity test to a target entity by sending S-BFD | performs a continuity test to a target entity by sending S-BFD | |||
| packets. | packets. | |||
| * SBFDReflector - an S-BFD session on a network node that listens | * SBFDReflector - an S-BFD session on a network node that listens | |||
| for incoming S-BFD packets to local entities and generates | for incoming S-BFD control packets to local entities and | |||
| response S-BFD packets. | generates response S-BFD control packets. | |||
| bfd.SessionType variable MUST be initialized to the appropriate type | bfd.SessionType variable MUST be initialized to the appropriate type | |||
| when an S-BFD session is created. | when an S-BFD session is created. | |||
| 6.2. State Variable Initialization and Maintenance | 6.2. State Variable Initialization and Maintenance | |||
| Some state variables defined in section 6.8.1 of the BFD base | Some state variables defined in section 6.8.1 of the BFD base | |||
| specification need to be initialized or manipulated differently | specification need to be initialized or manipulated differently | |||
| depending on the session type. | depending on the session type. | |||
| o bfd.DemandMode: This variable MUST be initialized to 1 for session | o bfd.DemandMode: This variable MUST be initialized to 1 for session | |||
| type SBFDInitiator, and MUST be initialized to 0 for session type | type SBFDInitiator, and MUST be initialized to 0 for session type | |||
| SBFDReflector. | SBFDReflector. | |||
| 7. S-BFD Procedures | 7. S-BFD Procedures | |||
| 7.1. S-BFD Packet Demultiplexing | 7.1. S-BFD Control Packet Demultiplexing | |||
| Received BFD control packet MUST first be demultiplexed with | Received BFD control packet MUST first be demultiplexed with | |||
| information from the lower layer (ex: destination UDP port, | information from the lower layer (ex: destination UDP port, | |||
| associated channel type). If the packet is determined to be for an | associated channel type). If the packet is determined to be for an | |||
| SBFDReflector, then the packet MUST be looked up to locate a | SBFDReflector, then the packet MUST be looked up to locate a | |||
| corresponding SBFDReflector session based on the value from the "your | corresponding SBFDReflector session based on the value from the "your | |||
| discriminator" field in the table describing S-BFD discriminators. | discriminator" field in the table describing S-BFD discriminators. | |||
| If the packet is determined not to be for SBFDReflector, then the | If the packet is determined not to be for SBFDReflector, then the | |||
| packet MUST be looked up to locate a corresponding SBFDInitiator | packet MUST be looked up to locate a corresponding SBFDInitiator | |||
| session or classical BFD session based on the value from the "your | session or classical BFD session based on the value from the "your | |||
| discriminator" field in the table describing BFD discriminators. If | discriminator" field in the table describing BFD discriminators. If | |||
| the located session is a SBFDInitiator, then destination of the | the located session is a SBFDInitiator, then destination of the | |||
| packet (i.e. destination IP address) SHOULD be validated to be for | packet (i.e. destination IP address) SHOULD be validated to be for | |||
| self. | self. | |||
| Details of the initial BFD control packet demultiplexing are | Details of the initial BFD control packet demultiplexing are | |||
| described in relevant S-BFD data plane documents. | described in relevant S-BFD data plane documents. | |||
| 7.2. Initiator Procedures | 7.2. Initiator Procedures | |||
| S-BFD packets transmitted by an SBFDInitiator MUST set "your | S-BFD control packets transmitted by an SBFDInitiator MUST set "your | |||
| discriminator" field to an S-BFD discriminator corresponding to the | discriminator" field to an S-BFD discriminator corresponding to the | |||
| remote entity. | remote entity. | |||
| Every SBFDInitiator MUST have a locally unique "my discriminator" | Every SBFDInitiator MUST have a locally unique "my discriminator" | |||
| allocated from the BFD discriminator pool. | allocated from the BFD discriminator pool. | |||
