draft-ietf-bfd-seamless-base-11.txt   rfc7880.txt 
Internet Engineering Task Force C. Pignataro Internet Engineering Task Force (IETF) C. Pignataro
Internet-Draft D. Ward Request for Comments: 7880 D. Ward
Updates: 5880 (if approved) Cisco Updates: 5880 Cisco
Intended status: Standards Track N. Akiya Category: Standards Track N. Akiya
Expires: November 7, 2016 Big Switch Networks ISSN: 2070-1721 Big Switch Networks
M. Bhatia M. Bhatia
Ionos Networks Ionos Networks
S. Pallagatti S. Pallagatti
May 6, 2016 July 2016
Seamless Bidirectional Forwarding Detection (S-BFD) Seamless Bidirectional Forwarding Detection (S-BFD)
draft-ietf-bfd-seamless-base-11
Abstract Abstract
This document defines a simplified mechanism to use Bidirectional This document defines Seamless Bidirectional Forwarding Detection
Forwarding Detection (BFD) with large portions of negotiation aspects (S-BFD), a simplified mechanism for using BFD with a large proportion
eliminated, thus providing benefits such as quick provisioning as of negotiation aspects eliminated, thus providing benefits such as
well as improved control and flexibility to network nodes initiating quick provisioning, as well as improved control and flexibility for
the path monitoring. network nodes initiating path monitoring.
This document updates RFC5880.
Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", This document updates RFC 5880.
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119].
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This is an Internet Standards Track document.
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months This document is a product of the Internet Engineering Task Force
and may be updated, replaced, or obsoleted by other documents at any (IETF). It represents the consensus of the IETF community. It has
time. It is inappropriate to use Internet-Drafts as reference received public review and has been approved for publication by the
material or to cite them other than as "work in progress." Internet Engineering Steering Group (IESG). Further information on
Internet Standards is available in Section 2 of RFC 7841.
This Internet-Draft will expire on November 7, 2016. Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
http://www.rfc-editor.org/info/rfc7880.
Copyright Notice Copyright Notice
Copyright (c) 2016 IETF Trust and the persons identified as the Copyright (c) 2016 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction ....................................................4
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Terminology .....................................................4
3. Seamless BFD Overview . . . . . . . . . . . . . . . . . . . . 5 3. Seamless BFD Overview ...........................................6
4. S-BFD Discriminators . . . . . . . . . . . . . . . . . . . . 6 4. S-BFD Discriminators ............................................7
4.1. S-BFD Discriminator Uniqueness . . . . . . . . . . . . . 6 4.1. S-BFD Discriminator Uniqueness .............................7
4.2. Discriminator Pools . . . . . . . . . . . . . . . . . . . 7 4.2. Discriminator Pools ........................................7
5. Reflector BFD Session . . . . . . . . . . . . . . . . . . . . 7 5. Reflector BFD Session ...........................................8
6. State Variables . . . . . . . . . . . . . . . . . . . . . . . 8 6. State Variables .................................................9
6.1. New State Variables . . . . . . . . . . . . . . . . . . . 8 6.1. New State Variables ........................................9
6.2. State Variable Initialization and Maintenance . . . . . . 9 6.2. State Variable Initialization and Maintenance ..............9
7. S-BFD Procedures . . . . . . . . . . . . . . . . . . . . . . 9 7. S-BFD Procedures ...............................................10
7.1. Demultiplexing of S-BFD Control Packet . . . . . . . . . 9 7.1. Demultiplexing of S-BFD Control Packet ....................10
7.2. Responder Procedures . . . . . . . . . . . . . . . . . . 10 7.2. Responder Procedures ......................................11
7.2.1. Responder Demultiplexing . . . . . . . . . . . . . . 10 7.2.1. Responder Demultiplexing ...........................11
7.2.2. Transmission of S-BFD Control Packet by SBFDReflector 10 7.2.2. Transmission of S-BFD Control Packet by
7.2.3. Additional SBFDReflector Behaviors . . . . . . . . . 11 SBFDReflector ......................................11
7.3. Initiator Procedures . . . . . . . . . . . . . . . . . . 12 7.2.3. Additional SBFDReflector Behaviors .................12
7.3.1. SBFDInitiator State Machine . . . . . . . . . . . . . 12 7.3. Initiator Procedures ......................................13
7.3.2. Transmission of S-BFD Control Packet by SBFDInitiator 13 7.3.1. SBFDInitiator State Machine ........................14
7.3.3. Additional SBFDInitiator Behaviors . . . . . . . . . 14 7.3.2. Transmission of S-BFD Control Packet by
7.4. Diagnostic Values . . . . . . . . . . . . . . . . . . . . 14 SBFDInitiator ......................................15
7.5. The Poll Sequence . . . . . . . . . . . . . . . . . . . . 15 7.3.3. Additional SBFDInitiator Behaviors .................15
8. Operational Considerations . . . . . . . . . . . . . . . . . 15 7.4. Diagnostic Values .........................................16
8.1. Scaling Aspect . . . . . . . . . . . . . . . . . . . . . 15 7.5. The Poll Sequence .........................................16
8.2. Congestion Considerations . . . . . . . . . . . . . . . . 16 8. Operational Considerations .....................................16
9. Co-existence with Classical BFD Sessions . . . . . . . . . . 16 8.1. Scaling Aspect ............................................17
10. S-BFD Echo Function . . . . . . . . . . . . . . . . . . . . . 16 8.2. Congestion Considerations .................................17
11. Security Considerations . . . . . . . . . . . . . . . . . . . 17 9. Co-existence with Classical BFD Sessions .......................17
12. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 18 10. S-BFD Echo Function ...........................................18
13. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 18 11. Security Considerations .......................................19
14. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 19 12. References ....................................................20
15. References . . . . . . . . . . . . . . . . . . . . . . . . . 19 12.1. Normative References .....................................20
15.1. Normative References . . . . . . . . . . . . . . . . . . 19 12.2. Informative References ...................................20
15.2. Informative References . . . . . . . . . . . . . . . . . 19 Appendix A. Loop Problem and Solution .............................22
Appendix A. Loop Problem and Solution . . . . . . . . . . . . . 20 Acknowledgements ..................................................23
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 21 Contributors ......................................................23
Authors' Addresses ................................................24
1. Introduction 1. Introduction
Bidirectional Forwarding Detection (BFD), [RFC5880] and related Bidirectional Forwarding Detection (BFD), as described in [RFC5880]
documents, has efficiently generalized the failure detection and related documents, has efficiently generalized the failure
mechanism for multiple protocols and applications. There are some detection mechanism for multiple protocols and applications. There
improvements that can be made to better fit existing technologies. are some improvements that can be made to better fit existing
There is a possibility of evolving BFD to better fit new technologies. There is a possibility of evolving BFD to better fit
technologies. This document focuses on several aspects of BFD in new technologies. This document focuses on several aspects of BFD in
order to further improve efficiency, to expand failure detection order to further improve efficiency, expand failure detection
coverage and to allow BFD usage for wider scenarios. Additional use coverage, and allow BFD usage for wider scenarios. Additional use
cases are listed in [I-D.ietf-bfd-seamless-use-case]. cases are listed in [RFC7882].
Specifically, this document defines Seamless Bidirectional Forwarding Specifically, this document defines Seamless Bidirectional Forwarding
Detection (S-BFD) a simplified mechanism to use Bidirectional Detection (S-BFD), a simplified mechanism for using BFD with a large
Forwarding Detection (BFD) with large portions of negotiation aspects proportion of negotiation aspects eliminated, thus providing benefits
eliminated, thus providing benefits such as quick provisioning as such as quick provisioning, as well as improved control and
well as improved control and flexibility to network nodes initiating flexibility for network nodes initiating path monitoring. S-BFD
the path monitoring. S-BFD enables cases benefiting from the use of enables cases benefiting from the use of core BFD technologies in a
core BFD technologies in a fashion that leverages existing fashion that leverages existing implementations and protocol
implementations and protocol machinery while providing a rather machinery while providing a rather simplified and largely stateless
simplified and largely stateless infrastructure for continuity infrastructure for continuity testing.
testing.
