draft-ietf-bfd-seamless-ip-02.txt   draft-ietf-bfd-seamless-ip-03.txt 
Internet Engineering Task Force N. Akiya Internet Engineering Task Force N. Akiya
Internet-Draft Big Switch Networks Internet-Draft Big Switch Networks
Intended status: Standards Track C. Pignataro Intended status: Standards Track C. Pignataro
Expires: December 21, 2015 D. Ward Expires: August 25, 2016 D. Ward
Cisco Systems Cisco Systems
June 19, 2015 February 22, 2016
Seamless Bidirectional Forwarding Detection (S-BFD) for Seamless Bidirectional Forwarding Detection (S-BFD) for
IPv4, IPv6 and MPLS IPv4, IPv6 and MPLS
draft-ietf-bfd-seamless-ip-02 draft-ietf-bfd-seamless-ip-03
Abstract Abstract
This document defines procedures to use Seamless Bidirectional This document defines procedures to use Seamless Bidirectional
Forwarding Detection (S-BFD) for IPv4, IPv6 and MPLS environments. Forwarding Detection (S-BFD) for IPv4, IPv6 and MPLS environments.
Requirements Language Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
skipping to change at page 1, line 40 skipping to change at page 1, line 40
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on December 21, 2015. This Internet-Draft will expire on August 25, 2016.
Copyright Notice Copyright Notice
Copyright (c) 2015 IETF Trust and the persons identified as the Copyright (c) 2016 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. S-BFD UDP Port . . . . . . . . . . . . . . . . . . . . . . . 2 2. S-BFD UDP Port . . . . . . . . . . . . . . . . . . . . . . . 2
3. S-BFD Echo UDP Port . . . . . . . . . . . . . . . . . . . . . 3 3. S-BFD Echo UDP Port . . . . . . . . . . . . . . . . . . . . . 3
4. S-BFD Control Packet Demultiplexing . . . . . . . . . . . . . 3 4. S-BFD Control Packet Demultiplexing . . . . . . . . . . . . . 3
5. Initiator Procedures . . . . . . . . . . . . . . . . . . . . 3 5. Initiator Procedures . . . . . . . . . . . . . . . . . . . . 3
5.1. Details of S-BFD Control Packet Sent by SBFDInitiator . . 3 5.1. Details of S-BFD Control Packet Sent by SBFDInitiator . . 4
5.2. Target vs. Remote Entity (S-BFD Discriminator) . . . . . 4 5.1.1. Target vs. Remote Entity (S-BFD Discriminator) . . . 4
6. Responder Procedures . . . . . . . . . . . . . . . . . . . . 5 6. Responder Procedures . . . . . . . . . . . . . . . . . . . . 5
6.1. Details of S-BFD Control Packet Sent by SBFDReflector . . 5 6.1. Details of S-BFD Control Packet Sent by SBFDReflector . . 5
7. Security Considerations . . . . . . . . . . . . . . . . . . . 5 7. Security Considerations . . . . . . . . . . . . . . . . . . . 5
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6
9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 6 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 6
10. Contributing Authors . . . . . . . . . . . . . . . . . . . . 6 10. Contributing Authors . . . . . . . . . . . . . . . . . . . . 6
11. References . . . . . . . . . . . . . . . . . . . . . . . . . 6 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 7
11.1. Normative References . . . . . . . . . . . . . . . . . . 6 11.1. Normative References . . . . . . . . . . . . . . . . . . 7
11.2. Informative References . . . . . . . . . . . . . . . . . 7 11.2. Informative References . . . . . . . . . . . . . . . . . 7
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 7 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 8
1. Introduction 1. Introduction
Seamless Bidirectional Forwarding Detection (S-BFD), Seamless Bidirectional Forwarding Detection (S-BFD),
[I-D.ietf-bfd-seamless-base], defines a generalized mechanism to [I-D.ietf-bfd-seamless-base], defines a generalized mechanism to
allow network nodes to seamlessly perform continuity checks to remote allow network nodes to seamlessly perform continuity checks to remote
entities. This document defines necessary procedures to use S-BFD on entities. This document defines necessary procedures to use S-BFD on
IPv4, IPv6 and MPLS environments. IPv4, IPv6 and MPLS environments.