| Below ASCII art describes high level concept of continuity test using | Below ASCII art describes high level concept of continuity test using | |||
| S-BFD. R2 allocates XX as the S-BFD discriminator for its network | S-BFD. R2 allocates XX as the S-BFD discriminator for its network | |||
| reachability purpose, and advertises XX to neighbors. ASCII art | reachability purpose, and advertises XX to neighbors. ASCII art | |||
| shows R1 and R4 performing a continuity test to R2. | shows R1 and R4 performing a continuity test to R2. | |||
| skipping to change at page 9, line 19 | skipping to change at page 9, line 27 | |||
| |v | v | |v | v | |||
| R1 ==================== R2[*] ========= R3 ========= R4 | R1 ==================== R2[*] ========= R3 ========= R4 | |||
| | ^ |^ | | ^ |^ | |||
| | | || | | | || | |||
| | +-- md=60/yd=XX (ping) --+| | | +-- md=60/yd=XX (ping) --+| | |||
| | | | | | | |||
| +---- md=XX/yd=60 (pong) ---+ | +---- md=XX/yd=60 (pong) ---+ | |||
| [*] Reflector BFD session on R2. | [*] Reflector BFD session on R2. | |||
| === Links connecting network nodes. | === Links connecting network nodes. | |||
| --- S-BFD packet traversal. | --- S-BFD control packet traversal. | |||
| Figure 3: S-BFD Continuity Test | Figure 3: S-BFD Continuity Test | |||
| 7.2.1. SBFDInitiator State Machine | 7.2.1. SBFDInitiator State Machine | |||
| An SBFDInitiator may be a persistent session on the initiator with a | An SBFDInitiator may be a persistent session on the initiator with a | |||
| timer for S-BFD packet transmissions (stateful SBFDInitiator). An | timer for S-BFD control packet transmissions (stateful | |||
| SBFDInitiator may also be a module, a script or a tool on the | SBFDInitiator). An SBFDInitiator may also be a module, a script or a | |||
| initiator that transmits one or more S-BFD packets "when needed" | tool on the initiator that transmits one or more S-BFD control | |||
| (stateless SBFDInitiator). For stateless SBFDInitiators, a complete | packets "when needed" (stateless SBFDInitiator). For stateless | |||
| BFD state machine may not be applicable. For stateful | SBFDInitiators, a complete BFD state machine may not be applicable. | |||
| SBFDInitiators, the states and the state machine described in | For stateful SBFDInitiators, the states and the state machine | |||
| [RFC5880] will not function due to SBFDReflector session only sending | described in [RFC5880] will not function due to SBFDReflector session | |||
| UP and ADMINDOWN states (i.e. SBFDReflector session does not send | only sending UP and ADMINDOWN states (i.e. SBFDReflector session | |||
| INIT state). The following diagram provides the RECOMMENDED state | does not send INIT state). The following diagram provides the | |||
| machine for stateful SBFDInitiators. The notation on each arc | RECOMMENDED state machine for stateful SBFDInitiators. The notation | |||
| represents the state of the SBFDInitiator (as received in the State | on each arc represents the state of the SBFDInitiator (as received in | |||
| field in the S-BFD packet) or indicates the expiration of the | the State field in the S-BFD control packet) or indicates the | |||
| Detection Timer. | expiration of the Detection Timer. | |||
| +--+ | +--+ | |||
| ADMIN DOWN, | | | ADMIN DOWN, | | | |||
| TIMER | V | TIMER | V | |||
| +------+ UP +------+ | +------+ UP +------+ | |||
| | |-------------------->| |----+ | | |-------------------->| |----+ | |||
| | DOWN | | UP | | UP | | DOWN | | UP | | UP | |||
| | |<--------------------| |<---+ | | |<--------------------| |<---+ | |||
| +------+ ADMIN DOWN, +------+ | +------+ ADMIN DOWN, +------+ | |||
| TIMER | TIMER | |||
| skipping to change at page 10, line 13 | skipping to change at page 10, line 25 | |||
| Figure 4: SBFDInitiator FSM | Figure 4: SBFDInitiator FSM | |||
| Note that the above state machine is different from the base BFD | Note that the above state machine is different from the base BFD | |||
| specification[RFC5880]. This is because the INIT state is no longer | specification[RFC5880]. This is because the INIT state is no longer | |||