One key aspect of the mechanism described in this document eliminates One key aspect of the mechanism described in this document eliminates
the time between a network node wanting to perform a continuity test the time between a network node wanting to perform a continuity test
and completing the continuity test. In traditional BFD terms, the and completing the continuity test. In traditional BFD terms, the
initial state changes from DOWN to UP are virtually nonexistent. initial state changes from DOWN to UP are virtually nonexistent.
Removal of this seam (i.e., time delay) in BFD provides applications Removal of this "seam" (i.e., time delay) in BFD provides a smooth
a smooth and continuous operational experience. Therefore, "Seamless and continuous operational experience for applications. Therefore,
BFD" (S-BFD) has been chosen as the name for this mechanism. "Seamless BFD" (S-BFD) has been chosen as the name for this
mechanism.
2. Terminology 2. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119].
The reader is expected to be familiar with the BFD [RFC5880], IP The reader is expected to be familiar with the BFD [RFC5880], IP
[RFC0791] [RFC2460] and MPLS [RFC3031] terminologies and protocol [RFC791] [RFC2460], and MPLS [RFC3031] terms and protocol constructs.
constructs. This section describes several new terminologies The remainder of this section describes several new terms introduced
introduced by S-BFD. by S-BFD.
o Classical BFD - BFD session types based on [RFC5880]. o Classical BFD - BFD session types based on [RFC5880].
o S-BFD - Seamless BFD. o S-BFD - Seamless BFD.
o S-BFD control packet - a BFD control packet for the S-BFD o S-BFD Control packet - a BFD Control packet for the S-BFD
mechanism. mechanism.
o S-BFD echo packet - a BFD echo packet for the S-BFD mechanism. o S-BFD Echo packet - a BFD Echo packet for the S-BFD mechanism.
o S-BFD packet - a BFD control packet or a BFD echo packet. o S-BFD packet - a BFD Control packet or a BFD Echo packet.
o Entity - a function on a network node that S-BFD mechanism allows o Entity - a function on a network node to which the S-BFD mechanism
remote network nodes to perform continuity test to. An entity can allows remote network nodes to perform continuity tests. An
be abstract (e.g., reachability) or specific (e.g., IP addresses, entity can be abstract (e.g., reachability) or specific (e.g., IP
router-IDs, functions). addresses, Router-IDs, functions).
o SBFDInitiator - an S-BFD session on a network node that performs a o SBFDInitiator - an S-BFD session on a network node that performs a
continuity test to a remote entity by sending S-BFD packets. continuity test to a remote entity by sending S-BFD packets.
o SBFDReflector - an S-BFD session on a network node that listens o SBFDReflector - an S-BFD session on a network node that listens
for incoming S-BFD control packets to local entities and generates for incoming S-BFD Control packets to local entities and generates
response S-BFD control packets. response S-BFD Control packets.
o Reflector BFD session - synonymous with SBFDReflector. o Reflector BFD session - synonymous with SBFDReflector.
o S-BFD discriminator - a BFD discriminator allocated for a local o S-BFD Discriminator - a BFD Discriminator allocated for a local
entity and is being listened by an SBFDReflector. entity. An SBFDReflector listens for S-BFD Discriminators.
o BFD discriminator - a BFD discriminator allocated for an o BFD Discriminator - a BFD Discriminator allocated for an
SBFDInitiator. SBFDInitiator.
o Initiator - a network node hosting an SBFDInitiator. o Initiator - a network node hosting an SBFDInitiator.
o Responder - a network node hosting an SBFDReflector. o Responder - a network node hosting an SBFDReflector.
Figure 1 describes the relationship between S-BFD terminologies. Figure 1 describes the relationship between S-BFD terms.
+---------------------+ +------------------------+ +---------------------+ +------------------------+
| Initiator | | Responder | | Initiator | | Responder |
| +-----------------+ | | +-----------------+ | | +-----------------+ | | +-----------------+ |
| | SBFDInitiator |---S-BFD ctrl pkt----->| SBFDReflector | | | | SBFDInitiator |---S-BFD Ctrl pkt----->| SBFDReflector | |
| | +-------------+ |<--S-BFD ctrl pkt------| +-------------+ | | | | +-------------+ |<--S-BFD Ctrl pkt------| +-------------+ | |
| | | BFD discrim | | | | | |S-BFD discrim| | | | | | BFD Discrim | | | | | |S-BFD Discrim| | |
| | | | |---S-BFD echo pkt---+ | | | | | | | | | |---S-BFD Echo pkt---+ | | | | |
| | +-------------+ | | | | | +----------^--+ | | | | +-------------+ | | | | | +----------^--+ | |
| +-----------------+<-------------------+ +------------|----+ | | +-----------------+<-------------------+ +------------|----+ |
| | | | | | | | | |
| | | +---v----+ | | | | +---v----+ |
| | | | Entity | | | | | | Entity | |
| | | +--------+ | | | | +--------+ |
+---------------------+ +------------------------+ +---------------------+ +------------------------+
Figure 1: S-BFD Terminology Relationship Figure 1: S-BFD Terminology Relationship
3. Seamless BFD Overview 3. Seamless BFD Overview
An S-BFD module on each network node allocates one or more S-BFD An S-BFD module on each network node allocates one or more S-BFD
discriminators for local entities, and creates a reflector BFD Discriminators for local entities and creates a Reflector BFD
session. Allocated S-BFD discriminators may be advertised by session. Allocated S-BFD Discriminators may be advertised by
applications (e.g., OSPF/IS-IS). Required result is that applications (e.g., OSPF/IS-IS). The required result is that
applications, on other network nodes, possess the knowledge of the applications on other network nodes will know about the S-BFD
S-BFD discriminators allocated by a remote node to remote entities. Discriminators allocated by a remote node to remote entities. The
The reflector BFD session is to, upon receiving an S-BFD control Reflector BFD session, upon receiving an S-BFD Control packet
packet targeted to one of local S-BFD discriminator values, transmit targeted to one of the local S-BFD Discriminator values, is to
a response S-BFD control packet back to the initiator. transmit a response S-BFD Control packet back to the initiator.
Once the above setup is complete, any network node, having the Once the above setup is complete, any network node that knows about
knowledge of the S-BFD discriminator allocated by a remote node to the S-BFD Discriminator allocated by a remote node to a remote entity
remote entity/entities, can quickly perform a continuity test to the or entities can quickly perform a continuity test to the remote
remote entity by simply sending S-BFD control packets with entity by simply sending S-BFD Control packets with a corresponding
corresponding S-BFD discriminator value in the "your discriminator" S-BFD Discriminator value in the Your Discriminator field.
field.
This is exemplified in Figure 2. This is exemplified in Figure 2.
<------- IS-IS Network -------> <------- IS-IS Network ------->
+---------+ +---------+
| | | |
A---------B---------C---------D A---------B---------C---------D
^ ^ ^ ^
| | | |
SystemID SystemID System-ID System-ID
xxx yyy xxx yyy
BFD Discrim BFD Discrim BFD Discrim BFD Discrim
123 456 123 456
Figure 2: S-BFD for IS-IS Network Figure 2: S-BFD for IS-IS Network
S-BFD module in a system IS-IS SystemID xxx (node A) allocates an An S-BFD module in a system with IS-IS System-ID xxx (Node A)
S-BFD discriminator 123, and IS-IS advertises the S-BFD discriminator allocates an S-BFD Discriminator 123, and IS-IS advertises the S-BFD
123 in an IS-IS TLV. S-BFD module in a system with IS-IS SystemID Discriminator 123 in an IS-IS TLV. An S-BFD module in a system with
yyy (node D) allocates an S-BFD discriminator 456, and IS-IS IS-IS System-ID yyy (Node D) allocates an S-BFD Discriminator 456,
advertises the S-BFD discriminator 456 in an IS-IS TLV. A reflector and IS-IS advertises the S-BFD Discriminator 456 in an IS-IS TLV. A
BFD session is created on both network nodes (node A and node D). Reflector BFD session is created on both network nodes (Node A and
When network node A wants to check the reachability to network node Node D). When Node A wants to check the reachability of Node D,
D, node A can send an S-BFD control packet, destined to node D, with Node A can send an S-BFD Control packet destined to Node D with the
"your discriminator" field set to 456. When the reflector BFD Your Discriminator field set to 456. When the Reflector BFD session
session on node D receives this S-BFD control packet, then a response on Node D receives this S-BFD Control packet, then a response S-BFD
S-BFD control packet is sent back to node A, which allows node A to Control packet is sent back to Node A, which allows Node A to
complete the continuity test. complete the continuity test.