The reader is expected to be familiar with the IP, MPLS BFD and S-BFD The reader is expected to be familiar with the IP [RFC0791]
terminologies and protocol constructs. [RFC2460], BFD [RFC5880], MPLS BFD [RFC5884], and S-BFD
[I-D.ietf-bfd-seamless-base] terminologies and protocol constructs.
2. S-BFD UDP Port 2. S-BFD UDP Port
A new UDP port is defined for the use of the S-BFD on IPv4, IPv6 and A new UDP port is defined for the use of the S-BFD on IPv4, IPv6 and
MPLS environments: 7784. SBFDReflector session MUST listen for MPLS environments: 7784. SBFDReflector session MUST listen for
incoming S-BFD control packets on the port 7784. SBFDInitiator incoming S-BFD control packets on the port 7784. SBFDInitiator
sessions MUST transmit S-BFD control packets with destination port sessions MUST transmit S-BFD control packets with destination port
7784. The source port of the S-BFD control packets transmitted by 7784. The source port of the S-BFD control packets transmitted by
SBFDInitiator sessions can be of any but MUST NOT be 7784. The same SBFDInitiator sessions can be any but MUST NOT be 7784. The same UDP
UDP source port number MUST be used for all S-BFD control packets source port number MUST be used for all S-BFD control packets
associated with a particular SBFDInitiator session. The source port associated with a particular SBFDInitiator session. The source port
number MAY be unique among all SBFDInitiator sessions on the system. number is unique among all SBFDInitiator sessions on the system.
3. S-BFD Echo UDP Port 3. S-BFD Echo UDP Port
The BFD Echo port defined by [RFC5881], port 3785, is used for the The BFD Echo port defined by [RFC5881], port 3785, is used for the
S-BFD Echo function on IPv4, IPv6 and MPLS environments. S-BFD Echo function on IPv4, IPv6 and MPLS environments.
SBFDInitiator sessions MUST transmit S-BFD echo packets with SBFDInitiator sessions MUST transmit S-BFD echo packets with
destination port 3785. This document defines only the UDP port value destination port 3785. This document defines only the UDP port value
for the S-BFD Echo function. The source port and the procedures for for the S-BFD Echo function. The source port and the procedures for
the S-BFD Echo function are outside the scope of this document. the S-BFD Echo function are outside the scope of this document.
4. S-BFD Control Packet Demultiplexing 4. S-BFD Control Packet Demultiplexing
Received BFD control packet MUST be demultiplexed with the The S-BFD Control Packet demultiplexing follows the procedure
destination UDP port field. If the port is 7784, then the packet specified in Section 7.1. of [I-D.ietf-bfd-seamless-base]. Received
MUST be looked up to locate a corresponding SBFDReflector session S-BFD control packet MUST be demultiplexed with the destination UDP
based on the value from the "your discriminator" field in the table port field.
describing S-BFD discriminators. If the port is not 7784, then the
packet MUST be looked up to locate a corresponding SBFDInitiator This procedure for an S-BFD packet is executed on both the initiator
session or classical BFD session based on the value from the "your and the reflector. If the port is 7784 (i.e., S-BFD packet for
discriminator" field in the table describing BFD discriminators. If S-BFDReflector)), then the packet MUST be looked up to locate a
the located session is an SBFDInitiator, then the destination IP corresponding SBFDReflector session based on the value from the "your
address of the packet SHOULD be validated to be for self. discriminator" field in the table describing S-BFD discriminators.
