draft-ietf-pim-explicit-rpf-vector-08.txt   draft-ietf-pim-explicit-rpf-vector-09.txt 
Network Working Group J. Asghar
Network Working Group J. Asghar
Internet-Draft IJ. Wijnands, Ed. Internet-Draft IJ. Wijnands, Ed.
Intended status: Standards Track S. Krishnaswamy Intended status: Standards Track S. Krishnaswamy
Expires: August 5, 2016 A. Karan Expires: October 28, 2016 A. Karan
Cisco Systems Cisco Systems
V. Arya V. Arya
DIRECTV Inc. DIRECTV Inc.
February 2, 2016 April 26, 2016
Explicit RPF Vector Explicit RPF Vector
draft-ietf-pim-explicit-rpf-vector-08.txt draft-ietf-pim-explicit-rpf-vector-09.txt
Abstract Abstract
The PIM Reverse Path Forwarding (RPF) Vector TLV defined in RFC 5496 The PIM Reverse Path Forwarding (RPF) Vector TLV defined in RFC 5496
can be included in a PIM Join Attribute such that the RPF neighbor is can be included in a PIM Join Attribute such that the RPF neighbor is
selected based on the unicast reachability of the RPF Vector instead selected based on the unicast reachability of the RPF Vector instead
of the Source or Randezvous Point associated with the multicast tree. of the Source or Randezvous Point associated with the multicast tree.
This document defines a new RPF Vector Attribute type such that an This document defines a new RPF Vector Attribute type such that an
explicit RPF neighbor list can be encoded in the PIM Join Attribute, explicit RPF neighbor list can be encoded in the PIM Join Attribute,
skipping to change at page 1, line 40 skipping to change at page 1, line 41
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on August 5, 2016. This Internet-Draft will expire on October 28, 2016.
Copyright Notice Copyright Notice
Copyright (c) 2016 IETF Trust and the persons identified as the Copyright (c) 2016 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 7, line 10 skipping to change at page 7, line 10
A new attribute (TBD1) type from the "PIM Join Attribute Types" A new attribute (TBD1) type from the "PIM Join Attribute Types"
registry needs to be assigned by IANA for the Explicit RPF Vector registry needs to be assigned by IANA for the Explicit RPF Vector
attribute. The proposed value 4. attribute. The proposed value 4.
12. Security Considerations 12. Security Considerations
Security of the Explicit RPF Vector Attribute is only guaranteed by Security of the Explicit RPF Vector Attribute is only guaranteed by
the security of the PIM packet, so the security considerations for the security of the PIM packet, so the security considerations for
PIM Join packets as described in PIM-SM [I-D.ietf-pim-rfc4601bis] PIM Join packets as described in PIM-SM [I-D.ietf-pim-rfc4601bis]
apply here. Inorder to minimize the risk of a malicious node apply here. A malicious downstream node can attempt a denial of
injecting an incorrect Explicit RPF vector stack, it should be used service attack by sending PIM Join packets with invalid addresses
within a single trusted management domain to minimize the risks of listed in the RPF vector stack with an intent to stop the propogation
denial of service attacks from forged PIM Join packets. If a router of the joins to the correct upstream node. Another denial of service
finds that it cannot use the vector list due to the next hop router attack would be a malicious downstream node targeting all joins to a
not being a PIM neighbor, it may log an error. Also if a router is specific node with an intent to overload the bandwidth on that node
receiving two conflicting vectors it may log an error. It is upto by making it responsible for forwarding multicast traffic for more
the mechanisms that produced the Explicit RPF vector to ensure that streams that it can handle. Inorder to minimize the risk of a denial
the the PIM tree is built correctly and to monitor any error logs. of service attacks from forged PIM join packets with explicit RPF
vector stack, it should be used within a single trusted management
domain.
If a router finds that it cannot use the vector list due to the next
hop router not being a PIM neighbor, it may log an error. Also if a
router is receiving two conflicting vectors it may log an error. It
is upto the mechanisms that produced the Explicit RPF vector to
ensure that the the PIM tree is built correctly and to monitor any
error logs.
13. Acknowledgments 13. Acknowledgments
The authors would like to thank Vatsa Kumar, Nagendra Kumar and The authors would like to thank Vatsa Kumar, Nagendra Kumar and
Bharat Joshi for the comments on the document. Bharat Joshi for the comments on the document.
14. References 14. References
14.1. Normative References 14.1. Normative References
 End of changes. 6 change blocks. 
14 lines changed or deleted 24 lines changed or added

This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/