| applicable for the SBFDInitiator. Another important difference is | applicable for the SBFDInitiator. Another important difference is | |||
| the transition of the state machine from the DOWN state to the UP | the transition of the state machine from the DOWN state to the UP | |||
| state when a packet with State UP is received by the SBFDInitiator. | state when a packet with State UP is received by the SBFDInitiator. | |||
| The definitions of the states and the events have the same meaning as | The definitions of the states and the events have the same meaning as | |||
| in the base BFD specification [RFC5880]. | in the base BFD specification [RFC5880]. | |||
| 7.2.2. Details of S-BFD Packet Sent by SBFDInitiator | 7.2.2. Details of S-BFD Control Packet Sent by SBFDInitiator | |||
| S-BFD packets sent by an SBFDInitiator is to have following contents: | S-BFD control packets sent by an SBFDInitiator is to have following | |||
| contents: | ||||
| o "my discriminator" assigned by local node. | o "my discriminator" assigned by local node. | |||
| o "your discriminator" corresponding to a remote entity. | o "your discriminator" corresponding to a remote entity. | |||
| o "State" MUST be set to a value describing local state. | o "State" MUST be set to a value describing local state. | |||
| o "Desired Min TX Interval" MUST be set to a value describing local | o "Desired Min TX Interval" MUST be set to a value describing local | |||
| desired minimum transmit interval. | desired minimum transmit interval. | |||
| o "Required Min RX Interval" MUST be zero. | o "Required Min RX Interval" MUST be zero. | |||
| o "Required Min Echo RX Interval" SHOULD be zero. | o "Required Min Echo RX Interval" SHOULD be zero. | |||
| o "Detection Multiplier" MUST be set to a value describing locally | o "Detection Multiplier" MUST be set to a value describing locally | |||
| used multiplier value. | used multiplier value. | |||
| o Demand (D) bit MUST be set. | o Demand (D) bit MUST be set. | |||
| 7.3. Responder Procedures | 7.3. Responder Procedures | |||
| A network node which receives S-BFD packets transmitted by an | A network node which receives S-BFD control packets transmitted by an | |||
| initiator is referred as responder. The responder, upon reception of | initiator is referred as responder. The responder, upon reception of | |||
| S-BFD packets, is to perform necessary relevant validations described | S-BFD control packets, is to perform necessary relevant validations | |||
| in [RFC5880], [RFC5881], [RFC5883], [RFC5884] and [RFC5885]. | described in [RFC5880], [RFC5881], [RFC5883], [RFC5884] and | |||
| [RFC5885]. | ||||
| 7.3.1. Responder Demultiplexing | 7.3.1. Responder Demultiplexing | |||
| When a responder receives an S-BFD packet, if the value in the "your | When a responder receives an S-BFD control packet, if the value in | |||
| discriminator" field is not one of S-BFD discriminators allocated for | the "your discriminator" field is not one of S-BFD discriminators | |||
| local entities, then this packet MUST NOT be considered for this | allocated for local entities, then this packet MUST NOT be considered | |||
| mechanism. If the value in the "your discriminator" field is one of | for this mechanism. If the value in the "your discriminator" field | |||
| S-BFD discriminators allocated for local entities, then the packet is | is one of S-BFD discriminators allocated for local entities, then the | |||
| determined to be handled by a reflector BFD session responsible for | packet is determined to be handled by a reflector BFD session | |||
| the S-BFD discriminator. If the packet was determined to be | responsible for the S-BFD discriminator. If the packet was | |||
| processed further for this mechanism, then chosen reflector BFD | determined to be processed further for this mechanism, then chosen | |||
| session is to transmit a response BFD control packet using procedures | reflector BFD session is to transmit a response BFD control packet | |||
| described in Section 7.3.2, unless prohibited by local policies (ex: | using procedures described in Section 7.3.2, unless prohibited by | |||