If the port is not 7784, then the packet MUST be looked up to locate
a corresponding SBFDInitiator session or classical BFD session based
on the value from the "your discriminator" field in the table
describing BFD discriminators. If the located session is an
SBFDInitiator, then the destination IP address of the packet SHOULD
be validated to be for self. If the packet is a classical BFD
session, then the procedures from [RFC5880] apply.
5. Initiator Procedures 5. Initiator Procedures
S-BFD control packets are transmitted with IP header, UDP header and S-BFD control packets are transmitted with IP header, UDP header and
BFD control header ([RFC5880]). When S-BFD control packets are BFD control header ([RFC5880]). When S-BFD control packets are
explicitly label switched (i.e. not IP routed which happen to go over explicitly label switched (i.e. not IP routed which happen to go over
an LSP, but explicitly sent on a specific LSP), the former is an LSP, but explicitly sent on a specific LSP), the former is
prepended with a label stack. Note that this document does not make prepended with a label stack. Note that this document does not make
a distinction between a single-hop S-BFD scenario and a multi-hop a distinction between a single-hop S-BFD scenario and a multi-hop
S-BFD scenario, both scenarios are supported. S-BFD scenario, both scenarios are supported.
skipping to change at page 4, line 4 skipping to change at page 4, line 12
in the MPLS header, IP header and UDP header when an SBFDInitiator on in the MPLS header, IP header and UDP header when an SBFDInitiator on
the initiator is sending S-BFD control packets. the initiator is sending S-BFD control packets.
5.1. Details of S-BFD Control Packet Sent by SBFDInitiator 5.1. Details of S-BFD Control Packet Sent by SBFDInitiator
o Specifications common to both IP routed S-BFD control packets and o Specifications common to both IP routed S-BFD control packets and
explicitly label switched S-BFD control packets: explicitly label switched S-BFD control packets:
* Source IP address field of the IP header MUST be set to a local * Source IP address field of the IP header MUST be set to a local
IP address that is expected to be routable by the target (i.e. IP address that is expected to be routable by the target (i.e.
not IPv6 link-local address when the target is multiple hops not IPv6 link-local address when the target is multiple hops
away). away).
* UDP destination port MUST be set to a well-known UDP * UDP destination port MUST be set to a well-known UDP
destination port assigned for S-BFD: 7784. destination port assigned for S-BFD: 7784.
* UDP source port MUST be set to a value that is not 7784. * UDP source port MUST NOT be set to 7784.
o Specifications for IP routed S-BFD control packets: o Specifications for IP routed S-BFD control packets:
* Destination IP address field of the IP header MUST set to an IP * Destination IP address field of the IP header MUST set to an IP
address of the target. address of the target.
* TTL field of the IP header SHOULD be set to 255. * TTL field of the IP header SHOULD be set to 255.
o Specifications for explicitly label switched S-BFD control o Specifications for explicitly label switched S-BFD control
packets: packets:
* S-BFD control packets MUST have the label stack that is * S-BFD control packets MUST have the label stack that is
expected to reach the target. expected to reach the target.
* TTL field of the top most label SHOULD be 255. * TTL field of the top most label SHOULD be 255.
* The destination IP address MUST be chosen from the 127/8 range * The destination IP address MUST be chosen from the 127/8 range
for IPv4 and from the 0:0:0:0:0:FFFF:7F00/104 range for IPv6. for IPv4 and from the 0:0:0:0:0:FFFF:7F00/104 range for IPv6,
as with [RFC5884].
* TTL field of the IP header MUST be set to 1. * TTL field of the IP header MUST be set to 1.
5.2. Target vs. Remote Entity (S-BFD Discriminator) 5.1.1. Target vs. Remote Entity (S-BFD Discriminator)
Typically, an S-BFD control packet will have "your discriminator" Typically, an S-BFD control packet will have "your discriminator"
field corresponding to an S-BFD discriminator of the remote entity field corresponding to an S-BFD discriminator of the remote entity
located on the target network node defined by the destination IP located on the target network node defined by the destination IP
address or the label stack. It is, however, possible for an address or the label stack. It is, however, possible for an
SBFDInitiator to carefully set "your discriminator" and TTL fields to SBFDInitiator to carefully set "your discriminator" and TTL fields to
perform a continuity test towards a target but to a transit network perform a continuity test towards a target, but to a transit network
node. node and not to the target itself.
Section 5.1 intentionally uses the word "target", instead of "remote Section 5.1 intentionally uses the word "target", instead of "remote
entity", to accommodate this possible S-BFD usage through TTL expiry. entity", to accommodate this possible S-BFD usage through TTL expiry.
This also requires S-BFD control packets not be dropped by the This also requires S-BFD control packets not be dropped by the
responder node due to TTL expiry. Thus implementations on the responder node due to TTL expiry. Thus implementations on the
responder MUST allow received S-BFD control packets taking TTL expiry responder MUST allow received S-BFD control packets taking TTL expiry
exception path to reach corresponding reflector BFD session. exception path to reach corresponding reflector BFD session.
6. Responder Procedures 6. Responder Procedures
S-BFD control packets are IP routed back to the initiator, and will S-BFD control packets are IP routed back to the initiator, and will
have IP header, UDP header and BFD control header. If an have IP header, UDP header and BFD control header. If an
SBFDReflector receives an S-BFD control packet with UDP source port SBFDReflector receives an S-BFD control packet with UDP source port
skipping to change at page 5, line 24 skipping to change at page 5, line 29
control packets. control packets.
6.1. Details of S-BFD Control Packet Sent by SBFDReflector 6.1. Details of S-BFD Control Packet Sent by SBFDReflector
o Destination IP address field of the IP header MUST be copied from o Destination IP address field of the IP header MUST be copied from
source IP address field of received S-BFD control packet. source IP address field of received S-BFD control packet.
o Source IP address field of the IP header MUST be set to a local IP o Source IP address field of the IP header MUST be set to a local IP
address that is expected to be visible by the initiator (i.e. not address that is expected to be visible by the initiator (i.e. not
IPv6 link-local address when the initiator is multiple hops away). IPv6 link-local address when the initiator is multiple hops away).
The source IP address SHOULD be copied from the destination IP
address field of the received S-BFD control packet, except when it
is from the 127/8 range for IPv4 or from the
0:0:0:0:0:FFFF:7F00/104 range for IPv6.
o TTL field of the IP header SHOULD be set to 255. o TTL field of the IP header MUST be set to 255.
o UDP destination port MUST be copied from received UDP source port. o UDP destination port MUST be copied from received UDP source port.
o UDP source port MUST be copied from received UDP destination port. o UDP source port MUST be copied from received UDP destination port.
7. Security Considerations 7. Security Considerations
Security considerations for S-BFD are discussed in Security considerations for S-BFD are discussed in
[I-D.ietf-bfd-seamless-base]. Additionally, implementing the [I-D.ietf-bfd-seamless-base]. Additionally, implementing the
following measures will strengthen security aspects of the mechanism following measures will strengthen security aspects of the mechanism
described by this document: described by this document:
o Implementations MUST provide filtering capability based on source o Implementations MUST provide filtering capability based on source
IP addresses of received S-BFD control packets: [RFC2827]. IP addresses of received S-BFD control packets: [RFC2827].
o Implementations MUST NOT act on received S-BFD control packets o Implementations MUST NOT act on received S-BFD control packets
containing Martian addresses as source IP addresses. containing source Martian IP addresses (i.e., address that, by
application of the current forwarding tables, would not have its
return traffic routed back to the sender.)
o Implementations MUST ensure that response S-BFD control packets o Implementations MUST ensure that response S-BFD control packets
generated to the initiator by the SBFDReflector have a reachable generated to the initiator by the SBFDReflector have a reachable
target (ex: destination IP address). target (ex: destination IP address).
