draft-ietf-bier-ospf-bier-extensions-18.txt   rfc8444.txt 
OSPF P. Psenak, Ed. Internet Engineering Task Force (IETF) P. Psenak, Ed.
Internet-Draft N. Kumar Request for Comments: 8444 N. Kumar
Intended status: Standards Track IJ. Wijnands Category: Standards Track IJ. Wijnands
Expires: December 3, 2018 Cisco ISSN: 2070-1721 Cisco
A. Dolganow A. Dolganow
Nokia Nokia
T. Przygienda T. Przygienda
J. Zhang J. Zhang
Juniper Networks, Inc. Juniper Networks, Inc.
S. Aldrin S. Aldrin
Google, Inc. Google, Inc.
June 1, 2018 November 2018
OSPFv2 Extensions for BIER OSPFv2 Extensions for Bit Index Explicit Replication (BIER)
draft-ietf-bier-ospf-bier-extensions-18.txt
Abstract Abstract
Bit Index Explicit Replication (BIER) is an architecture that Bit Index Explicit Replication (BIER) is an architecture that
provides multicast forwarding through a "BIER domain" without provides optimal multicast forwarding through a "BIER domain" without
requiring intermediate routers to maintain multicast related per-flow requiring intermediate routers to maintain multicast-related, per-
state. Neither does BIER require an explicit tree-building protocol flow state. BIER also does not require an explicit tree-building
for its operation. A multicast data packet enters a BIER domain at a protocol for its operation. A multicast data packet enters a BIER
"Bit-Forwarding Ingress Router" (BFIR), and leaves the BIER domain at domain at a Bit-Forwarding Ingress Router (BFIR) and leaves the BIER
one or more "Bit-Forwarding Egress Routers" (BFERs). The BFIR router domain at one or more Bit-Forwarding Egress Routers (BFERs). The
adds a BIER header to the packet. Such header contains a bit-string BFIR adds a BIER packet header to the packet. The BIER packet header
in which each bit represents exactly one BFER to forward the packet contains a BitString in which each bit represents exactly one BFER to
to. The set of BFERs to which the multicast packet needs to be forward the packet to. The set of BFERs to which the multicast
forwarded is expressed by the according set of bits set in BIER packet needs to be forwarded is expressed by the set of bits in the
packet header. BIER packet header.
This document describes the OSPF [RFC2328] protocol extension This document describes the OSPF protocol extension (from RFC 2328)
required for BIER with MPLS encapsulation [RFC8296]. Support for that is required for BIER with MPLS encapsulation (which is defined
other encapsulation types is outside thescope of this document. The in RFC 8296). Support for other encapsulation types and the use of
use of multiple encapsulation types is outside the scope of this multiple encapsulation types are outside the scope of this document.
document.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This is an Internet Standards Track document.
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months This document is a product of the Internet Engineering Task Force
and may be updated, replaced, or obsoleted by other documents at any (IETF). It represents the consensus of the IETF community. It has
time. It is inappropriate to use Internet-Drafts as reference received public review and has been approved for publication by the
material or to cite them other than as "work in progress." Internet Engineering Steering Group (IESG). Further information on
Internet Standards is available in Section 2 of RFC 7841.
This Internet-Draft will expire on December 3, 2018. Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
https://www.rfc-editor.org/info/rfc8444.