When a node allocates multiple S-BFD discriminators, how remote nodes When a node allocates multiple S-BFD Discriminators, how remote nodes
determine which of the discriminators is associated with a specific determine which of the discriminators is associated with a specific
entity is currently unspecified. The use of multiple S-BFD entity is currently unspecified. The use of multiple S-BFD
discriminators by a single network node is therefore discouraged Discriminators by a single network node is therefore discouraged
until a means of learning the mapping is defined. until a means of learning the mapping is defined.
4. S-BFD Discriminators 4. S-BFD Discriminators
4.1. S-BFD Discriminator Uniqueness 4.1. S-BFD Discriminator Uniqueness
One important characteristic of an S-BFD discriminator is that it One important characteristic of an S-BFD Discriminator is that it
MUST be unique within an administrative domain. If multiple network MUST be unique within an administrative domain. If multiple network
nodes allocated the same S-BFD discriminator value, then S-BFD nodes allocate the same S-BFD Discriminator value, then S-BFD Control
control packets falsely terminating on a wrong network node can packets falsely terminating on a wrong network node can result in a
result in a reflector BFD session to generate a response back, due to Reflector BFD session generating a response back because of a
"your discriminator" matching. This is clearly not desirable. matching Your Discriminator value. This is clearly not desirable.
4.2. Discriminator Pools 4.2. Discriminator Pools
This subsection describes a discriminator pool implementation This subsection describes a discriminator pool implementation
technique to minimize S-BFD discriminator collisions. The result technique to minimize S-BFD Discriminator collisions. This technique
will allow an implementation to better satisfy the S-BFD will allow an implementation to better satisfy the S-BFD
discriminator uniqueness requirement defined in Section 4.1. Discriminator uniqueness requirement defined in Section 4.1.
o SBFDInitiator is to allocate a discriminator from the BFD o An SBFDInitiator is to allocate a discriminator from the BFD
discriminator pool. If the system also supports classical BFD Discriminator pool. If the system also supports classical BFD
that runs on [RFC5880], then the BFD discriminator pool SHOULD be (i.e., implements [RFC5880]), then the BFD Discriminator pool
shared by SBFDInitiator sessions and classical BFD sessions. SHOULD be shared by SBFDInitiator sessions and classical BFD
sessions.
o SBFDReflector is to allocate a discriminator from the S-BFD o An SBFDReflector is to allocate a discriminator from the S-BFD
discriminator pool. The S-BFD discriminator pool SHOULD be a Discriminator pool. The S-BFD Discriminator pool SHOULD be a
separate pool than the BFD discriminator pool. separate pool from the BFD Discriminator pool.
The remainder of this subsection describes the reasons for the The remainder of this subsection describes the reasons for the
suggestions above. suggestions above.
Locally allocated S-BFD discriminator values for entities, listened Locally allocated S-BFD Discriminator values for entities that
by SBFDReflector sessions, may be arbitrary allocated or derived from SBFDReflector sessions are listening for may be arbitrarily allocated
values provided by applications. These values may be protocol IDs or derived from values provided by applications. These values may be
(e.g., System-ID, Router-ID) or network targets (e.g., IP address). protocol IDs (e.g., System-ID, Router-ID) or network targets (e.g.,
To avoid derived S-BFD discriminator values already being assigned to IP address). To avoid derived S-BFD Discriminator values already
other BFD sessions (i.e., SBFDInitiator sessions and classical BFD being assigned to other BFD sessions (i.e., SBFDInitiator sessions
sessions), it is RECOMMENDED that the discriminator pool for and classical BFD sessions), it is RECOMMENDED that the discriminator
SBFDReflector sessions be separate from other BFD sessions. pool for SBFDReflector sessions be separate from other BFD sessions.
Even when following the separate discriminator pool approach, Even when following the "separate discriminator pool" approach, a
collision is still possible between one S-BFD application to another collision is still possible between different S-BFD applications that
S-BFD application, that may be using different values and algorithms may be using different values and algorithms to derive S-BFD
to derive S-BFD discriminator values. If the two applications are Discriminator values. If two applications are using S-BFD for the
using S-BFD for the same purpose (e.g., network reachability), then same purpose (e.g., network reachability), then the colliding S-BFD
the colliding S-BFD discriminator value can be shared. If the two Discriminator value can be shared. If the two applications are using
applications are using S-BFD for a different purpose, then the S-BFD for a different purpose, then the collision must be addressed.
collision must be addressed. The use of multiple S-BFD The use of multiple S-BFD Discriminators by a single network node,
discriminators by a single network node, however, is discouraged (see however, is discouraged (see Section 3).
Section 3).
5. Reflector BFD Session 5. Reflector BFD Session
Each network node creates one or more reflector BFD sessions. This Each network node creates one or more Reflector BFD sessions. This
reflector BFD session is a session that transmits S-BFD control Reflector BFD session is a session that transmits S-BFD Control
packets in response to received S-BFD control packets with "your packets in response to received S-BFD Control packets with the
discriminator" having S-BFD discriminators allocated for local Your Discriminator field having S-BFD Discriminators allocated for
entities. Specifically, this reflector BFD session has the following local entities. Specifically, this Reflector BFD session has the
characteristics: following characteristics:
o MUST NOT transmit any S-BFD packets based on local timer expiry. o MUST NOT transmit any S-BFD packets based on local timer expiry.
o MUST transmit an S-BFD control packet in response to a received o MUST transmit an S-BFD Control packet in response to a received
S-BFD control packet having a valid S-BFD discriminator in the S-BFD Control packet having a valid S-BFD Discriminator in the
"your discriminator" field, unless prohibited by local policies Your Discriminator field, unless prohibited by local policies
(e.g., administrative, security, rate-limiter, etc.) (e.g., administrative, security, rate-limiter).
o MUST be capable of sending only two states: UP and ADMINDOWN. o MUST be capable of sending only two states: UP and AdminDown.
One reflector BFD session may be responsible for handling received One Reflector BFD session may be responsible for handling received
S-BFD control packets targeted to all locally allocated S-BFD S-BFD Control packets targeted to all locally allocated S-BFD
discriminators, or few reflector BFD sessions may each be responsible Discriminators, or a few Reflector BFD sessions may each be
for subset of locally allocated S-BFD discriminators. This policy is responsible for a subset of locally allocated S-BFD Discriminators.
a local matter, and is outside the scope of this document. This policy is a local matter and is outside the scope of this
document.
Note that incoming S-BFD control packets may be IPv4, IPv6 or MPLS Note that incoming S-BFD Control packets may be based on IPv4, IPv6,
based [I-D.ietf-bfd-seamless-ip], and other options are possible and or MPLS [RFC7881]. Note also that other options are possible and may
can be defined in future documents. How such S-BFD control packets be defined in future documents. How such S-BFD Control packets reach
reach an appropriate reflector BFD session is also a local matter, an appropriate Reflector BFD session is also a local matter and is
and is outside the scope of this document. outside the scope of this document.
6. State Variables 6. State Variables
S-BFD introduces new state variables, and modifies the usage of S-BFD introduces new state variables and modifies the usage of
existing ones. existing ones.
6.1. New State Variables 6.1. New State Variables
A new state variable is added to the base specification in support of A new state variable is added to the base specification in support
S-BFD. of S-BFD.
o bfd.SessionType: This is a new state variable that describes the o bfd.SessionType: This is a new state variable that describes
type of this session. Allowable values for S-BFD sessions are: the type of a particular session. Allowable values for S-BFD
sessions are:
* SBFDInitiator - an S-BFD session on a network node that * SBFDInitiator - an S-BFD session on a network node that
performs a continuity test to a target entity by sending S-BFD performs a continuity test to a target entity by sending S-BFD
packets. packets.
