--- 1/draft-ietf-lsr-ospf-bfd-strict-mode-02.txt 2021-03-24 01:13:12.476365310 -0700 +++ 2/draft-ietf-lsr-ospf-bfd-strict-mode-03.txt 2021-03-24 01:13:12.500365907 -0700 @@ -1,54 +1,53 @@ Link State Routing K. Talaulikar Internet-Draft P. Psenak Intended status: Standards Track Cisco Systems, Inc. -Expires: July 3, 2021 A. Fu +Expires: September 25, 2021 A. Fu Bloomberg M. Rajesh Juniper Networks - December 30, 2020 + March 24, 2021 OSPF Strict-Mode for BFD - draft-ietf-lsr-ospf-bfd-strict-mode-02 + draft-ietf-lsr-ospf-bfd-strict-mode-03 Abstract This document specifies the extensions to OSPF that enable an OSPF router to signal the requirement for a Bidirectional Forwarding Detection (BFD) session prior to adjacency formation. Link-Local - Signaling (LLS) is used to advertise this requirement of "strict- - mode" of BFD session establishment for OSPF adjacency. If both OSPF - neighbors advertise the "strict-mode" of BFD, adjacency formation - will be blocked until a BFD session has been successfully - established. + Signaling (LLS) is used to advertise the requirement of strict-mode + for BFD session establishment for OSPF adjacency. If both OSPF + neighbors advertise the strict-mode for BFD, adjacency formation will + be blocked until a BFD session has been successfully established. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." - This Internet-Draft will expire on July 3, 2021. + This Internet-Draft will expire on September 25, 2021. Copyright Notice - Copyright (c) 2020 IETF Trust and the persons identified as the + Copyright (c) 2021 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as @@ -69,260 +68,260 @@ 8. Security Considerations . . . . . . . . . . . . . . . . . . . 8 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 8 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 8 10.1. Normative References . . . . . . . . . . . . . . . . . . 8 10.2. Informative References . . . . . . . . . . . . . . . . . 9 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 9 1. Introduction Bidirectional Forwarding Detection (BFD) [RFC5880] enables routers to - monitor dataplane connectivity and to detect faults in the + monitor data-plane connectivity and to detect faults in the bidirectional path between them. BFD is leveraged by routing protocols like OSPFv2[RFC2328] and OSPFv3 [RFC5340] to detect connectivity failures for established adjacencies and trigger the - rerouting of traffic around the failure more quickly than with OSPF - hello packet monitoring. + rerouting of traffic around the failure faster than with OSPF hello + packet monitoring. The use of BFD for monitoring routing protocols adjacencies is described in [RFC5882]. When BFD monitoring is enabled for OSPF adjacencies, the BFD session is bootstrapped based on the neighbor - address information discovered by the exchange of OSPF hello packets. + address information discovered by the exchange of OSPF Hello packets. Faults in the bidirectional forwarding detected via BFD then result in the OSPF adjacency being brought down. Note that it is possible in some failure scenarios for the network to be in a state such that an OSPF adjacency can be established but a BFD session cannot be established and maintained. In certain other scenarios, a degraded - or poor quality link may result in OSPF adjacency formation to - succeed only to result in BFD session establishment not being - successful or flapping of the BFD session. In this case, traffic - that gets forwarded over such a link may experience packet drops - while the failure of BFD session establishment would not enable fast - routing convergence if the link were to go down or flap. + or poor quality link will allow OSPF adjacency formation to succeed + but the BFD session establishment will fail or the BFD session will + flap. In this case, traffic that gets forwarded over such a link may + experience packet drops while the failure of the BFD session + establishment would not enable fast routing convergence if the link + were to go down or flap. To avoid the routing churn associated with these scenarios, it would be beneficial to not allow OSPF to establish an adjacency until a BFD session is successfully established and has stabilized. However, this would preclude the OSPF operation in an environment in which not all OSPF routers support BFD and are enabled for BFD on the link. A solution is to block OSPF adjacency establishment until a BFD session is established as long as both neighbors advertise such a requirement. Such a mode of OSPF BFD usage is referred to as "strict-mode". This document specifies the OSPF protocol extensions using link-local signaling (LLS) [RFC5613] for a router to indicate to its neighbor - the willingness to establish a BFD session in the "strict-mode". It - also introduces an extension for OSPFv3 link-local signaling of - interface IPv4 address when used for IPv4 address-family (AF) - instance to enable discovery of the IPv4 addresses for BFD session - setup. + the willingness to establish its adjacency using the strict-mode for + BFD. It also introduces an extension for OSPFv3 link-local signaling + of the interface IPv4 address when used for an IPv4 address-family + (AF) instance to enable discovery of the IPv4 addresses for BFD + session setup. A similar functionality for IS-IS is specified [RFC6213]. 