| administrative, security, rate-limiter, etc). | local policies (ex: administrative, security, rate-limiter, etc). | |||
| 7.3.2. Details of S-BFD Packet Sent by SBFDReflector | 7.3.2. Details of S-BFD Control Packet Sent by SBFDReflector | |||
| S-BFD packets sent by an SBFDReflector is to have following contents: | S-BFD control packets sent by an SBFDReflector is to have following | |||
| contents: | ||||
| o "my discriminator" MUST be copied from received "your | o "my discriminator" MUST be copied from received "your | |||
| discriminator". | discriminator". | |||
| o "your discriminator" MUST be copied from received "my | o "your discriminator" MUST be copied from received "my | |||
| discriminator". | discriminator". | |||
| o "State" MUST be UP or ADMINDOWN. Clarification of reflector BFD | o "State" MUST be UP or ADMINDOWN. Clarification of reflector BFD | |||
| session state is described in Section 7.8. | session state is described in Section 7.8. | |||
| o "Desired Min TX Interval" MUST be copied from received "Desired | o "Desired Min TX Interval" MUST be copied from received "Desired | |||
| Min TX Interval". | Min TX Interval". | |||
| o "Required Min RX Interval" MUST be set to a value describing how | o "Required Min RX Interval" MUST be set to a value describing how | |||
| skipping to change at page 11, line 35 | skipping to change at page 11, line 50 | |||
| 7.4. Diagnostic Values | 7.4. Diagnostic Values | |||
| Diagnostic value in both directions MAY be set to a certain value, to | Diagnostic value in both directions MAY be set to a certain value, to | |||
| attempt to communicate further information to both ends. However, | attempt to communicate further information to both ends. However, | |||
| details of such are outside the scope of this specification. | details of such are outside the scope of this specification. | |||
| 7.5. The Poll Sequence | 7.5. The Poll Sequence | |||
| Poll sequence MAY be used in both directions. The Poll sequence MUST | Poll sequence MAY be used in both directions. The Poll sequence MUST | |||
| operate in accordance with [RFC5880]. An SBFDReflector MAY use the | operate in accordance with [RFC5880]. An SBFDReflector MAY use the | |||
| Poll sequence to slow down that rate at which S-BFD packets are | Poll sequence to slow down that rate at which S-BFD control packets | |||
| generated from an SBFDInitiator. This is done by the SBFDReflector | are generated from an SBFDInitiator. This is done by the | |||
| using procedures described in Section 7.8 and setting the Poll (P) | SBFDReflector using procedures described in Section 7.8 and setting | |||
| bit in the reflected S-BFD packet. The SBFDInitiator is to then send | the Poll (P) bit in the reflected S-BFD control packet. The | |||
| the next S-BFD packet with the Final (F) bit set. If an | SBFDInitiator is to then send the next S-BFD control packet with the | |||
| SBFDReflector receives an S-BFD packet with Poll (P) bit set, then | Final (F) bit set. If an SBFDReflector receives an S-BFD control | |||
| the SBFDReflector MUST respond with an S-BFD packet with Poll (P) bit | packet with Poll (P) bit set, then the SBFDReflector MUST respond | |||
| cleared and Final (F) bit set. | with an S-BFD control packet with Poll (P) bit cleared and Final (F) | |||
| bit set. | ||||
| 7.6. Control Plane Independent (C) | 7.6. Control Plane Independent (C) | |||
| Control plane independent (C) bit for an SBFDInitiator sending S-BFD | Control plane independent (C) bit for an SBFDInitiator sending S-BFD | |||
| packets to a reflector BFD session MUST work according to [RFC5880]. | control packets to a reflector BFD session MUST work according to | |||
| Reflector BFD session also MUST work according to [RFC5880]. | [RFC5880]. Reflector BFD session also MUST work according to | |||
| Specifically, if reflector BFD session implementation does not share | [RFC5880]. Specifically, if reflector BFD session implementation | |||
| fate with control plane, then response S-BFD packets transmitted MUST | does not share fate with control plane, then response S-BFD control | |||