Copyright Notice Copyright Notice
Copyright (c) 2018 IETF Trust and the persons identified as the Copyright (c) 2018 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction ....................................................3
2. Flooding of the BIER Information in OSPF . . . . . . . . . . 3 2. Flooding of the BIER Information in OSPF ........................4
2.1. BIER Sub-TLV . . . . . . . . . . . . . . . . . . . . . . 3 2.1. BIER Sub-TLV ...............................................4
2.2. BIER MPLS Encapsulation Sub-TLV . . . . . . . . . . . . . 5 2.2. BIER MPLS Encapsulation Sub-TLV ............................5
2.3. Flooding scope of BIER Information . . . . . . . . . . . 6 2.3. Flooding Scope of BIER Information .........................7
3. Security Considerations . . . . . . . . . . . . . . . . . . . 7 3. Security Considerations .........................................8
4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8 4. IANA Considerations .............................................9
5. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 8 5. References ......................................................9
6. Normative References . . . . . . . . . . . . . . . . . . . . 8 5.1. Normative References .......................................9
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 9 5.2. Informative References ....................................10
Acknowledgments ...................................................11
Authors' Addresses ................................................11
1. Introduction 1. Introduction
Bit Index Explicit Replication (BIER) is an architecture that Bit Index Explicit Replication (BIER) is an architecture that
provides optimal multicast forwarding through a "BIER domain" without provides optimal multicast forwarding through a "BIER domain" without
requiring intermediate routers to maintain any multicast related per- requiring intermediate routers to maintain any multicast-related,
flow state. Neither does BIER explicitly require a tree-building per-flow state. Neither does BIER explicitly require a tree-building
protocol for its operation. A multicast data packet enters a BIER protocol for its operation. A multicast data packet enters a BIER
domain at a "Bit-Forwarding Ingress Router" (BFIR), and leaves the domain at a Bit-Forwarding Ingress Router (BFIR) and leaves the BIER
BIER domain at one or more "Bit-Forwarding Egress Routers" (BFERs). domain at one or more Bit-Forwarding Egress Routers (BFERs). The
The BFIR router adds a BIER header to the packet. The BIER header BFIR router adds a BIER packet header to the packet. The BIER packet
contains a bit-string in which each bit represents exactly one BFER header contains a BitString in which each bit represents exactly one
to forward the packet to. The set of BFERs to which the multicast BFER to forward the packet to. The set of BFERs to which the
packet needs to be forwarded is expressed by setting the bits that multicast packet needs to be forwarded is expressed by the set of
correspond to those routers in the BIER header. bits in the BIER packet header.
BIER architecture requires routers participating in BIER to exchange The BIER architecture requires routers participating in BIER to
BIER related information within a given domain. BIER architecture exchange BIER-related information within a given domain and permits
permits link-state routing protocols to perform distribution of such link-state routing protocols to perform distribution of such
information. This document describes extensions to OSPF necessary to information. This document describes extensions to OSPF necessary to
advertise BIER specific information in the case where BIER uses MPLS advertise BIER-specific information in the case where BIER uses MPLS
encapsulation as described in [RFC8296]. encapsulation as described in [RFC8296].
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
document are to be interpreted as described in [RFC2119]. "OPTIONAL" in this document are to be interpreted as described in
BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here.
2. Flooding of the BIER Information in OSPF 2. Flooding of the BIER Information in OSPF
All BIER specific information that a Bit-Forwarding Router (BFR) All BIER-specific information that a Bit-Forwarding Router (BFR)
needs to advertise to other BFRs is associated with a BFR-Prefix. A needs to advertise to other BFRs is associated with a BFR-prefix. A
BFR prefix is a unique (within a given BIER domain) routable IP BFR-prefix is a unique (within a given BIER domain) routable IP
address that is assigned to each BFR as described in more detail in address that is assigned to each BFR as described in detail in
section 2 of [RFC8279]. Section 2 of [RFC8279].
Given that BIER information must be associated with a BFR prefix, the Given that BIER information must be associated with a BFR-prefix, the
OSPF Extended Prefix Opaque LSA [RFC7684] has been chosen for OSPFv2 Extended Prefix Opaque LSA [RFC7684] has been chosen for
advertisement. advertisement.
2.1. BIER Sub-TLV 2.1. BIER Sub-TLV
A Sub-TLV of the Extended Prefix TLV (defined in [RFC7684]) is A sub-TLV of the OSPFv2 Extended Prefix TLV (defined in [RFC7684]) is
defined for distributing BIER information. The Sub-TLV is called the defined for distributing BIER information. The sub-TLV is called the
BIER Sub-TLV. Multiple BIER Sub-TLVs may be included in the Extended BIER Sub-TLV. Multiple BIER Sub-TLVs may be included in the OSPFv2
Prefix TLV. Extended Prefix TLV.
The BIER Sub-TLV has the following format: The BIER Sub-TLV has the following format:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | | Type | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Sub-domain-ID | MT-ID | BFR-id | | sub-domain-id | MT-ID | BFR-id |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| BAR | IPA | Reserved | | BAR | IPA | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Sub-TLVs (variable) | | Sub-TLVs (variable) |
+- -+ +- -+
| | | |
Type: 9
Length: Variable, dependent on sub-TLVs. Type: 9
Sub-domain-ID: Unique value identifying the BIER sub-domain within Length: Variable, dependent on sub-TLVs.
the BIER domain, as described in section 1 of [RFC8279].