1.1. Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here. 2. LLS B-bit Flag This document defines the B-bit in the LLS Type 1 Extended Options and Flags field. This bit is defined for the LLS block included in - Hello packets and indicates that BFD is enabled on the link and that - the router requests BFD strict-mode. Section 7 describes the - position of the B-bit. + Hello and Database Description (DD) packets and indicates that BFD is + enabled on the link and that the router requests strict-mode for BFD. + Section 7 describes the position of the B-bit. A router MUST include the LLS block with the LLS Type 1 Extended - Options and Flags TLV with the B-bit set its Hello messages when BFD - is enabled on the link. + Options and Flags TLV with the B-bit set in its Hello and DD packets + when strict-mode for BFD is enabled on the link. 3. Local Interface IPv4 Address TLV - The Local Interface IPv4 Address TLV is an LLS TLV meant for OSPFv3 - protocol operations for IPv4 AF instances [RFC5838]. It has - following format: + The Local Interface IPv4 Address TLV is an LLS TLV defined for OSPFv3 + IPv4 AF instance [RFC5838] protocol operation. It has the following + format: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Local Interface IPv4 Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ where: Type: 21 Length: 4 octet Local Interface IPv4 Address: The primary IPv4 address of the local interface. 4. Procedures - A router supporting BFD strict-mode advertises this capability - through its hello messages as described in Section 2. When a router - supporting BFD strict-mode discovers a new neighbor router that also - supports BFD strict-mode, then it will establish a BFD session first - with that neighbor before bringing up the OSPF adjacency as described - further in this section. + A router supporting strict-mode for BFD advertises this capability + through its Hello packets as described in Section 2. When a router + supporting strict-mode for BFD discovers a new neighbor router that + also supports strict-mode for BFD, then it will establish a BFD + session first with that neighbor before bringing up the OSPF + adjacency as described further in this section. This document updates the OSPF neighbor state machine as described in [RFC2328]. Specifically, the operations related to the Init state as - below when BFD strict-mode is used: + below when strict-mode for BFD is used: - Init (without BFD strict-mode) + Init (without strict-mode for BFD) In this state, a Hello packet has recently been received from the neighbor. However, bidirectional communication has not yet been established with the neighbor (i.e., the router itself did not appear in the neighbor's Hello packet). All neighbors in this state (or higher) are listed in the Hello packets sent from the associated interface. - Init (with BFD strict-mode) - In this state, an Hello packet has recently been received from the + Init (with strict-mode for BFD) + In this state, a Hello packet has recently been received from the neighbor. However, bidirectional communication has not yet been established with the neighbor (i.e., the router itself did not - appear in the neighbor's Hello packet). A BFD session - establishment to the neighbor is requested, if not already done - (e.g. in the event of transition from 2-way state). Neighbors in - Init state or higher will be listed in the Hello packets - associated with the interface if they either have a corresponding - BFD session established or have not advertised "strict-mode" BFD - in the Hello packet LLS Extended Options and Flags. + appear in the neighbor's Hello packet). BFD session establishment + with the neighbor is requested, if not already completed (e.g., in + the event of transition from 2-way state). Neighbors in Init + state or higher will be listed in the Hello packets associated + with the interface if they either have a corresponding BFD session + established or have not advertised strict-mode for BFD in the + Hello packet LLS Extended Options and Flags. Whenever the neighbor state transitions to Down state, the removal of the BFD session associated with that neighbor SHOULD be requested by OSPF and subsequent BFD session establishment SHOULD similarly be requested by OSPF upon transitioning into Init state. This may result in the deletion and creation of the BFD session respectively - when OSPF is the only client interested in the BFD session to the + when OSPF is the only client interested in the BFD session with the neighbor address. An implementation MUST NOT wait for BFD session establishment in Init - state