* SBFDReflector - an S-BFD session on a network node that listens * SBFDReflector - an S-BFD session on a network node that listens
for incoming S-BFD control packets to local entities and for incoming S-BFD Control packets to local entities and
generates response S-BFD control packets. generates response S-BFD Control packets.
bfd.SessionType variable MUST be initialized to the appropriate type The bfd.SessionType variable MUST be initialized to the appropriate
when an S-BFD session is created. type when an S-BFD session is created.
6.2. State Variable Initialization and Maintenance 6.2. State Variable Initialization and Maintenance
A state variable defined in Section 6.8.1 of [RFC5880] need to be State variables (defined in Section 6.8.1 of [RFC5880]) need to
initialized or manipulated differently depending on the session type. be initialized or manipulated differently, depending on the
session type.
o bfd.DemandMode: This variable MUST be initialized to 1 for session o bfd.DemandMode: This variable MUST be initialized to 1 for session
type SBFDInitiator, and MUST be initialized to 0 for session type type SBFDInitiator and MUST be initialized to 0 for session type
SBFDReflector. This is done to prevent loops (see Appendix A). SBFDReflector. This is done to prevent loops (see Appendix A).
7. S-BFD Procedures 7. S-BFD Procedures
7.1. Demultiplexing of S-BFD Control Packet 7.1. Demultiplexing of S-BFD Control Packet
S-BFD packet MUST be demultiplexed with lower layer information An S-BFD packet MUST be demultiplexed with lower-layer information
(e.g., dedicated destination UDP port [I-D.ietf-bfd-seamless-ip], (e.g., dedicated destination UDP port [RFC7881], associated Channel
associated channel type [I-D.ietf-pals-seamless-vccv]). The Type [RFC7885]). The following procedure SHOULD be executed on both
following procedure SHOULD be executed on both initiator and initiator and reflector:
reflector.
If S-BFD packet If the packet is an S-BFD packet
If S-BFD packet is for SBFDReflector If the S-BFD packet is for an SBFDReflector
Packet MUST be looked up to locate a corresponding The packet MUST be looked up to locate a corresponding
SBFDReflector session based on the value from the "your SBFDReflector session based on the value from the
discriminator" field in the table describing S-BFD Your Discriminator field in the table describing S-BFD
discriminators. Discriminators.
Else Else
Packet MUST be looked up to locate a corresponding The packet MUST be looked up to locate a corresponding
SBFDInitiator session or classical BFD session based on the SBFDInitiator session or classical BFD session based on the
value from the "your discriminator" field in the table value from the Your Discriminator field in the table
describing BFD discriminators. If no match then received describing BFD Discriminators. If no match, then the
packet MUST be discarded. received packet MUST be discarded.
If session is SBFDInitiator If the session is an SBFDInitiator session
Destination of the packet (i.e., destination IP address) The destination of the packet (i.e., the destination IP
SHOULD be validated to be for self. address) SHOULD be verified as being for itself.
Else Else
Packet MUST be discarded The packet MUST be discarded.
Else Else
Procedure described in [RFC5880] MUST be applied. The procedure described in Section 6.8.6 of [RFC5880] MUST be
applied.
More details on S-BFD control packet demultiplexing are described in More details on S-BFD Control packet demultiplexing are provided in
relevant S-BFD data plane documents. relevant S-BFD data-plane documents.
7.2. Responder Procedures 7.2. Responder Procedures
A network node that receives S-BFD control packets transmitted by an A network node that receives S-BFD Control packets transmitted by an
initiator is referred as responder. The responder, upon reception of initiator is referred to as the responder. The responder, upon
S-BFD control packets, is to perform necessary relevant validations reception of S-BFD Control packets, is to verify the validity of the
described in [RFC5880]. packets, as described in [RFC5880].
7.2.1. Responder Demultiplexing 7.2.1. Responder Demultiplexing
S-BFD packet MUST be demultiplexed with lower layer information. The An S-BFD packet MUST be demultiplexed with lower-layer information.
following procedure SHOULD be executed by the responder: The following procedure SHOULD be executed by the responder:
If "your discriminator" not one of the entry allocated for local If the Your Discriminator field is not one of the entries
entities allocated for local entities
Packet MUST be discarded. The packet MUST be discarded.
Else Else
Packet is determined to be handled by a reflector BFD session The packet is determined to be handled by a Reflector BFD
responsible for that S-BFD discriminator. session responsible for that S-BFD Discriminator.
If local policy allows (e.g., administrative, security, rate- If allowable per local policy (e.g., administrative, security,
limiter, etc.) rate-limiter)
Chosen reflector BFD session SHOULD transmit a response BFD The chosen Reflector BFD session SHOULD transmit a response
control packet using procedures described in Section 7.2.2. BFD Control packet using the procedures described in
Section 7.2.2.
7.2.2. Transmission of S-BFD Control Packet by SBFDReflector 7.2.2. Transmission of S-BFD Control Packet by SBFDReflector
Contents of S-BFD control packets sent by an SBFDReflector MUST be The contents of S-BFD Control packets sent by an SBFDReflector MUST
set as per Section 6.8.7 of [RFC5880]. There are a few fields that be set as per Section 6.8.7 of [RFC5880]. There are a few fields
needs to be set differently from [RFC5880] as follows: that need to be set differently from [RFC5880], as follows:
State (Sta) State (Sta)
Set to bfd.SessionState (either UP or ADMINDOWN only). Set to bfd.SessionState (either UP or AdminDown only).
Clarification of reflector BFD session state is described in Clarification of Reflector BFD session state is described in
Section 7.2.3. Section 7.2.3.
Demand (D) Demand (D)
Set to 0, to identify the S-BFD packet is sent by the Set to 0, to indicate that the S-BFD packet is sent by the
SBFDReflector. SBFDReflector.
Detect Mult Detect Mult
Value to be copied from "Detection Multiplier" filed of Value to be copied from the Detection Multiplier field of the
received BFD packet. received BFD packet.
My Discriminator My Discriminator
Value be copied from "your discriminator" filed of received BFD Value to be copied from the Your Discriminator field of the
packet. received BFD packet.
Your Discriminator Your Discriminator
Value be copied from "my discriminator" filed of received BFD Value to be copied from the My Discriminator field of the
packet. received BFD packet.
Desired Min TX Interval Desired Min TX Interval
Value be copied from "Desired Min TX Interval" filed of Value to be copied from the Desired Min TX Interval field of
received BFD packet. the received BFD packet.
Required Min RX Interval Required Min RX Interval
Set to a bfd.RequiredMinRxInterval, value describing minimum Set to bfd.RequiredMinRxInterval. Value indicating the minimum
interval, in microseconds between received SBFD Control interval, in microseconds, between received S-BFD Control
packets. Further details are described in Section 7.2.3. packets. Further details are provided in Section 7.2.3.
Required Min Echo RX Interval Required Min Echo RX Interval
If device supports looping back S-BFD echo packets If the device supports looping back S-BFD Echo packets
Set to the minimum required Echo packet receive interval for Set to the minimum required S-BFD Echo packet receive
this session. interval for this session.
Else Else
Set to 0. Set to 0.
7.2.3. Additional SBFDReflector Behaviors 7.2.3. Additional SBFDReflector Behaviors
o S-BFD control packets transmitted by the SBFDReflector MUST have o S-BFD Control packets transmitted by the SBFDReflector MUST have
"Required Min RX Interval" set to a value that expresses, in Required Min RX Interval set to a value that expresses, in
microseconds, the minimum interval between incoming S-BFD control microseconds, the minimum interval between incoming S-BFD Control
packets this SBFDReflector can handle. The SBFDReflector can packets that this SBFDReflector can handle. The SBFDReflector can
control how fast SBFInitiators will be sending S-BFD control control how fast SBFDInitiators will be sending S-BFD Control
packets to self by ensuring "Required Min RX Interval" indicates a packets to themselves by ensuring that Required Min RX Interval
value based on the current load. indicates a value based on the current load.
o When the SBFDReflector receives an S-BFD control packet from an o When the SBFDReflector receives an S-BFD Control packet from an
SBFDInitiator, then the SBFDReflector needs to determine what SBFDInitiator, then the SBFDReflector needs to determine what
"state" to send in the response S-BFD control packet. If the "state" to send in the response S-BFD Control packet. If the
monitored local entity is in service, then the "state" MUST be set monitored local entity is in service, then the state MUST be set
to UP. If the monitored local entity is "temporarily out of to UP. If the monitored local entity is "temporarily out of
service", then the "state" SHOULD be set to ADMINDOWN. service", then the state SHOULD be set to AdminDown.
o If an SBFDReflector receives an S-BFD control packet with Demand o If an SBFDReflector receives an S-BFD Control packet with the
(D) bit cleared, the packet MUST be discarded (see Appendix A). Demand (D) bit cleared, the packet MUST be discarded (see
Appendix A).