| have control plane independent (C) bit set. If reflector BFD session | packets transmitted MUST have control plane independent (C) bit set. | |||
| implementation shares fate with control plane, then response S-BFD | If reflector BFD session implementation shares fate with control | |||
| packets transmitted MUST NOT have control plane independent (C) bit | plane, then response S-BFD control packets transmitted MUST NOT have | |||
| set. | control plane independent (C) bit set. | |||
| 7.7. Additional SBFDInitiator Behaviors | 7.7. Additional SBFDInitiator Behaviors | |||
| o If the SBFDInitiator receives a valid S-BFD packet in response to | o If the SBFDInitiator receives a valid S-BFD control packet in | |||
| transmitted S-BFD packet to a remote entity, then the | response to transmitted S-BFD control packet to a remote entity, | |||
| SBFDInitiator SHOULD conclude that S-BFD packet reached the | then the SBFDInitiator SHOULD conclude that S-BFD control packet | |||
| intended remote entity. | reached the intended remote entity. | |||
| o When a sufficient number of S-BFD packets have not arrived as they | o When a sufficient number of S-BFD packets have not arrived as they | |||
| should, the SBFDInitiator SHOULD declare loss of reachability to | should, the SBFDInitiator SHOULD declare loss of reachability to | |||
| the remote entity. The criteria for declaring loss of | the remote entity. The criteria for declaring loss of | |||
| reachability and the action that would be triggered as a result | reachability and the action that would be triggered as a result | |||
| are outside the scope of this document. | are outside the scope of this document. | |||
| o Relating to above bullet item, it is critical for an | o Relating to above bullet item, it is critical for an | |||
| implementation to understand the latency to/from the reflector BFD | implementation to understand the latency to/from the reflector BFD | |||
| session on the responder. In other words, for very first S-BFD | session on the responder. In other words, for very first S-BFD | |||
| packet transmitted by the SBFDInitiator, an implementation MUST | packet transmitted by the SBFDInitiator, an implementation MUST | |||
| NOT expect response S-BFD packet to be received for time | NOT expect response S-BFD packet to be received for time | |||
| equivalent to sum of latencies: initiator to responder and | equivalent to sum of latencies: initiator to responder and | |||
| responder back to initiator. | responder back to initiator. | |||
| o If the SBFDInitiator receives an S-BFD packet with Demand (D) bit | o If the SBFDInitiator receives an S-BFD control packet with Demand | |||
| set, the packet MUST be discarded. | (D) bit set, the packet MUST be discarded. | |||
| 7.8. Additional SBFDReflector Behaviors | 7.8. Additional SBFDReflector Behaviors | |||
| o S-BFD packets transmitted by the SBFDReflector MUST have "Required | o S-BFD control packets transmitted by the SBFDReflector MUST have | |||
| Min RX Interval" set to a value which expresses how many incoming | "Required Min RX Interval" set to a value which expresses how many | |||
| S-BFD packets this SBFDReflector can handle. The SBFDReflector | incoming S-BFD control packets this SBFDReflector can handle. The | |||
| can control how fast SBFInitiators will be sending S-BFD packets | SBFDReflector can control how fast SBFInitiators will be sending | |||
| to self by ensuring "Required Min RX Interval" indicates a value | S-BFD control packets to self by ensuring "Required Min RX | |||
| based on the current load. | Interval" indicates a value based on the current load. | |||
| o If the SBFDReflector wishes to communicate to some or all | o If the SBFDReflector wishes to communicate to some or all | |||
| SBFDInitiators that monitored local entity is "temporarily out of | SBFDInitiators that monitored local entity is "temporarily out of | |||
| service", then S-BFD packets with "state" set to ADMINDOWN are | service", then S-BFD control packets with "state" set to ADMINDOWN | |||
| sent to those SBFDInitiators. The SBFDInitiators, upon reception | are sent to those SBFDInitiators. The SBFDInitiators, upon | |||
| of such packets, MUST NOT conclude loss of reachability to | reception of such packets, MUST NOT conclude loss of reachability | |||
| corresponding remote entity, and MUST back off packet transmission | to corresponding remote entity, and MUST back off packet | |||
| interval for the remote entity to an interval no faster than 1 | transmission interval for the remote entity to an interval no | |||
| second. If the SBFDReflector is generating a response S-BFD | faster than 1 second. If the SBFDReflector is generating a | |||
| packet for a local entity that is in service, then "state" in | response S-BFD control packet for a local entity that is in | |||
| response BFD control packets MUST be set to UP. | service, then "state" in response BFD control packets MUST be set | |||
| to UP. | ||||
| o If an SBFDReflector receives an S-BFD packet with Demand (D) bit | o If an SBFDReflector receives an S-BFD control packet with Demand | |||
| cleared, the packet MUST be discarded. | (D) bit cleared, the packet MUST be discarded. | |||
| 8. Scaling Aspect | 8. Scaling Aspect | |||
| This mechanism brings forth one noticeable difference in terms of | This mechanism brings forth one noticeable difference in terms of | |||
| scaling aspect: number of SBFDReflector. This specification | scaling aspect: number of SBFDReflector. This specification | |||
| eliminates the need for egress nodes to have fully active BFD | eliminates the need for egress nodes to have fully active BFD | |||
| sessions when only one side desires to perform continuity tests. | sessions when only one side desires to perform continuity tests. | |||
| With introduction of reflector BFD concept, egress no longer is | With introduction of reflector BFD concept, egress no longer is | |||
| required to create any active BFD session per path/LSP/function | required to create any active BFD session per path/LSP/function | |||
| basis. Due to this, total number of BFD sessions in a network is | basis. Due to this, total number of BFD sessions in a network is | |||
| skipping to change at page 13, line 28 | skipping to change at page 13, line 43 | |||
| 9. Co-existence with Classical BFD Sessions | 9. Co-existence with Classical BFD Sessions | |||
| Initial packet demultiplexing requirement is described in | Initial packet demultiplexing requirement is described in | |||
| Section 7.1. Because of this, S-BFD mechanism can co-exist with | Section 7.1. Because of this, S-BFD mechanism can co-exist with | |||
| classical BFD sessions. | classical BFD sessions. | |||
| 10. S-BFD Echo Function | 10. S-BFD Echo Function | |||
| The concept of the S-BFD Echo function is similar to the BFD Echo | The concept of the S-BFD Echo function is similar to the BFD Echo | |||
| function described in [RFC5880], packets are self-generated and self- | function described in [RFC5880]. S-BFD echo packets have the | |||
| terminated after traversing a link/path. S-BFD echo packets are | destination of self, thus S-BFD echo packets are self-generated and | |||
| self-terminated after traversing a link/path. S-BFD echo packets are | ||||
| expected to u-turn on the target node in the data plane and MUST NOT | expected to u-turn on the target node in the data plane and MUST NOT | |||
| be processed by any reflector BFD sessions on the target node. | be processed by any reflector BFD sessions on the target node. | |||
| When using the S-BFD Echo function, it is RECOMMENDED that: | When using the S-BFD Echo function, it is RECOMMENDED that: | |||
| o Both S-BFD packets (with BFD control header) and S-BFD echo | o Both S-BFD control packets and S-BFD echo packets be sent. | |||
| packets (implementation specific) be sent. | ||||
| o Both S-BFD packets and S-BFD echo packets have the same semantics | o Both S-BFD control packets and S-BFD echo packets have the same | |||
| in the forward direction to reach the target node. | semantics in the forward direction to reach the target node. | |||
| In other words, it is not preferable to send just S-BFD echo packets. | In other words, it is not preferable to send just S-BFD echo packets | |||