MT-ID: Multi-Topology ID (as defined in [RFC4915]) that identifies sub-domain-id: Unique value identifying the BIER sub-domain within
the BIER domain, as described in Section 1 of [RFC8279].
MT-ID: Multi-Topology ID (as defined in [RFC4915]) that identifies
the topology that is associated with the BIER sub-domain. the topology that is associated with the BIER sub-domain.
BFR-id: A 2 octet field encoding the BFR-id, as documented in BFR-id: A 2-octet field encoding the BFR-id, as documented in
section 2 of [RFC8279]. If the BFR is not locally configured with Section 2 of [RFC8279]. If the BFR is not locally configured with
a valid BFR-id, the value of this field is set to 0, which is a valid BFR-id, the value of this field is set to 0, which is
defined as illegal in [RFC8279]. defined as illegal in [RFC8279].
BAR: Single octet BIER specific algorithm used to calculate BAR: Single-octet BIER Algorithm used to calculate underlay paths to
underlay paths to reach other BFRs. Values are allocated from the reach other BFRs. Values are allocated from the "BIER Algorithm"
"BIER Algorithm Registry" which is defined in registry defined in [RFC8401].
[I-D.ietf-bier-isis-extensions].
IPA: Single octet IGP algorithm to either modify, enhance or IPA: Single-octet IGP Algorithm used to either modify, enhance, or
replace the calculation of underlay paths to reach other BFRs as replace the calculation of underlay paths to reach other BFRs as
defined by the BAR value. Values are defined in the "IGP defined by the BAR value. Values are defined in the "IGP
Algorithm Types" registry. Algorithm Types" registry [IANA-IGP].
Each BFR sub-domain MUST be associated with one and only one OSPF Each BFR sub-domain MUST be associated with one and only one OSPF
topology that is identified by the MT-ID. If the association between topology that is identified by the MT-ID. If the association between
BIER sub-domain and OSPF topology advertised in the BIER sub-TLV by the BIER sub-domain and OSPF topology advertised in the BIER Sub-TLV
other BFRs is in conflict with the association locally configured on by other BFRs is in conflict with the association locally configured
the receiving router, the BIER Sub-TLV MUST be ignored. on the receiving router, the BIER Sub-TLV for such conflicting sub-
domains MUST be ignored.
If the MT-ID value is outside of the values specified in [RFC4915], If the MT-ID contains an invalid value as specified in [RFC4915], the
the BIER Sub-TLV MUST be ignored. BIER Sub-TLV for such subdomains with conflict MUST be ignored.
If a BFR advertises the same Sub-domain-ID in multiple BIER sub-TLVs, If a BFR advertises the same sub-domain-id in multiple BIER Sub-TLVs,
the BFR MUST be treated as if it did not advertise a BIER sub-TLV for the BFR MUST be treated as if it did not advertise a BIER Sub-TLV for
such sub-domain. such sub-domain.
All BFRs MUST detect advertisement of duplicate valid BFR-IDs for a All BFRs MUST detect advertisement of duplicate valid BFR-ids for a
given MT-ID and Sub-domain-ID. When such duplication is detected by given MT-ID and sub-domain-id. When such duplication is detected by
the BFR, it MUST behave as described in section 5 of [RFC8279]. the BFR, it MUST behave as described in Section 5 of [RFC8279].
The supported BAR and IPA algorithms MUST be consistent for all The supported BAR and IPA algorithms MUST be consistent for all
routers supporting a given BFR sub-domain. A router receiving BIER routers supporting a given BFR sub-domain. If a router receives a
Sub-TLV advertisement with a value in BAR or IPA fields which does BIER Sub-TLV advertisement with a value in the BAR or IPA fields that
not match the locally configured value for a given BFR sub-domain, does not match the locally configured value for a given BFR sub-
MUST report a misconfiguration for such BIER sub-domain and MUST domain, the router MUST report a misconfiguration for such BIER sub-
ignore such BIER sub-TLV. domain and MUST ignore the BIER Sub-TLV containing the error.