7.3. Initiator Procedures 7.3. Initiator Procedures
S-BFD control packets transmitted by an SBFDInitiator MUST set "your S-BFD Control packets transmitted by an SBFDInitiator MUST set the
discriminator" field to an S-BFD discriminator corresponding to the Your Discriminator field to an S-BFD Discriminator corresponding to
remote entity. the remote entity.
Every SBFDInitiator MUST have a locally unique "my discriminator" Every SBFDInitiator MUST have a locally unique My Discriminator value
allocated from the BFD discriminator pool. allocated from the BFD Discriminator pool.
Figure 3 describes the high-level concept of continuity test using Figure 3 describes the high-level concept of continuity testing using
S-BFD. R2 allocates XX as the S-BFD discriminator for its network S-BFD. R2 allocates XX as the S-BFD Discriminator for network
reachability purpose, and advertises XX to neighbors. ASCII art reachability purposes and advertises XX to neighbors. Figure 3 shows
shows R1 and R4 performing a continuity test to R2. R1 and R4 performing a continuity test to R2.
+--- md=50/yd=XX (ping) ----+ +--- md=50/yd=XX (ping) ----+
| | | |
|+-- md=XX/yd=50 (pong) --+ | |+-- md=XX/yd=50 (pong) --+ |
|| | | || | |
|v | v |v | v
R1 ==================== R2[*] ========= R3 ========= R4 R1 ==================== R2[*] ========= R3 ========= R4
| ^ |^ | ^ |^
| | || | | ||
| +-- md=60/yd=XX (ping) --+| | +-- md=60/yd=XX (ping) --+|
| | | |
+---- md=XX/yd=60 (pong) ---+ +---- md=XX/yd=60 (pong) ---+
[*] Reflector BFD session on R2. [*] Reflector BFD session on R2.
=== Links connecting network nodes. === Links connecting network nodes.
--- S-BFD control packet traversal. --- S-BFD Control packet traversal.
Figure 3: S-BFD Continuity Test Figure 3: S-BFD Continuity Test
7.3.1. SBFDInitiator State Machine 7.3.1. SBFDInitiator State Machine
An SBFDInitiator may be a persistent session on the initiator with a An SBFDInitiator may be a "persistent" session on the initiator with
timer for S-BFD control packet transmissions (stateful a timer for S-BFD Control packet transmissions (stateful
SBFDInitiator). An SBFDInitiator may also be a module, a script or a SBFDInitiator). An SBFDInitiator may also be a module, a script, or
tool on the initiator that transmits one or more S-BFD control a tool on the initiator that transmits one or more S-BFD Control
packets "when needed" (stateless SBFDInitiator). For stateless packets "when needed" (stateless SBFDInitiator). For stateless
SBFDInitiators, a complete BFD state machine may not be applicable. SBFDInitiators, a complete BFD state machine may not be applicable.
For stateful SBFDInitiators, the states and the state machine For stateful SBFDInitiators, the states and the state machine
described in [RFC5880] will not function due to SBFDReflector session described in [RFC5880] will not function due to the SBFDReflector
only sending UP and ADMINDOWN states (i.e., SBFDReflector session session only sending the UP and AdminDown states (i.e., the
does not send INIT state). The following diagram provides the SBFDReflector session does not send the INIT state). The following
RECOMMENDED state machine for stateful SBFDInitiators. The notation diagram provides the RECOMMENDED state machine for stateful
on each arc represents the state of the SBFDInitiator (as received in SBFDInitiators. The notation on each arc represents the state of the
the State field in the S-BFD control packet) or indicates the SBFDInitiator (as received in the State field in the S-BFD Control
expiration of the Detection Timer. See Figure 4. packet) or indicates the expiration of the Detection Timer. See
Figure 4.
+--+ +--+
ADMIN DOWN, | | ADMIN DOWN, | |
TIMER | V TIMER | V
+------+ UP +------+ +------+ UP +------+
| |-------------------->| |----+ | |-------------------->| |----+
| DOWN | | UP | | UP | DOWN | | UP | | UP
| |<--------------------| |<---+ | |<--------------------| |<---+
+------+ ADMIN DOWN, +------+ +------+ ADMIN DOWN, +------+
TIMER TIMER
Figure 4: SBFDInitiator FSM Figure 4: SBFDInitiator Finite State Machine
Note that the above state machine is different from the base BFD Note that the above state machine is different from the base BFD
specification [RFC5880]. This is because the INIT state is no longer specification [RFC5880]. This is because the INIT state is no longer
applicable for the SBFDInitiator. Another important difference is applicable for the SBFDInitiator. Another important difference is
the transition of the state machine from the DOWN state to the UP the transition of the state machine from the DOWN state to the UP
state when a packet with State UP is received by the SBFDInitiator. state when a packet with an UP state setting is received by the
The definitions of the states and the events have the same meaning as SBFDInitiator. The definitions of the states and events have the
in the base BFD specification [RFC5880]. same meanings as those defined in the base BFD specification
[RFC5880].
7.3.2. Transmission of S-BFD Control Packet by SBFDInitiator 7.3.2. Transmission of S-BFD Control Packet by SBFDInitiator
Contents of S-BFD control packets sent by an SBFDInitiator MUST be The contents of S-BFD Control packets sent by an SBFDInitiator MUST
set as per Section 6.8.7 of [RFC5880]. There are few fields which be set as per Section 6.8.7 of [RFC5880]. There are a few fields
needs to be set differently from [RFC5880] as follows: that need to be set differently from [RFC5880], as follows:
Demand (D) Demand (D)
D bit is used to identify S-BFD packet originated from Used to indicate that the S-BFD packet originated from the
SBFDInitiator and is always set to 1. SBFDInitiator. Always set to 1.
Your Discriminator Your Discriminator
Set to bfd.RemoteDiscr. bfd.RemoteDiscr is set to discriminator Set to bfd.RemoteDiscr. bfd.RemoteDiscr is set to the
value of remote entity. It MAY be learnt from routing Discriminator value of the remote entity. It MAY be learnt
protocols or configured locally. from routing protocols or configured locally.
Required Min RX Interval Required Min RX Interval
Set to 0. Set to 0.
Required Min Echo RX Interval Required Min Echo RX Interval
Set to 0. Set to 0.
7.3.3. Additional SBFDInitiator Behaviors 7.3.3. Additional SBFDInitiator Behaviors
o If the SBFDInitiator receives a valid S-BFD control packet in o If the SBFDInitiator receives a valid S-BFD Control packet in
response to transmitted S-BFD control packet to a remote entity, response to a transmitted S-BFD Control packet to a remote entity,
then the SBFDInitiator SHOULD conclude that S-BFD control packet then the SBFDInitiator SHOULD conclude that the S-BFD Control
reached the intended remote entity. packet reached the intended remote entity.
o When an SBFDInitiator receives a response S-BFD control packet, if o When an SBFDInitiator receives a response S-BFD Control packet, if
the state specified is ADMINDOWN, the SBFDInitiator MUST NOT the state specified is AdminDown, the SBFDInitiator MUST NOT
conclude loss of reachability to the corresponding remote entity, conclude that the reachability of the corresponding remote entity
and MUST back off packet transmission interval for the remote is lost and MUST back off the packet transmission interval for the
entity to an interval no faster than 1 second. remote entity to an interval no faster than 1 second.
o When a sufficient number of S-BFD packets have not arrived as they o When a sufficient number of S-BFD packets have not arrived as they
should, the SBFDInitiator SHOULD declare loss of reachability to should, the SBFDInitiator SHOULD declare loss of reachability to
the remote entity. The criteria for declaring loss of the remote entity. The criteria for declaring loss of
reachability and the action that would be triggered as a result reachability and the action that would be triggered as a result
are outside the scope of this document; the action MAY include are outside the scope of this document; the action MAY include
logging an error. logging an error.
o Relating to above bullet item, it is critical for an o Regarding the third bullet item, it is critical for an
implementation to understand the latency to/from the reflector BFD implementation to understand the latency to/from the Reflector BFD
session on the responder. In other words, for very first S-BFD session on the responder. In other words, for the very first
packet transmitted by the SBFDInitiator, an implementation MUST S-BFD packet transmitted by the SBFDInitiator, an implementation
NOT expect response S-BFD packet to be received for time MUST NOT expect a response S-BFD packet to be received for a time
equivalent to sum of latencies: initiator to responder and equivalent to the sum of the latencies: initiator to responder and
responder back to initiator. responder back to initiator.
o If the SBFDInitiator receives an S-BFD control packet with Demand o If the SBFDInitiator receives an S-BFD Control packet with the
(D) bit set, the packet MUST be discarded (see Appendix A). Demand (D) bit set, the packet MUST be discarded (see Appendix A).
7.4. Diagnostic Values 7.4. Diagnostic Values
Diagnostic value in both directions MAY be set to a certain value, to The diagnostic value in both directions MAY be set to a certain
attempt to communicate further information to both ends. value, to attempt to communicate further information to both ends.
Implementation MAY use already existing diagnostic values defined in Implementations MAY use the already-existing diagnostic values
Section 4.1 of [RFC5880]. However, details of such are outside the defined in Section 4.1 of [RFC5880]. However, details regarding this
scope of this specification. topic are outside the scope of this specification.
7.5. The Poll Sequence 7.5. The Poll Sequence
Poll sequence MAY be used in both directions. The Poll sequence MUST The Poll Sequence MAY be used in both directions. The Poll Sequence
operate in accordance with [RFC5880]. An SBFDReflector MAY use the MUST operate in accordance with [RFC5880]. An SBFDReflector MAY use
Poll sequence to slow down that rate at which S-BFD control packets the Poll Sequence to slow down the rate at which S-BFD Control
are generated from an SBFDInitiator. This is done by the packets are generated from an SBFDInitiator. This is done by the
SBFDReflector using procedures described in Section 7.2.3 and setting SBFDReflector, using the procedures described in Section 7.2.3 and
the Poll (P) bit in the reflected S-BFD control packet. The setting the Poll (P) bit in the reflected S-BFD Control packet. The
SBFDInitiator is to then send the next S-BFD control packet with the SBFDInitiator is to then send the next S-BFD Control packet with the
Final (F) bit set. If an SBFDReflector receives an S-BFD control Final (F) bit set. If an SBFDReflector receives an S-BFD Control
packet with Poll (P) bit set, then the SBFDReflector MUST respond packet with the P bit set, then the SBFDReflector MUST respond with
with an S-BFD control packet with Poll (P) bit cleared and Final (F) an S-BFD Control packet with the P bit cleared and the F bit set.
bit set.
8. Operational Considerations 8. Operational Considerations
S-BFD provides a smooth and continuous (i.e., seamless) operational S-BFD provides a smooth and continuous (i.e., seamless) operational
experience as an Operations, Administration, and Maintenance (OAM) experience as an Operations, Administration, and Maintenance (OAM)
mechanism for connectivity check and connection verification. This mechanism for connectivity checking and connection verification.
is achieved by providing a simplified mechanism with large portions This is achieved by providing a simplified mechanism with a large
of negotiation aspects eliminated, resulting in a faster and simpler proportion of negotiation aspects eliminated, resulting in faster and
provisioning. simpler provisioning.
Because of this simplified mechanism, due to a misconfiguration, an Because of this simplified mechanism, due to a misconfiguration an
SBFDInitiator could send S-BFD control packets to a target that does SBFDInitiator could send S-BFD Control packets to a target that does
not exist or that is outside the S-BFD administrative domain. As not exist or that is outside the S-BFD administrative domain. As
explained in Section 7.3.1, an SBFDInitiator can be a "persistent" explained in Section 7.3.1, an SBFDInitiator can be a persistent
initiator or a "when needed" one. When an S-BFD "persistent" initiator or a "when needed" one. When an S-BFD persistent
SBFDInitiator is used, it SHOULD be controlled that S-BFD control SBFDInitiator is used, a deployment SHOULD ensure that S-BFD Control
packet do not propagate for an extended period of time outside of the packets do not propagate for an extended period of time outside of
administrative domain that uses it. Further, operational measures the administrative domain that uses it. Further, operational
SHOULD be taken to identify if S-BFD packets are not responded to for measures SHOULD be taken to determine if responses to S-BFD packets
an extended period of time, and remediate the situation. These are not sent for an extended period of time and then remediate the
potential concerns are largely mitigated by dynamic advertisement situation. These potential concerns are largely mitigated by dynamic
mechanisms for S-BFD, and with automation checks before applying advertisement mechanisms for S-BFD and with automation checks before
configurations. applying configurations.
8.1. Scaling Aspect 8.1. Scaling Aspect
This mechanism brings forth one noticeable difference in terms of This mechanism brings forth one noticeable difference in terms of the
scaling aspect: number of SBFDReflector. This specification scaling aspect: the number of SBFDReflectors. This specification
eliminates the need for egress nodes to have fully active BFD eliminates the need for egress nodes to have fully active BFD
sessions when only one side desires to perform continuity tests. sessions when only one side desires to perform continuity tests.
With introduction of reflector BFD concept, egress no longer is With the introduction of the Reflector BFD concept, egress is no
required to create any active BFD session per path/LSP/function longer required to create any active BFD sessions on a per-path/LSP/
basis. Due to this, total number of BFD sessions in a network is function basis. Because of this, the total number of BFD sessions in
reduced. a network is reduced.
8.2. Congestion Considerations 8.2. Congestion Considerations
S-BFD performs failure detection by consuming resources, including When S-BFD performs failure detection, it consumes resources,
bandwidth and CPU processing. It is therefore imperative that including bandwidth and CPU processing. To avoid congestion, it is
operators correctly provision the rates at which S-BFD is transmitted therefore imperative that operators correctly provision the rates at
to avoid congestion. When BFD is used across multiple hops, a which S-BFD packets are transmitted. When BFD is used across
congestion control mechanism MUST be implemented, and when congestion multiple hops, a congestion control mechanism MUST be implemented,
is detected, the BFD implementation MUST reduce the amount of traffic and when congestion is detected, the BFD implementation MUST reduce
it generates. The exact mechanism used to detect congestion is the amount of traffic it generates. The exact mechanism used to
outside the scope of this specification, but may include detection of detect congestion is outside the scope of this specification but may
lost BFD control packets or other means. The SBFDReflector can limit include the detection of lost BFD Control packets or other means.
the rate at which an SBFInitiators will be sending S-BFD control The SBFDReflector can limit the rate at which SBFDInitiators will be
packets utilizing the "Required Min RX Interval", at the expense of sending S-BFD Control packets by utilizing Required Min RX Interval,
increasing the detection time. but at the expense of detection time (i.e., detection time will
increase).
9. Co-existence with Classical BFD Sessions 9. Co-existence with Classical BFD Sessions
Initial packet demultiplexing requirement is described in Demultiplexing requirements for the initial packet are described in
Section 7.1. Because of this, S-BFD mechanism can co-exist with Section 7.1. Because of this, the S-BFD mechanism can co-exist with
classical BFD sessions. classical BFD sessions.