8. IANA Considerations 8. IANA Considerations
A new value 7784 was allocated from the "Service Name and Transport A new value 7784 was allocated from the "Service Name and Transport
Protocol Port Number Registry". The allocated registry entry is: Protocol Port Number Registry". The allocated registry entry is:
skipping to change at page 6, line 49 skipping to change at page 7, line 12
Cisco Systems Cisco Systems
Email: naikumar@cisco.com Email: naikumar@cisco.com
11. References 11. References
11.1. Normative References 11.1. Normative References
[I-D.ietf-bfd-seamless-base] [I-D.ietf-bfd-seamless-base]
Akiya, N., Pignataro, C., Ward, D., Bhatia, M., and J. Akiya, N., Pignataro, C., Ward, D., Bhatia, M., and J.
Networks, "Seamless Bidirectional Forwarding Detection Networks, "Seamless Bidirectional Forwarding Detection
(S-BFD)", draft-ietf-bfd-seamless-base-04 (work in (S-BFD)", draft-ietf-bfd-seamless-base-07 (work in
progress), January 2015. progress), February 2016.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997. Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997,
<http://www.rfc-editor.org/info/rfc2119>.
[RFC5880] Katz, D. and D. Ward, "Bidirectional Forwarding Detection [RFC5880] Katz, D. and D. Ward, "Bidirectional Forwarding Detection
(BFD)", RFC 5880, June 2010. (BFD)", RFC 5880, DOI 10.17487/RFC5880, June 2010,
<http://www.rfc-editor.org/info/rfc5880>.
[RFC5881] Katz, D. and D. Ward, "Bidirectional Forwarding Detection [RFC5881] Katz, D. and D. Ward, "Bidirectional Forwarding Detection
(BFD) for IPv4 and IPv6 (Single Hop)", RFC 5881, June (BFD) for IPv4 and IPv6 (Single Hop)", RFC 5881,
2010. DOI 10.17487/RFC5881, June 2010,
<http://www.rfc-editor.org/info/rfc5881>.
11.2. Informative References 11.2. Informative References
[RFC0791] Postel, J., "Internet Protocol", STD 5, RFC 791,
DOI 10.17487/RFC0791, September 1981,
<http://www.rfc-editor.org/info/rfc791>.
[RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6
(IPv6) Specification", RFC 2460, DOI 10.17487/RFC2460,
December 1998, <http://www.rfc-editor.org/info/rfc2460>.
[RFC2827] Ferguson, P. and D. Senie, "Network Ingress Filtering: [RFC2827] Ferguson, P. and D. Senie, "Network Ingress Filtering:
Defeating Denial of Service Attacks which employ IP Source Defeating Denial of Service Attacks which employ IP Source
Address Spoofing", BCP 38, RFC 2827, May 2000. Address Spoofing", BCP 38, RFC 2827, DOI 10.17487/RFC2827,
May 2000, <http://www.rfc-editor.org/info/rfc2827>.
[RFC5884] Aggarwal, R., Kompella, K., Nadeau, T., and G. Swallow,
"Bidirectional Forwarding Detection (BFD) for MPLS Label
Switched Paths (LSPs)", RFC 5884, DOI 10.17487/RFC5884,
June 2010, <http://www.rfc-editor.org/info/rfc5884>.
Authors' Addresses Authors' Addresses
Nobo Akiya Nobo Akiya
Big Switch Networks Big Switch Networks
Email: nobo.akiya.dev@gmail.com Email: nobo.akiya.dev@gmail.com
Carlos Pignataro Carlos Pignataro
Cisco Systems Cisco Systems
 End of changes. 28 change blocks. 
41 lines changed or deleted 74 lines changed or added

This html diff was produced by rfcdiff 1.42. The latest version is available from http://tools.ietf.org/tools/rfcdiff/