The use of non-zero values in either the BAR field or the IPA field The use of non-zero values in either the BAR field or the IPA field
is outside the scope of this document. is outside the scope of this document.
2.2. BIER MPLS Encapsulation Sub-TLV 2.2. BIER MPLS Encapsulation Sub-TLV
The BIER MPLS Encapsulation Sub-TLV is a Sub-TLV of the BIER Sub-TLV. The BIER MPLS Encapsulation Sub-TLV is a sub-TLV of the BIER Sub-TLV.
The BIER MPLS Encapsulation Sub-TLV is used in order to advertise The BIER MPLS Encapsulation Sub-TLV is used in order to advertise
MPLS specific information used for BIER. It MAY appear multiple MPLS-specific information used for BIER. It MAY appear multiple
times in the BIER Sub-TLV. times in the BIER Sub-TLV.
The BIER MPLS Encapsulation Sub-TLV has the following format: The BIER MPLS Encapsulation Sub-TLV has the following format:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | | Type | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Max SI | Label | | Max SI | Label |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|BS Len | Reserved | |BS Len | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 10 Type: 10
Length: 8 octets Length: 8 octets
Max SI : A 1 octet field encoding the maximum Set Identifier Max SI: A 1-octet field encoding the maximum Set Identifier (SI)
(section 1 of [RFC8279]), used in the encapsulation for this BIER (see Section 1 of [RFC8279]) used in the encapsulation for this
sub-domain for this bitstring length. BIER sub-domain for this BitString length.
Label: A 3 octet field, where the 20 rightmost bits represent the Label: A 3-octet field, where the 20 rightmost bits represent the
first label in the label range. The 4 leftmost bits MUST be first label in the label range. The 4 leftmost bits MUST be
ignored. ignored.
Bit String Length: A 4 bits field encoding the supported BitString BS Len (BitString Length): A 4-bit field encoding the supported
length associated with this BFR-prefix. The values allowed in BitString length associated with this BFR-prefix. The values
this field are specified in section 2 of [RFC8296]. allowed in this field are specified in Section 2 of [RFC8296].
Reserved: SHOULD be set to 0 on transmission and MUST be ignored Reserved: SHOULD be set to 0 on transmission and MUST be ignored on
on reception. reception.
The "label range" is the set of labels beginning with the Label The "label range" is the set of labels beginning with the Label and
and ending with (Label + (Max SI)). A unique label range is ending with (Label + (Max SI)). A unique label range is allocated
allocated for each BitString length and Sub-domain-ID. These for each BitString length and sub-domain-id. These labels are used
labels are used for BIER forwarding as described in [RFC8279] and for BIER forwarding as described in [RFC8279] and [RFC8296].
[RFC8296].
The size of the label range is determined by the number of Set The size of the label range is determined by the number of SIs
Identifiers (SI) (section 1 of [RFC8279]) that are used in the (Section 1 of [RFC8279]) that are used in the network. Each SI maps
network. Each SI maps to a single label in the label range. The to a single label in the label range: the first label is for SI=0,
first label is for SI=0, the second label is for SI=1, etc. the second label is for SI=1, etc.
If the label associated with the Maximum Set Identifier exceeds the If the label associated with the Maximum Set Identifier exceeds the
20 bit range, the BIER MPLS Encapsulation Sub-TLV MUST be ignored. 20-bit range, the BIER MPLS Encapsulation Sub-TLV containing the
error MUST be ignored.
If the BS length is set to a value that does not match any of the If the BitString length is set to a value that does not match any of
allowed values specified in [RFC8296], the BIER MPLS Encapsulation the allowed values specified in [RFC8296], the BIER MPLS
Sub-TLV MUST be ignored. Encapsulation Sub-TLV containing the error MUST be ignored.
If same BS length is repeated in multiple BIER MPLS Encapsulation If the same BitString length is repeated in multiple BIER MPLS
Sub-TLV inside the same BIER Sub-TLV, the BIER sub-TLV MUST be Encapsulation Sub-TLVs inside the same BIER Sub-TLV, the whole BIER
ignored. Sub-TLV containing the conflicts MUST be ignored.