10. S-BFD Echo Function 10. S-BFD Echo Function
The concept of the S-BFD Echo function is similar to the BFD Echo The concept of the S-BFD Echo function is similar to the BFD Echo
function described in [RFC5880]. S-BFD echo packets have the function described in [RFC5880]. S-BFD Echo packets have the
destination of self, thus S-BFD echo packets are self-generated and destination of "self"; thus, S-BFD Echo packets are self-generated
self-terminated after traversing a link/path. S-BFD echo packets are and self-terminated after traversing a link/path. S-BFD Echo packets
expected to u-turn on the target node in the data plane and MUST NOT are expected to U-turn on the target node in the data plane and
be processed by any reflector BFD sessions on the target node. MUST NOT be processed by any Reflector BFD sessions on the
target node.
When using the S-BFD Echo function, it is RECOMMENDED that: When using the S-BFD Echo function, it is RECOMMENDED that:
o Both S-BFD control packets and S-BFD echo packets be sent. o Both S-BFD Control packets and S-BFD Echo packets be sent.
o Both S-BFD control packets and S-BFD echo packets have the same o Both S-BFD Control packets and S-BFD Echo packets have the same
semantics in the forward direction to reach the target node. semantics in the forward direction to reach the target node.
In other words, it is not preferable to send just S-BFD echo packets In other words, it is not preferable to send just S-BFD Echo packets
without also sending S-BFD control packets. There are two reasons without also sending S-BFD Control packets. There are two reasons
behind this suggestion: behind this suggestion:
o S-BFD control packets can verify the reachability to intended o S-BFD Control packets can verify the reachability of the intended
target node, which allows one to have confidence that S-BFD echo target node; this allows one to have confidence that S-BFD Echo
packets are u-turning on the expected target node. packets are U-turning on the expected target node.
o S-BFD control packets can detect when the target node is going out o S-BFD Control packets can detect when the target node is going out
of service (i.e., via receiving back ADMINDOWN state). of service (i.e., by receiving AdminDown state).
S-BFD Echo packets can be spoofed, and can u-turn in a transit node S-BFD Echo packets can be spoofed and can U-turn in a transit node
before reaching the expected target node. When the S-BFD Echo before reaching the expected target node. When the S-BFD Echo
function is used, it is RECOMMENDED in this specification that both function is used, it is RECOMMENDED in this specification that both
S-BFD control packets and S-BFD echo packets be sent. While the S-BFD Control packets and S-BFD Echo packets be sent. While the
additional use of S-BFD control packets alleviates these two additional use of S-BFD Control packets alleviates these two
concerns, some form of authentication MAY still be included. concerns, some form of authentication MAY still be included.
The usage of the "Required Min Echo RX Interval" field is described The usage of the Required Min Echo RX Interval field is described in
in Section 7.3.2 and Section 7.2.2. Because of the stateless nature Sections 7.2.2 and 7.3.2. Because of the stateless nature of
of SBFDReflector sessions, a value specified the "Required Min Echo SBFDReflector sessions, a value specified in the Required Min Echo RX
RX Interval" field is not very meaningful at SBFDReflector. Thus it Interval field is not very meaningful to the SBFDReflector. Thus, it
is RECOMMENDED that the "Required Min Echo RX Interval" field simply is RECOMMENDED that the Required Min Echo RX Interval field simply be
be set to zero from SBFDInitiator. SBFDReflector MAY set to set to zero by the SBFDInitiator. The SBFDReflector MAY set the
appropriate value to control the rate at which it wants to receives Required Min Echo RX Interval field to an appropriate value to
SBFD echo packets. control the rate at which it wants to receive S-BFD Echo packets.
The following aspects of S-BFD Echo functions are left as The following aspects of S-BFD Echo functions are left as
implementation details, and are outside the scope of this document: implementation details and are outside the scope of this document:
o Format of the S-BFD echo packet (e.g., data beyond UDP header). o Format of the S-BFD Echo packet (e.g., data beyond UDP header).
o Procedures on when and how to use the S-BFD Echo function. o Procedures on when and how to use the S-BFD Echo function.
11. Security Considerations 11. Security Considerations
Same security considerations as [RFC5880] apply to this document. The same security considerations as those described in [RFC5880]
Additionally, implementing the following measures will strengthen apply to this document. Additionally, implementing the following
security aspects of the mechanism described by this document: measures will strengthen security aspects of the mechanism described
by this document:
o SBFDInitiator MAY pick a sequence number to be set in "sequence o The SBFDInitiator MAY pick a sequence number to be set in
Number" in authentication section based on authentication mode "sequence number" in the Authentication Section, based on the
configured. configured authentication mode.
o SBFDReflector MUST NOT use the crypto sequence number to make a o The SBFDReflector MUST NOT use the crypto sequence number to make
decision about accepting the packet. This is because the a decision about accepting the packet. This is because the
SBFDReflector does not maintain S-BFD peer state, and because the SBFDReflector does not maintain S-BFD peer state and because the
SBFDReflector can receive S-BFD packets from multiple SBFDReflector can receive S-BFD packets from multiple
SBFDInitiators. Consequently, BFD authentication can be used but SBFDInitiators. Consequently, BFD authentication can be used, but
not the sequence number. not the sequence number.
o SBFDReflector MAY use the Auth Key ID in the incoming packet to o The SBFDReflector MAY use the Auth Key ID in the incoming packet
verify the authentication data. to verify the Authentication Data.
o SBFDReflector MUST accept the packet if authentication is o The SBFDReflector MUST accept the packet if authentication is
successful. successful.
o SBFDReflector MUST compute the Authentication data and MUST use o The SBFDReflector MUST compute the Authentication Data and MUST
the same sequence number that it received in the S-BFD control use the same sequence number that it received in the S-BFD Control
packet that it is responding to. packet to which it is responding.
o SBFDInitiator SHOULD accept S-BFD control packet with sequence o The SBFDInitiator SHOULD accept an S-BFD Control packet with a
number within permissible window. One potential approach is the sequence number within the permissible range. One potential
procedure explained in [I-D.ietf-bfd-generic-crypto-auth]. approach is the procedure explained in [BFD-GEN-AUTH].
Using the above method, Using the above method,
o SBFDReflector continue to remain stateless despite using security. o SBFDReflectors continue to remain stateless, despite using
security.
o SBFDReflector are not susceptible to replay attacks as they always o SBFDReflectors are not susceptible to replay attacks, as they
respond to S-BFD control packets irrespective of the sequence always respond to S-BFD Control packets irrespective of the
number carried. sequence number carried.
o An attacker cannot impersonate the responder since the o An attacker cannot impersonate the responder, since the
SBFDInitiator will only accept S-BFD control packets that come SBFDInitiator will only accept S-BFD Control packets that come
with the sequence number that it had originally used when sending with the sequence number that it had originally used when sending
the S-BFD control packet. the S-BFD Control packet.
Additionally, the use of strong forms of authentication is strongly Additionally, the use of strong forms of authentication is strongly
encouraged for S-BFD. The use of Simple Password authentication encouraged for S-BFD. The use of Simple Password authentication
potentially puts other services at risk, if S-BFD packets can be [RFC5880] potentially puts other services at risk if S-BFD packets
intercepted and if those password values are reused for other can be intercepted and those password values are reused for other
services. services.
Considerations about loop problems are covered in Appendix A. Considerations related to loop problems are covered in Appendix A.
12. IANA Considerations
No action is required by IANA for this document.
13. Acknowledgements
The authors would like to thank Jeffrey Haas, Greg Mirsky, Marc
Binderberger, and Alvaro Retana for performing thorough reviews and
providing number of suggestions. The authors would also like to
thank Girija Raghavendra Rao, Les Ginsberg, Srihari Raghavan, Vanitha
Neelamegam, and Vengada Prasad Govindan from Cisco Systems for
providing valuable comments. Finally, the authors would also like to
thank John E. Drake and Pablo Frank for providing comments and
suggestions.
14. Contributors
The following are key contributors to this document:
Tarek Saad, Cisco Systems, Inc.
Siva Sivabalan, Cisco Systems, Inc.
Nagendra Kumar, Cisco Systems, Inc.
Mallik Mudigonda, Cisco Systems, Inc.
Sam Aldrin, Google
15. References 12. References
15.1. Normative References 12.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<http://www.rfc-editor.org/info/rfc2119>. <http://www.rfc-editor.org/info/rfc2119>.