unless BFD strict-mode is enabled on the router and the - specific neighbor indicates BFD strict-mode capability via its Hello - LLS options. When BFD is enabled, but the strict-mode of operation - has not be signaled by both neighbors, then an implementation SHOULD - start the BFD session establishment only in 2-Way state or higher - state. This makes it possible for an OSPF router to operate a mix of - BFD operation in strict-mode or normal mode across different - interfaces or even different neighbors on the same multi-access LAN - interface. + state unless strict-mode for BFD is enabled on the router and the + specific neighbor indicates strict-mode for BFD capability via its + Hello LLS options. When BFD is enabled, but the strict-mode for + operation has not be signaled by both neighbors, then an + implementation SHOULD start the BFD session establishment only in + 2-Way state or higher state. This makes it possible for an OSPF + router to support BFD operation in both strict-mode and normal mode + across different interfaces or even different neighbors on the same + multi-access interface. Once the OSPF state machine has moved beyond the Init state, any - change in the B-bit advertised in subsequent Hello messages MUST NOT + change in the B-bit advertised in subsequent Hello packets MUST NOT result in any trigger in either the OSPF adjacency or the BFD session - management (i.e., the B-bit is considered only when in the Init - state). Disabling BFD (or BFD strict-mode) on an OSPF router would - result in it not setting the B-bit in its subsequent Hello LLS - options. Disabling BFD strict-mode has no effect on the BFD - operations and would not result in bringing down of any established - BFD session. Disabling BFD would result in the BFD session brought - down due to Admin reason and hence would not bring down the OSPF + management (i.e., the B-bit is considered only when in Init state). + Disabling BFD (or strict-mode for BFD) on an OSPF router would result + in it not setting the B-bit in its subsequent Hello LLS options. + Disabling strict-mode for BFD has no effect on the BFD operations and + would not result in bringing down of any established BFD session. + Disabling BFD would result in the BFD session being brought down due + to Admin reason [RFC5882] and hence would not bring down the OSPF adjacency. When BFD is enabled on an interface over which we already have an existing OSPF adjacency, it would result in the router setting the - B-bit in its subsequent Hello messages. If the adjacency is already + B-bit in its subsequent Hello packets. If the adjacency is already up (i.e., in its terminal state of Full or 2-way with non-DR routers - on a LAN) with a neighbor that also supports BFD strict-mode, then an - implemantion SHOULD NOT bring this adjacency down but instead use the - BFD strict-mode of operation after the next transition into Init - state. However, if the adjacency is not up, then an implementation - MAY bring such an adjacency down so it can use the BFD strict-mode - for its bring up. + on a multi-access interface) with a neighbor that also supports + strict-mode for BFD, then an implementation SHOULD NOT bring this + adjacency down but instead use the strict-mode for BFD operation + after the next transition into Init state. However, if the adjacency + is not up, then an implementation MAY bring such an adjacency down so + it can use the strict-mode for BFD for its adjacency establishment. 4.1. OSPFv3 IPv4 Address-Family Specifics Multiple AF support in OSPFv3 [RFC5838] requires the use of an IPv6 - link-local address as the source address for hello packets even when + link-local address as the source address for Hello packets even when forming adjacencies for IPv4 AF instances. In most deployments of OSPFv3 IPv4 AF, it is required that BFD is used to monitor and verify the IPv4 data plane connectivity between the routers on the link and, hence, the BFD session is setup using IPv4 neighbor addresses. The - IPv4 neighbor address on the interface is learnt only later in the + IPv4 neighbor address on the interface is learned only later in the adjacency formation process when the neighbor's Link-LSA is received. This results in the setup of the BFD session either after the adjacency is established or later in the adjacency formation sequence. - To enable BFD operation in strict-mode, it is necessary for an OSPF - router to learned it's neighbor's IPv4 link address during the Init + To enable operation in strict-mode for BFD, it is necessary for an + OSPF router to learn its neighbor's IPv4 link address during the Init state of adjacency formation (ideally when it receives the first hello). The use of the Local Interface IPv4 Address TLV (as defined - in Section 3) in the LLS block of the OSPFv3 Hello messages for IPv4 + in Section 3) in the LLS block of the OSPFv3 Hello packets for IPv4 AF instances makes this possible. Implementations that support - strict-mode of BFD operation for OSPFv3 IPv4 AF instances MUST + strict-mode for BFD operation for OSPFv3 IPv4 AF instances MUST include the Local Interface IPv4 Address TLV in the LLS block of - their hello messages whenever the B-bit is also set in the LLS - Options and Flags field. A receiver MUST ignore the B-bit (i.e., not - operate in BFD strict mode) when the Local Interface IPv4 Address TLV - is not present in OSPFv3 Hello message for IPv4 AF OSPFv3 instances. + their Hello packets whenever the B-bit is also set in the LLS Options + and Flags field. A receiver MUST ignore the B-bit (i.e., not operate + in BFD strict mode) when the Local Interface IPv4 Address TLV is not + present in OSPFv3 Hello message for IPv4 AF OSPFv3 instances. 