| There are two reason behind this suggestion: | without also sending S-BFD control packets. There are two reasons | |||
| behind this suggestion: | ||||
| o S-BFD packets can verify reachability to intended target node, | o S-BFD control packets can verify the reachability to intended | |||
| which allows one to conclude that S-BFD echo packets are u-turning | target node, which allows one to have confidence that S-BFD echo | |||
| on the expected target node. | packets are u-turning on the expected target node. | |||
| o S-BFD packets can detect when the target node is going out of | o S-BFD control packets can detect when the target node is going out | |||
| service (i.e. via receiving back ADMINDOWN state). | of service (i.e. via receiving back ADMINDOWN state). | |||
| Implementations MAY set "Required Min Echo RX Interval" field to | The usage of the "Required Min Echo RX Interval" field is described | |||
| indicate the rate which SBFDInitiator is sending S-BFD Echo packets | in Section 7.2.2 and Section 7.3.2. Because of the stateless nature | |||
| (in ping) or the rate which SBFDReflector wants SBFDInitiators to | of SBFDReflector sessions, a value specified the "Required Min Echo | |||
| send S-BFD Echo packets (in pong). However, this is likely more than | RX Interval" field in both directions is not very meaningful. Thus | |||
| necessary for the S-BFD Echo function to operate. Therefore, it is | it is RECOMMENDED that the "Required Min Echo RX Interval" field | |||
| RECOMMENDED that "Required Min Echo RX Interval" field simply be set | simply be set to zero in both directions. | |||
| to zero in both directions. | ||||
| Additionally, following aspects are left as implementation details, | Following aspects of S-BFD Echo functions are left as implementation | |||
| and are outside the scope of this document: | details, and are outside the scope of this document: | |||
| o Format of the S-BFD Echo packet (ex: data beyond UDP header). | o Format of the S-BFD echo packet (ex: data beyond UDP header). | |||
| o Procedures on when and how to use the S-BFD Echo function. | o Procedures on when and how to use the S-BFD Echo function. | |||
| 11. Security Considerations | 11. Security Considerations | |||
| Same security considerations as [RFC5880], [RFC5881], [RFC5883], | Same security considerations as [RFC5880], [RFC5881], [RFC5883], | |||
| [RFC5884] and [RFC5885] apply to this document. Additionally, | [RFC5884] and [RFC5885] apply to this document. Additionally, | |||
| implementing the following measures will strengthen security aspects | implementing the following measures will strengthen security aspects | |||
| of the mechanism described by this document: | of the mechanism described by this document: | |||
| skipping to change at page 14, line 38 | skipping to change at page 15, line 6 | |||
| accepting the packet. | accepting the packet. | |||
| o SBFDReflector MAY look at the Key ID | o SBFDReflector MAY look at the Key ID | |||
| [I-D.ietf-bfd-generic-crypto-auth] in the incoming packet and | [I-D.ietf-bfd-generic-crypto-auth] in the incoming packet and | |||
| verify the authentication data. | verify the authentication data. | |||
| o SBFDReflector MUST accept the packet if authentication is | o SBFDReflector MUST accept the packet if authentication is | |||
| successful. | successful. | |||
| o SBFDReflector MUST compute the Authentication data and MUST use | o SBFDReflector MUST compute the Authentication data and MUST use | |||
| the same sequence number that it received in the S-BFD packet that | the same sequence number that it received in the S-BFD control | |||
| it is responding to. | packet that it is responding to. | |||
| o SBFDInitiator MUST accept the S-BFD packet if it either comes with | o SBFDInitiator MUST accept the S-BFD control packet if it either | |||
| the same sequence number as it had sent or it's within the window | comes with the same sequence number as it had sent or it's within | |||
| that it finds acceptable (described in detail in | the window that it finds acceptable (described in detail in | |||
| [I-D.ietf-bfd-generic-crypto-auth]) | [I-D.ietf-bfd-generic-crypto-auth]) | |||
| Using the above method, | Using the above method, | |||
| o SBFDReflector continue to remain stateless despite using security. | o SBFDReflector continue to remain stateless despite using security. | |||
| o SBFDReflector are not susceptible to replay attacks as they always | o SBFDReflector are not susceptible to replay attacks as they always | |||
| respond to S-BFD packets irrespective of the sequence number | respond to S-BFD control packets irrespective of the sequence | |||
| carried. | number carried. | |||
| o An attacker cannot impersonate the responder since the | o An attacker cannot impersonate the responder since the | |||
| SBFDInitiator will only accept S-BFD packets that come with the | SBFDInitiator will only accept S-BFD control packets that come | |||
| sequence number that it had originally used when sending the S-BFD | with the sequence number that it had originally used when sending | |||
| packet. | the S-BFD control packet. | |||
| 12. IANA Considerations | 12. IANA Considerations | |||
| No action is required by IANA for this document. | No action is required by IANA for this document. | |||
| 13. Acknowledgements | 13. Acknowledgements | |||
| Authors would like to thank Jeffrey Haas, Greg Mirsky and Marc | Authors would like to thank Jeffrey Haas, Greg Mirsky and Marc | |||
| Binderberger for performing thorough reviews and providing number of | Binderberger for performing thorough reviews and providing number of | |||
| suggestions. Authors would like to thank Girija Raghavendra Rao, Les | suggestions. Authors would like to thank Girija Raghavendra Rao, Les | |||
| skipping to change at page 16, line 33 | skipping to change at page 16, line 42 | |||
| "Bidirectional Forwarding Detection (BFD) for MPLS Label | "Bidirectional Forwarding Detection (BFD) for MPLS Label | |||
| Switched Paths (LSPs)", RFC 5884, June 2010. | Switched Paths (LSPs)", RFC 5884, June 2010. | |||
| 15.2. Informative References | 15.2. Informative References | |||
| [I-D.ietf-bfd-generic-crypto-auth] | [I-D.ietf-bfd-generic-crypto-auth] | |||
| Bhatia, M., Manral, V., Zhang, D., and M. Jethanandani, | Bhatia, M., Manral, V., Zhang, D., and M. Jethanandani, | |||
| "BFD Generic Cryptographic Authentication", draft-ietf- | "BFD Generic Cryptographic Authentication", draft-ietf- | |||
| bfd-generic-crypto-auth-06 (work in progress), April 2014. | bfd-generic-crypto-auth-06 (work in progress), April 2014. | |||
| [I-D.ietf-bfd-multipoint] | ||||
| Katz, D., Ward, D., and J. Networks, "BFD for Multipoint | ||||
| Networks", draft-ietf-bfd-multipoint-04 (work in | ||||
| progress), August 2014. | ||||
| [I-D.ietf-bfd-seamless-use-case] | [I-D.ietf-bfd-seamless-use-case] | |||
| Aldrin, S., Bhatia, M., Mirsky, G., Kumar, N., and S. | Aldrin, S., Bhatia, M., Mirsky, G., Kumar, N., and S. | |||
| Matsushima, "Seamless Bidirectional Forwarding Detection | Matsushima, "Seamless Bidirectional Forwarding Detection | |||
| (BFD) Use Case", draft-ietf-bfd-seamless-use-case-00 (work | (BFD) Use Case", draft-ietf-bfd-seamless-use-case-00 (work | |||
| in progress), June 2014. | in progress), June 2014. | |||
| [RFC5885] Nadeau, T. and C. Pignataro, "Bidirectional Forwarding | [RFC5885] Nadeau, T. and C. Pignataro, "Bidirectional Forwarding | |||
| Detection (BFD) for the Pseudowire Virtual Circuit | Detection (BFD) for the Pseudowire Virtual Circuit | |||
| Connectivity Verification (VCCV)", RFC 5885, June 2010. | Connectivity Verification (VCCV)", RFC 5885, June 2010. | |||
| skipping to change at page 18, line 27 | skipping to change at page 18, line 36 | |||
| Dave Ward | Dave Ward | |||
| Cisco Systems | Cisco Systems | |||
| Email: wardd@cisco.com | Email: wardd@cisco.com | |||
| Manav Bhatia | Manav Bhatia | |||
| Ionos Networks | Ionos Networks | |||
| Email: manav@ionosnetworks.com | Email: manav@ionosnetworks.com | |||
| Santosh | Santosh Pallagatti | |||
| Juniper Networks | Juniper Networks | |||
| Email: santoshpk@juniper.net | Email: santoshpk@juniper.net | |||
| End of changes. 59 change blocks. | ||||
| 190 lines changed or deleted | 209 lines changed or added | |||
This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||