[RFC5880] Katz, D. and D. Ward, "Bidirectional Forwarding Detection [RFC5880] Katz, D. and D. Ward, "Bidirectional Forwarding Detection
(BFD)", RFC 5880, DOI 10.17487/RFC5880, June 2010, (BFD)", RFC 5880, DOI 10.17487/RFC5880, June 2010,
<http://www.rfc-editor.org/info/rfc5880>. <http://www.rfc-editor.org/info/rfc5880>.
15.2. Informative References 12.2. Informative References
[I-D.ietf-bfd-generic-crypto-auth] [BFD-GEN-AUTH]
Bhatia, M., Manral, V., Zhang, D., and M. Jethanandani, Bhatia, M., Manral, V., Zhang, D., and M. Jethanandani,
"BFD Generic Cryptographic Authentication", draft-ietf- "BFD Generic Cryptographic Authentication", Work in
bfd-generic-crypto-auth-06 (work in progress), April 2014. Progress, draft-ietf-bfd-generic-crypto-auth-06,
April 2014.
[I-D.ietf-bfd-seamless-ip]
Akiya, N., Pignataro, C., and D. Ward, "Seamless
Bidirectional Forwarding Detection (S-BFD) for IPv4, IPv6
and MPLS", draft-ietf-bfd-seamless-ip-04 (work in
progress), April 2016.
[I-D.ietf-bfd-seamless-use-case]
Aldrin, S., Pignataro, C., Mirsky, G., and N. Kumar,
"Seamless Bidirectional Forwarding Detection (S-BFD) Use
Cases", draft-ietf-bfd-seamless-use-case-06 (work in
progress), April 2016.
[I-D.ietf-pals-seamless-vccv]
Govindan, V. and C. Pignataro, "Seamless BFD for VCCV",
draft-ietf-pals-seamless-vccv-03 (work in progress), April
2016.
[RFC0791] Postel, J., "Internet Protocol", STD 5, RFC 791, [RFC791] Postel, J., "Internet Protocol", STD 5, RFC 791,
DOI 10.17487/RFC0791, September 1981, DOI 10.17487/RFC791, September 1981,
<http://www.rfc-editor.org/info/rfc791>. <http://www.rfc-editor.org/info/rfc791>.
[RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6 [RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6
(IPv6) Specification", RFC 2460, DOI 10.17487/RFC2460, (IPv6) Specification", RFC 2460, DOI 10.17487/RFC2460,
December 1998, <http://www.rfc-editor.org/info/rfc2460>. December 1998, <http://www.rfc-editor.org/info/rfc2460>.
[RFC3031] Rosen, E., Viswanathan, A., and R. Callon, "Multiprotocol [RFC3031] Rosen, E., Viswanathan, A., and R. Callon, "Multiprotocol
Label Switching Architecture", RFC 3031, Label Switching Architecture", RFC 3031,
DOI 10.17487/RFC3031, January 2001, DOI 10.17487/RFC3031, January 2001,
<http://www.rfc-editor.org/info/rfc3031>. <http://www.rfc-editor.org/info/rfc3031>.
[RFC7881] Pignataro, C., Ward, D., and N. Akiya, "Seamless
Bidirectional Forwarding Detection (S-BFD) for IPv4, IPv6,
and MPLS", RFC 7881, DOI 10.17487/RFC7881, July 2016,
<http://www.rfc-editor.org/info/rfc7881>.
[RFC7882] Aldrin, S., Pignataro, C., Mirsky, G., and N. Kumar,
"Seamless Bidirectional Forwarding Detection (S-BFD) Use
Cases", RFC 7882, DOI 10.17487/RFC7882, July 2016,
<http://www.rfc-editor.org/info/rfc7882>.
[RFC7885] Govindan, V. and C. Pignataro, "Seamless Bidirectional
Forwarding Detection (S-BFD) for Virtual Circuit
Connectivity Verification (VCCV)", RFC 7885,
DOI 10.17487/RFC7885, July 2016,
<http://www.rfc-editor.org/info/rfc7885>.
Appendix A. Loop Problem and Solution Appendix A. Loop Problem and Solution
Consider a scenario where we have two nodes and both are S-BFD Consider a scenario where we have two nodes and both are S-BFD
capable. capable.
Node A (IP 2001:db8::1) ----------------- Node B (IP 2001:db8::2) Node A (IP 2001:db8::1) ----------------- Node B (IP 2001:db8::2)
| |
| |
Man in the Middle (MiM) Man in the Middle (MITM)
Assume node A reserved a discriminator 0x01010101 for target Assume that Node A reserved a discriminator 0x01010101 for target
identifier 2001:db8::1 and has a reflector session in listening mode. identifier 2001:db8::1 and has a reflector session in listening mode.
Similarly node B reserved a discriminator 0x02020202 for its target Similarly, Node B reserved a discriminator 0x02020202 for its target
identifier 2001:db8::2 and also has a reflector session in listening identifier 2001:db8::2 and also has a reflector session in
mode. listening mode.
Suppose MiM sends a spoofed packet with MyDisc = 0x01010101, YourDisc Suppose that a MITM sends a spoofed packet with My Discriminator =
= 0x02020202, source IP as 2001:db8::1 and dest IP as 2001:db8::2. 0x01010101, Your Discriminator = 0x02020202, source IP as
When this packet reaches Node B, the reflector session on Node B will 2001:db8::1, and destination IP as 2001:db8::2. When this packet
swap the discriminators and IP addresses of the received packet and reaches Node B, the reflector session on Node B will swap the
reflect it back, since YourDisc of the received packet matched with discriminators and IP addresses of the received packet and reflect it
reserved discriminator of Node B. The reflected packet that reached back, since the Your Discriminator value of the received packet
Node A will have MyDdisc=0x02020202 and YourDisc=0x01010101. Since matches the reserved discriminator of Node B. The reflected packet
YourDisc of the received packet matched the reserved discriminator of that reached Node A will have My Discriminator = 0x02020202 and
Node A, Node A will swap the discriminators and reflects the packet Your Discriminator = 0x01010101. Since the Your Discriminator value
back to Node B. Since reflectors must set the TTL of the reflected of the received packet matches the reserved discriminator of Node A,
Node A will swap the discriminators and reflect the packet back to
Node B. Since the reflectors must set the TTL of the reflected
packets to 255, the above scenario will result in an infinite loop packets to 255, the above scenario will result in an infinite loop
with just one malicious packet injected from MiM. because of just one malicious packet injected from the MITM.
The solution to avoid the loop problem uses the "D" bit (Demand mode The solution is to avoid the loop problem by using the D bit (Demand
bit). The Initiator always sets the 'D' bit and the reflector always mode bit). The initiator always sets the D bit, and the reflector
clears it. This way we can identify if a received packet was a always clears it. This way, we can determine if a received packet
reflected packet and avoid reflecting it back. was a reflected packet and avoid reflecting it back.
Acknowledgements
The authors would like to thank Jeffrey Haas, Greg Mirsky, Marc
Binderberger, and Alvaro Retana for performing thorough reviews and
providing a number of suggestions. The authors would also like to
thank Girija Raghavendra Rao, Les Ginsberg, Srihari Raghavan, Vanitha
Neelamegam, and Vengada Prasad Govindan from Cisco Systems for
providing valuable comments. Finally, the authors would also like to
thank John E. Drake and Pablo Frank for providing comments and
suggestions.
Contributors
The following are key contributors to this document:
Tarek Saad, Cisco Systems, Inc.
Siva Sivabalan, Cisco Systems, Inc.
Nagendra Kumar, Cisco Systems, Inc.
Mallik Mudigonda, Cisco Systems, Inc.
Sam Aldrin, Google
Authors' Addresses Authors' Addresses
Carlos Pignataro Carlos Pignataro
Cisco Systems, Inc. Cisco Systems, Inc.
Email: cpignata@cisco.com Email: cpignata@cisco.com
Dave Ward Dave Ward
Cisco Systems, Inc. Cisco Systems, Inc.
 End of changes. 146 change blocks. 
520 lines changed or deleted 522 lines changed or added

This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/