Label ranges within all BIER MPLS Encapsulation Sub-TLVs advertised Label ranges within all BIER MPLS Encapsulation Sub-TLVs advertised
by the same BFR MUST NOT overlap. If the overlap is detected, the by the same BFR MUST NOT overlap. If an overlap is detected, all
advertising router MUST be treated as if it did not advertise any BIER sub-TLVs advertised by such a router MUST be ignored.
BIER sub-TLVs.
2.3. Flooding scope of BIER Information 2.3. Flooding Scope of BIER Information
The flooding scope of the OSPF Extended Prefix Opaque LSA [RFC7684] The flooding scope of the OSPFv2 Extended Prefix Opaque LSA [RFC7684]
that is used for advertising the BIER Sub-TLV is set to area-local. that is used for advertising the BIER Sub-TLV is set to area-local.
To allow BIER deployment in a multi-area environment, OSPF must To allow BIER deployment in a multi-area environment, OSPF must
propagate BIER information between areas. propagate BIER information between areas.
( ) ( ) ( ) ( ) ( ) ( )
( ) ( ) ( ) ( ) ( ) ( )
R1 Area 1 R2 Area 0 R3 Area 2 R4 R1 Area 1 R2 Area 0 R3 Area 2 R4
( ) ( ) ( ) ( ) ( ) ( )
( ) ( ) ( ) ( ) ( ) ( )
Figure 1: BIER propagation between areas Figure 1: BIER Propagation between Areas
The following procedure is used in order to propagate BIER related The following procedure is used in order to propagate BIER-related
information between areas: information between areas:
When an OSPF Area Border Router (ABR) advertises a Type-3 Summary When an OSPF Area Border Router (ABR) advertises a Type-3 Summary
LSA from an intra-area or inter-area prefix to all its attached LSA from an intra-area or inter-area prefix to all its attached
areas, it will also originate an Extended Prefix Opaque LSA, as areas, it will also originate an OSPFv2 Extended Prefix Opaque
described in [RFC7684]. The flooding scope of the Extended Prefix LSA, as described in [RFC7684]. The flooding scope of the OSPFv2
Opaque LSA type will be set to area-local. The route-type in the Extended Prefix Opaque LSA type will be set to area-local. The
OSPF Extended Prefix TLV is set to inter-area. When determining route-type in the OSPFv2 Extended Prefix TLV is set to inter-area.
whether a BIER Sub-TLV should be included in this LSA, an OSPF ABR When determining whether a BIER Sub-TLV should be included in this
will: LSA, an OSPF ABR will:
- Examine its best path to the prefix in the source area and * Examine its best path to the prefix in the source area and find
find the advertising router associated with the best path to the advertising router associated with the best path to that
that prefix. prefix.
- Determine if such advertising router advertised a BIER Sub- * Determine if the advertising router advertised a BIER Sub-TLV
TLV for the prefix. If yes, the ABR will copy the information for the prefix. If yes, the ABR will copy the information from
from such BIER Sub-TLV when advertising BIER Sub-TLV to each that BIER Sub-TLV when advertising the BIER Sub-TLV to each
attached area. attached area.
In the Figure 1, R1 advertises a prefix 192.0.2.1/32 in Area 1. In Figure 1, R1 advertises a prefix 192.0.2.1/32 in Area 1. It
It also advertises Extended Prefix Opaque LSA for prefix also advertises an OSPFv2 Extended Prefix Opaque LSA for prefix
192.0.2.1/32 and includes BIER Sub-TLV in it. Area Border Router 192.0.2.1/32 and includes a BIER Sub-TLV in it. ABR R2 calculates
(ABR) R2 calculates the reachability for prefix 192.0.2.1/32 the reachability for prefix 192.0.2.1/32 inside Area 1 and
inside Area 1 and propagates it to Area 0. When doing so, it propagates it to Area 0. When doing so, it copies the entire BIER
copies the entire BIER Sub-TLV (including all its Sub-TLVs) it Sub-TLV (including all of its Sub-TLVs) that it received from R1
received from R1 in Area 1 and includes it in the Extended Prefix in Area 1 and includes it in the OSPFv2 Extended Prefix Opaque LSA
Opaque LSA it generates for 192.0.2.1/32 in Area 0. ABR R3 it generates for 192.0.2.1/32 in Area 0. ABR R3 calculates the
calculates the reachability for prefix 192.0.2.1/32 inside Area 0 reachability for prefix 192.0.2.1/32 inside Area 0 and propagates
and propagates it to Area 2. When doing so, it copies the entire it to Area 2. When doing so, it copies the entire BIER Sub-TLV
BIER Sub-TLV (including all its Sub-TLVs) it received from R2 in (including all of its sub-TLVs) that it received from R2 in Area 0
Area 0 and includes it in the Extended Prefix Opaque LSA it and includes it in the OSPFv2 Extended Prefix Opaque LSA it
generates for 192.0.2.1/32 in Area 2. generates for 192.0.2.1/32 in Area 2.
3. Security Considerations 3. Security Considerations
This document introduces new sub-TLVs for existing OSPF Extended This document introduces new sub-TLVs for the existing OSPFv2
Prefix TLV. It does not introduce any new security risks to OSPF. Extended Prefix TLV. It does not introduce any new security risks to
Existing security extensions as described in [RFC2328] and [RFC7684] OSPF. Existing security extensions as described in [RFC2328] and
apply. [RFC7684] apply.
It is assumed that both BIER and OSPF layer is under a single It is assumed that both the BIER and OSPF layers are under a single
administrative domain. There can be deployments where potential administrative domain. There can be deployments where potential
attackers have access to one or more networks in the OSPF routing attackers have access to one or more networks in the OSPF routing
domain. In these deployments, stronger authentication mechanisms domain. In these deployments, stronger authentication mechanisms
such as those specified in [RFC7474] SHOULD be used. such as those specified in [RFC7474] SHOULD be used.
The Security Considerations section of [RFC8279] discusses the The Security Considerations section of [RFC8279] discusses the
possibility of performing a Denial of Service (DoS) attack by setting possibility of performing a Denial-of-Service (DoS) attack by setting
too many bits in the BitString of a BIER-encapsulated packet. too many bits in the BitString of a BIER-encapsulated packet.
However, this sort of DoS attack cannot be initiated by modifying the However, this sort of DoS attack cannot be initiated by modifying the
OSPF BIER advertisements specified in this document. A BFIR decides OSPF BIER advertisements specified in this document. A BFIR decides
which systems are to receive a BIER-encapsulated packet. In making which systems are to receive a BIER-encapsulated packet. In making
this decision, it is not influenced by the OSPF control messages. this decision, it is not influenced by the OSPF control messages.
When creating the encapsulation, the BFIR sets one bit in the When creating the encapsulation, the BFIR sets one bit in the
encapsulation for each destination system. The information in the encapsulation for each destination system. The information in the
OSPF BIER advertisements is used to construct the forwarding tables OSPF BIER advertisements is used to construct the forwarding tables
that map each bit in the encapsulation into a set of next hops for that map each bit in the encapsulation into a set of next hops for
the host that is identified by that bit, but is not used by the BFIR the host that is identified by that bit, but the information is not
to decide which bits to set. Hence an attack on the OSPF control used by the BFIR to decide which bits to set. Hence, an attack on
plane cannot be used to cause this sort of DoS attack. the OSPF control plane cannot be used to cause this sort of DoS
attack.
While a BIER-encapsulated packet is traversing the network, a BFR While a BIER-encapsulated packet is traversing the network, a BFR
that receives a BIER-encapsulated packet with n bits set in its that receives a BIER-encapsulated packet with n bits set in its
BitString may have to replicate the packet and forward multiple BitString may have to replicate the packet and forward multiple
copies. However, a given bit will only be set in one copy of the copies. However, a given bit will only be set in one copy of the
packet. That means that each transmitted replica of a received packet. This means that each transmitted replica of a received
packet has fewer bits set (i.e., is targeted to fewer destinations) packet has fewer bits set (i.e., is targeted to fewer destinations)
than the received packet. This is an essential property of the BIER than the received packet. This is an essential property of the BIER
forwarding process as defined in [RFC8279]. While a failure of this forwarding process as defined in [RFC8279]. While a failure of this
process might cause a DoS attack (as discussed in the Security process might cause a DoS attack (as discussed in the Security
Considerations of [RFC8279]), such a failure cannot be caused by an Considerations section of [RFC8279]), such a failure cannot be caused
attack on the OSPF control plane. by an attack on the OSPF control plane.
Implementations MUST assure that malformed TLV and Sub-TLV defined in Implementations MUST ensure that malformed BIER and BIER MPLS
this document are detected and do not provide a vulnerability for Encapsulation Sub-TLVs as defined in this document are detected and
attackers to crash the OSPF router or routing process. Reception of that they do not provide a vulnerability for attackers to crash the
malformed TLV or Sub-TLV SHOULD be counted and/or logged for further OSPF router or routing process. Reception of malformed TLVs or sub-
analysis. Logging of malformed TLVs and Sub-TLVs SHOULD be rate- TLVs SHOULD be counted and/or logged for further analysis. Logging
limited to prevent a Denial of Service (DoS) attack (distributed or of malformed TLVs and sub-TLVs SHOULD be rate-limited to prevent a
otherwise) from overloading the OSPF control plane. DoS attack (distributed or otherwise) from overloading the OSPF
control plane.
4. IANA Considerations 4. IANA Considerations
The document requests two new allocations from the OSPF Extended IANA has allocated the following from the "OSPFv2 Extended Prefix TLV
Prefix sub-TLV registry as defined in [RFC7684]. Sub-TLVs" registry defined in [RFC7684].
BIER Sub-TLV: 9 BIER Sub-TLV: 9
BIER MPLS Encapsulation Sub-TLV: 10 BIER MPLS Encapsulation Sub-TLV: 10
5. Acknowledgments 5. References
The authors would like to thank Rajiv Asati, Christian Martin, Greg
Shepherd and Eric Rosen for their contribution.
6. Normative References
[I-D.ietf-bier-isis-extensions] 5.1. Normative References
Ginsberg, L., Przygienda, T., Aldrin, S., and Z. Zhang,
"BIER support via ISIS", draft-ietf-bier-isis-
extensions-11 (work in progress), March 2018.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[RFC2328] Moy, J., "OSPF Version 2", STD 54, RFC 2328, [RFC2328] Moy, J., "OSPF Version 2", STD 54, RFC 2328,
DOI 10.17487/RFC2328, April 1998, DOI 10.17487/RFC2328, April 1998,
<https://www.rfc-editor.org/info/rfc2328>. <https://www.rfc-editor.org/info/rfc2328>.
[RFC4915] Psenak, P., Mirtorabi, S., Roy, A., Nguyen, L., and P. [RFC4915] Psenak, P., Mirtorabi, S., Roy, A., Nguyen, L., and P.
Pillay-Esnault, "Multi-Topology (MT) Routing in OSPF", Pillay-Esnault, "Multi-Topology (MT) Routing in OSPF",
RFC 4915, DOI 10.17487/RFC4915, June 2007, RFC 4915, DOI 10.17487/RFC4915, June 2007,
<https://www.rfc-editor.org/info/rfc4915>. <https://www.rfc-editor.org/info/rfc4915>.
[RFC7474] Bhatia, M., Hartman, S., Zhang, D., and A. Lindem, Ed.,
"Security Extension for OSPFv2 When Using Manual Key
Management", RFC 7474, DOI 10.17487/RFC7474, April 2015,
<https://www.rfc-editor.org/info/rfc7474>.
[RFC7684] Psenak, P., Gredler, H., Shakir, R., Henderickx, W., [RFC7684] Psenak, P., Gredler, H., Shakir, R., Henderickx, W.,
Tantsura, J., and A. Lindem, "OSPFv2 Prefix/Link Attribute Tantsura, J., and A. Lindem, "OSPFv2 Prefix/Link Attribute
Advertisement", RFC 7684, DOI 10.17487/RFC7684, November Advertisement", RFC 7684, DOI 10.17487/RFC7684, November
2015, <https://www.rfc-editor.org/info/rfc7684>. 2015, <https://www.rfc-editor.org/info/rfc7684>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>.
[RFC8279] Wijnands, IJ., Ed., Rosen, E., Ed., Dolganow, A., [RFC8279] Wijnands, IJ., Ed., Rosen, E., Ed., Dolganow, A.,
Przygienda, T., and S. Aldrin, "Multicast Using Bit Index Przygienda, T., and S. Aldrin, "Multicast Using Bit Index
Explicit Replication (BIER)", RFC 8279, Explicit Replication (BIER)", RFC 8279,
DOI 10.17487/RFC8279, November 2017, DOI 10.17487/RFC8279, November 2017,
<https://www.rfc-editor.org/info/rfc8279>. <https://www.rfc-editor.org/info/rfc8279>.
[RFC8296] Wijnands, IJ., Ed., Rosen, E., Ed., Dolganow, A., [RFC8296] Wijnands, IJ., Ed., Rosen, E., Ed., Dolganow, A.,
Tantsura, J., Aldrin, S., and I. Meilik, "Encapsulation Tantsura, J., Aldrin, S., and I. Meilik, "Encapsulation
for Bit Index Explicit Replication (BIER) in MPLS and Non- for Bit Index Explicit Replication (BIER) in MPLS and Non-
MPLS Networks", RFC 8296, DOI 10.17487/RFC8296, January MPLS Networks", RFC 8296, DOI 10.17487/RFC8296, January
2018, <https://www.rfc-editor.org/info/rfc8296>. 2018, <https://www.rfc-editor.org/info/rfc8296>.
[RFC8401] Ginsberg, L., Ed., Przygienda, T., Aldrin, S., and Z.
Zhang, "Bit Index Explicit Replication (BIER) Support via
IS-IS", RFC 8401, DOI 10.17487/RFC8401, June 2018,
<https://www.rfc-editor.org/info/rfc8401>.
5.2. Informative References
[IANA-IGP] IANA, "IGP Algorithm Types",
<https://www.iana.org/assignments/igp-parameters/>.
Acknowledgments
The authors would like to thank Rajiv Asati, Christian Martin, Greg
Shepherd, and Eric Rosen for their contributions.
Authors' Addresses Authors' Addresses
Peter Psenak (editor) Peter Psenak (editor)
Cisco Cisco
Apollo Business Center Apollo Business Center
Mlynske nivy 43 Mlynske nivy 43
Bratislava 821 09 Bratislava 821 09
Slovakia Slovakia
Email: ppsenak@cisco.com Email: ppsenak@cisco.com
skipping to change at page 10, line 4 skipping to change at page 11, line 20
Authors' Addresses Authors' Addresses
Peter Psenak (editor) Peter Psenak (editor)
Cisco Cisco
Apollo Business Center Apollo Business Center
Mlynske nivy 43 Mlynske nivy 43
Bratislava 821 09 Bratislava 821 09
Slovakia Slovakia
Email: ppsenak@cisco.com Email: ppsenak@cisco.com
Nagendra Kumar Nagendra Kumar
Cisco Cisco
7200 Kit Creek Road 7200 Kit Creek Road
Research Triangle Park, NC 27709 Research Triangle Park, NC 27709
US United States of America
Email: naikumar@cisco.com Email: naikumar@cisco.com
IJsbrand Wijnands IJsbrand Wijnands
Cisco Cisco
De Kleetlaan 6a De Kleetlaan 6a
Diegem 1831 Diegem 1831
Belgium Belgium
Email: ice@cisco.com Email: ice@cisco.com
Andrew Dolganow Andrew Dolganow
Nokia Nokia
750 Chai Chee Rd 750 Chai Chee Rd
06-06 Viva Business Park 06-06 Viva Business Park
Singapore 469004 Singapore 469004
Singapore
Email: andrew.dolganow@nokia.com Email: andrew.dolganow@nokia.com
Tony Przygienda Tony Przygienda
Juniper Networks, Inc. Juniper Networks, Inc.
10 Technology Park Drive 10 Technology Park Drive
Westford, MA 01886 Westford, MA 01886
USA United States of America
Email: prz@juniper.net Email: prz@juniper.net
Jeffrey Zhang Jeffrey Zhang
Juniper Networks, Inc. Juniper Networks, Inc.
10 Technology Park Drive 10 Technology Park Drive
Westford, MA 01886 Westford, MA 01886
USA United States of America
Email: zzhang@juniper.net Email: zzhang@juniper.net
Sam Aldrin Sam Aldrin
Google, Inc. Google, Inc.
1600 Amphitheatre Parkway 1600 Amphitheatre Parkway
Mountain View, CA Mountain View, CA
USA United States of America
Email: aldrin.ietf@gmail.com Email: aldrin.ietf@gmail.com
 End of changes. 74 change blocks. 
196 lines changed or deleted 215 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/