4.2. Graceful Restart Considerations An implementation needs to handle scenarios where both graceful - restart (GR) and the strict-mode of BFD operation are deployed + restart (GR) and the strict-mode for BFD operation are deployed together. The GR aspects discussed in [RFC5882] also apply with - strict-mode of BFD operation. Additionally, in strict-mode of BFD + strict-mode for BFD operation. Additionally, in strict-mode for BFD operation, since the OSPF adjacency formation is delayed until the BFD session establishment, the resultant delay in adjacency formation may affect or break the GR-based recovery. In such cases, it is RECOMMENDED that the GR timers are set such that they provide sufficient time to allow for normal BFD session establishment delays. 5. Operations & Management Considerations An implementation SHOULD report the BFD session status along with the - OSPF Init adjacency state when operating in BFD strict-mode and + OSPF Init adjacency state when operating in strict-mode for BFD and perform logging operations on state transitions to include the BFD events. This allows an operator to detect scenarios where an OSPF adjacency may be stuck waiting for BFD session establishment. In network deployments with noisy links or those with packet loss, BFD sessions may flap frequently. In such scenarios, OSPF strict- mode for BFD may be deployed in conjunction with a BFD dampening or - hold-down mechanism to help avoid frequent adjacency flaps that cause + hold-down mechanism to avoid frequent adjacency flaps that cause routing churn. 6. Backward Compatibility An implementation MUST support OSPF adjacency formation and - operations with a neighbor router that does not advertise the BFD - strict-mode capability - both when that neighbor router does not + operations with a neighbor router that does not advertise the strict- + mode for BFD capability - both when that neighbor router does not support BFD and when it does support BFD but not in the strict-mode of operation as described in this document. Implementations MAY - provide an option to specifically enable BFD operations only in the + provide an option to specifically enable BFD operation only in the strict-mode. In this case, an OSPF adjacency with a neighbor that - does not support BFD strict-mode would not be established - successfully. Implementations MAY provide an option to disable BFD - strict-mode which results in the router not advertising the B-bit and - BFD operations being performed in the same way as prior to this - specification. + does not support strict-mode for BFD would not be established + successfully. Implementations MAY provide an option to disable + strict-mode for BFD which results in the router not advertising the + B-bit and BFD operation being performed in the same way as prior to + this specification. The signaling specified in this document happens at a link-local level between routers on that link. A router that does not support - this specification would ignore the B-bit in the LLS block of hello - messages from its neighbors and continue to establish BFD sessions, - if enabled, without delaying the OSPF adjacency formation. Since the + this specification would ignore the B-bit in the LLS block of Hello + packets from its neighbors and continue to establish BFD sessions, if + enabled, without delaying the OSPF adjacency formation. Since the router that does not support this specification would not have set - the B-bit in the LLS block of its own hello messages, its neighbor - routers that support this specification would not use BFD strict-mode - with such OSPF routers. As a result, the behavior would be the same - as before this specification. Therefore, there are no backward + the B-bit in the LLS block of its own Hello packets, its neighbor + routers that support this specification would not use strict-mode for + BFD with such OSPF routers. As a result, the behavior would be the + same as before this specification. Therefore, there are no backward compatibility issues or implementations considerations beyond what is specified herein. 7. IANA Considerations This specification updates Link Local Signaling TLV Identifiers registry. Following values have been assigned via early allocation: