LSR Working Group                                                A. Wang
Internet-Draft                                             China Telecom
Intended status: Standards Track                               A. Lindem
Expires: February 28, March 15, 2020                                    Cisco Systems
                                                                 J. Dong
                                                     Huawei Technologies
                                                               P. Psenak
                                                           K. Talaulikar
                                                           Cisco Systems
                                                         August 27,
                                                      September 12, 2019

                    OSPF Extension for Prefix Originator
                draft-ietf-lsr-ospf-prefix-originator-03 Extension


   This document describes defines Open Shortest Path First (OSPF) v2 and OSPFv3 encodings to
   advertise the router-id of the originator of inter-area prefixes for
   OSPFv2 and OSPFv3 Link-State Advertisement (LSA), which
   are Advertisements (LSAs).  The source
   originator is needed in several use cases in multi-area OSPF use cases.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on February 28, March 15, 2020.

Copyright Notice

   Copyright (c) 2019 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   ( in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
   2.  Conventions used in this document . . . . . . . . . . . . . .   3
   3.  Terminology . . . . . . . . . . . . . . . . . . . . . . . . .   3
   4.  Conventions used in this document . . . . . . . .  Inter-Area Prefix Source Advertisement Use Cases  . . . . . .   4
   5.  Scenario Description  . . . . . . . . . . . . . . . . . . . .   4
   6.  Prefix Source Router-ID sub-TLV . . . . . . . . . . . . . . .   5
   7.  Extended LSA
   6.  Elements of Procedure . . . . . . . . . . . . . . . . . . . .   6
   7.  Security Considerations . . . . . . . . . . . . . . . . . . .   6
   8.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   7
   9.  Acknowledgement . . . . . . . . . . . . . . . . . . . . . . .   7
   10. References  . . . . . . . . . . . . . . . . . . . . . . . . .   7
     10.1.  Normative References . . . . . . . . . . . . . . . . . .   7
     10.2.  Informative References . . . . . . . . . . . . . . . . .   8   9
   Appendix A.  Inter-Area Topology Retrieval Process  . . . . . . .   9
   Appendix B.  Special Considerations on Inter-Area Topology
                Retrieval  . . . . . . . . . . . . . . . . . . . . .   9  10
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  10

1.  Introduction

   [I-D.ietf-ospf-mpls-elc] defines mechanisms to advertise Entropy
   Readable Label Depth (ERLD) for ingress Label Switching Router Routers (LSR)
   to discover
   each other LSR's capability of performing Entropy Label (EL) -based load-
   balancing based
   load-balancing in Multi Protocol Label Switch (MPLS) MPLS networks.  The ingress LSR can use this
   information to push construct the appropriate label stack for specific traffic,
   traffic requirements, especially in segment routing
   environments routed networks and other
   deployments requiring stacked LSPs scenarios. LSPs.

   However, in inter-area scenarios, the Area Border Router (ABR) does
   not advertise the originating OSPF router-id for inter-area prefixes.
   An OSPF router in one area doesn't know where the origin area of inter-area
   prefixes really
   came from and can't determine the router that originated inter-area these
   prefixes and then can't judge or the ERLD capabilities of the destination.  It  Therefore, it
   is necessary to transfer advertise the originator information of these inter-area prefixes
   to ensure the ingress LSR constructs can construct the
   right appropriate label stack.

   More generally, [RFC8476] defines a mechanism to advertise multiple
   types of supported Maximum SID Depths (MSD) at node and/or link
   granularity.  This information will be referred when the head-end
   router starts to send traffic to destination prefixes.  In inter-area
   scenario, it is also necessary for the sender to learn the
   capabilities of the receivers associated with the inter-area

   There is also another scenario where knowing the originator of inter-
   area inter-area
   prefixes is useful.  For example, Border Gateway Protocol Link-
   State Link-State
   (BGP-LS) [RFC7752] describes mechanisms using the BGP protocol to
   advertise Link-State information.  This information can enable an a
   Software Definition Network (SDN) controller to collect automatically
   determine the underlay network
   topology automatically.

   But topology.

   However, if the underlay network is divided partitioned into multiple areas
   and running the OSPF protocol, it is not easy for the SDN controller
   to rebuild the multi-area topology, because normally an topology since ABR that connects multiple
   areas will normally hide the detailed topology information for these non-backbone
   areas.  If only the internal routers within backbone area run the
   BGP-LS protocol, they just learn and report the summary network
   information from the non-backbone areas.  If the SDN controller can
   learn the originator of the inter-area prefixes, it is possible to
   rebuild the inter-area topology automatically. topology.

   [RFC7794] introduces the Intermediate System to Intermediate System
   (IS-IS) "IPv4/IPv6 Source Router IDs" Type-Length-Value (TLV) to
   advertise the source of the prefixes redistributed leaked from a different IS-IS level.
   This TLV can be used in the above scenarios.  Such solution can also
   be applied in networks that run the OSPF protocol, but the related existing OSPF
   LSAs TLV TLVs must be extended. extended to include the router originating the

   This draft provides such solution for the OSPFv2 and OSPFv3

2.  Conventions used in this document

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "OPTIONAL" in this document are to be interpreted as described in BCP
   14 [RFC2119] . [RFC8174] when, and only when, they appear in all
   capitals, as shown here.

3.  Terminology

   The following terms are used in this document:

   o  ABR: Area Border Router

   o  ERLD: Entropy Readable Label Depth

   o  EL: Entropy Label
   o  IS-IS: Intermediate System to Intermediate System

   o  LSA: Link-State Advertisement

   o  MSD: Maximum SID Depths

   o  NLRI: Network Layer Reachability Information

   o  OSPF: Open Shortest Path First

   o  SID: Segment IDentifier

   o  SDN: Software Definition Network

4.  Conventions used in this document

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   document are to be interpreted as described in [RFC2119] .

5.  Scenario Description  Inter-Area Prefix Source Advertisement Use Cases

   Figure 1 illustrates the a topology scenario when where OSPF is running in
   multi-area. multiple
   areas.  R0-R4 are routers in the backbone area, S1-S4,T1-T4 S1-S4 are internal
   routers in area 1 1, and T1-T4 are internal routers in area 2 respectively. 2.  R1 and
   R3 are
   area border routers ABRs between area 0 and area 1.  R2 and R4 are area
   border routers ABRs between
   area 0 and area 2.  N1 is the network between router S1 and S2 and N2
   is the network between router T1 and T2.  Ls1 is the loopback address
   of Node S1 and Lt1 is the loopback address of Node T1.

                            |IP SDN Controller|
                                     | BGP-LS
        | +--+        +--+   ++-+   ++-+    +-++   + -+        +--+|
        | |S1+--------+S2+---+R1+---|R0+----+R2+---+T1+--------+T2||
        | +-++   N1   +-++   ++-+   +--+    +-++   ++++   N2   +-++|
        |   |           |     |               |     ||           | |
        |   |           |     |               |     ||           | |
        | +-++        +-++   ++-+           +-++   ++++        +-++|
        | |S4+--------+S3+---+R3+-----------+R4+---+T3+--------+T4||
        | +--+        +--+   ++-+           +-++   ++-+        +--+|
        |                     |               |                    |
        |                     |               |                    |
        |         Area 1      |     Area 0    |      Area 2        |

              Figure 1: OSPF Inter-Area Prefix Originator Scenario

   If S1 wants to send traffic to prefix Lt1 that is connected to T1 in
   another area, it should know the ERLD, ERLD and MSD values that are associated with
   the node T1, and then construct the right label stack at the ingress
   node for the target traffic. traffic destined to prefix Lt1.

   In another scenario, If R0 has some method to learn the originator of
   network N1 and reports such information to IP SDN controller, then it
   is possible for the controller to retrieval reconstruct the topology in non-
   backbone area. the
   non-backbone areas.  The topology retrieval reconstruction process and its usage
   limitations are described in the Appendix A and Appendix B . B.

   From the above scenarios, we can conclude it is useful to introduce
   and define the
   OSPF prefix originator sub TLV within OSPF.

6. .

5.  Prefix Source Router-ID sub-TLV

   [RFC7684] and [RFC8362] respectively define the TLV extensions TLV-based LSAs for OSPFv2
   OSPFv3 respectively. OSPFv3.  These documents facilitate addition of new attributes
   for prefixes.  Based on these formats, we can define new prefixes and provide the basis for a sub-TLV to advertise the
   "Prefix Source Router ID", as that defined ID".  For OSPFv2, this sub-TLV is a sub-TLV of
   OSPFv2 Extended Prefix TLV which SHOULD be included in [RFC7794]. the "OSPFv2
   Extended Prefix Opaque LSA" [RFC7684] for inter-area prefixes.  For
   OSPFv3, this sub-TLV is a sub-TLV of "Inter-Area-Prefix TLV", which
   SHOULD be included in the "E-Inter-Area-Prefix-LSA" [RFC8362].

   The "Prefix Source Router-ID" sub-TLV has the following format:

     0                   1                   2                   3
     0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
    |               Type            |              Length           |
    |                Prefix Source Router-ID                        |
           Figure 2: Prefix Source Router-ID sub-TLV Format

   o  Source Router-ID Sub-TLV Type: TBD1[RFC7684] TBD1 [RFC7684] or TBD2 [RFC8362]

   o  Length: 4

   o  Value: Router-ID of OSPFv2/OSPFv3 source router

   For OSPFv2, this sub-TLV that is a sub-TLV the source of OSPFv2 Extended Prefix TLV,
   which SHOULD be included in the "OSPFv2 Extended Prefix Opaque LSA" .

   For OSPFv3, this sub-TLV is a

   This sub-TLV of "Inter-Area-Prefix TLV",
   which SHOULD be included in provides the "E-Inter-Area-Prefix-LSA".

7.  Extended LSA same functionality as the IS-IS "IPv4/IPv6
   Source Router" TLV defined in [RFC7794].

6.  Elements of Procedure

   When an ABR, for example R2 in Figure 1, receives the a Router-LSA
   advertisement in area 2, it should SHOULD originate the corresponding
   "OSPFv2 Extended Prefix Opaque LSA" for OSPFv2 or "E-Inter-Area-Prefix-LSA" "E-Inter-Area-
   Prefix-LSA" for OSPFv3 that includes the Source Router-ID sub-TLV for
   the network
   prefixes, e.g., for prefix Lt1, N2. etc., which identifies prefixes.  For example, to identify the source router that advertised the prefix.
   prefix Lt1 and other inter-area prefixes in Figure 1.

   When S1 a router in another area area, e.g., S1, receives such LSA, it then
   can learn ascertain that prefix Lt1 is associated with node T1, check T1 and obtain
   the ERLD, ERLD or MSD value
   according to its necessity, from T1's Router-Information LSA [RFC7770] and
   construct the right label stack at the ingress node S1 for the traffic
   destined to prefix Lt1.

   When R0 a router in another area, e.g., R0, receives such LSA, it learns
   the Prefix Source Router-id and includes it in the prefix information
   advertised to an SDN controller as described in[I-D.ietf-idr-bgp-ls-segment-routing-ext]. in
   [I-D.ietf-idr-bgp-ls-segment-routing-ext].  The SDN controller can
   then use such information to build the inter-area topology according
   to the process described in the Appendix A.  The topology retrieval
   process may not suitable for some environments as stated in
   Appendix B.


7.  Security Considerations

   Security concerns

   Since this document extends the "OSPFv2 Extended Prefix LSA" and
   "OSPFv3 E-Inter-Area-Prefix LSA", the security considerations for OSPF
   [RFC7684] and [RFC8362] are addressed in [RFC5709]
   Advertisement applicable.

   Modification of the additional information "Prefix Source Sub-TLV" could be used for a
   Denial-of-Service attack and could inhibit the use cases described in
   Section 4.  If the OSPF domain is vulnerable to such attacks, OSPF
   authentication should be used as defined for OSPFv2 in this document
   introduces [RFC5709] and
   [RFC7474] and for OSPFv3 in [RFC7166].

   Additionally, advertisement of the prefix source for inter-area
   prefixes facilitates reconstruction of the OSPF topology for other
   areas.  Network operators may consider their topologies to be
   sensitive confidential data.  For OSPFv3, IPsec can be used to
   provide confidentiality [RFC4552].  Since there is no new security concerns

9. standard
   defined for native OSPFv2 IPsec, some form of secure tunnel is
   required to provide confidentiality.

8.  IANA Considerations

   This specification defines one the Prefix Source Router-ID sub-TLV as
   described in Section 6. 5.  This value should be added to the both
   existing "OSPFv2 Extended Prefix TLV Sub-TLVs" registry and "OSPFv3 Extended-
   LSA Sub-TLVs registry" respectively. Sub-TLVs" registries.

   The following new sub-TLV is added to the registry of "OSPFv2 Extended Prefix TLV Sub-TLVs".
   Sub-TLVs" registry.  The allocation policy is IETF Review
   that as defined
   in [RFC7684]


   |    Code Point  |   Description         |           Status       |
   |       TBD      | Prefix Source Sub-TLV |   Allocation from IANA |
   Figure 3:  CodePoint  Code Point in "OSPFv2 Extended Prefix TLV Sub-TLVs"

   The following new sub-TLV is added to the registry of "OSPFv3 Extended-LSA Sub-TLVs". Sub-TLVs"
   registry.  The allocation policy is IETF Review that as defined in


   |    Code Point  |   Description         |           Status       |
   |       TBD      | Prefix Source Sub-TLV |   Allocation from IANA |
   Figure 4:  CodePoint  Code Point in "OSPFv3 Extended-LSA Sub-TLVs"


9.  Acknowledgement

   Many thanks to Les Ginsberg for his valuable suggestions on this draft.  And also  Also
   thanks to Jeff Tantsura,Rob Tantsura, Rob Shakir, Gunter Van De Velde
   Gunter, Velde, Goethals
   Dirk, Shaofu Peng, and John E Drake for their valuable
   comments on this draft.


10.  References


10.1.  Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119,
              DOI 10.17487/RFC2119, March 1997,

   [RFC4552]  Gupta, M. and N. Melam, "Authentication/Confidentiality
              for OSPFv3", RFC 4552, DOI 10.17487/RFC4552, June 2006,

   [RFC5709]  Bhatia, M., Manral, V., Fanto, M., White, R., Barnes, M.,
              Li, T., and R. Atkinson, "OSPFv2 HMAC-SHA Cryptographic
              Authentication", RFC 5709, DOI 10.17487/RFC5709, October
              2009, <>.

   [RFC7166]  Bhatia, M., Manral, V., and A. Lindem, "Supporting
              Authentication Trailer for OSPFv3", RFC 7166,
              DOI 10.17487/RFC7166, March 2014,

   [RFC7474]  Bhatia, M., Hartman, S., Zhang, D., and A. Lindem, Ed.,
              "Security Extension for OSPFv2 When Using Manual Key
              Management", RFC 7474, DOI 10.17487/RFC7474, April 2015,

   [RFC7684]  Psenak, P., Gredler, H., Shakir, R., Henderickx, W.,
              Tantsura, J., and A. Lindem, "OSPFv2 Prefix/Link Attribute
              Advertisement", RFC 7684, DOI 10.17487/RFC7684, November
              2015, <>.

   [RFC7752]  Gredler, H., Ed., Medved, J., Previdi, S., Farrel,

   [RFC7770]  Lindem, A., Ed., Shen, N., Vasseur, JP., Aggarwal, R., and
              S. Ray, "North-Bound Distribution of Link-State and
              Traffic Engineering (TE) Information Using BGP", Shaffer, "Extensions to OSPF for Advertising Optional
              Router Capabilities", RFC 7752, 7770, DOI 10.17487/RFC7752, March 10.17487/RFC7770,
              February 2016,
              <>. <>.

   [RFC7794]  Ginsberg, L., Ed., Decraene, B., Previdi, S., Xu, X., and
              U. Chunduri, "IS-IS Prefix Attributes for Extended IPv4
              and IPv6 Reachability", RFC 7794, DOI 10.17487/RFC7794,
              March 2016, <>.

   [RFC8174]  Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
              2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
              May 2017, <>.

   [RFC8362]  Lindem, A., Roy, A., Goethals, D., Reddy Vallem, V., and
              F. Baker, "OSPFv3 Link State Advertisement (LSA)
              Extensibility", RFC 8362, DOI 10.17487/RFC8362, April
              2018, <>.

   [RFC8476]  Tantsura, J., Chunduri, U., Aldrin, S., and P. Psenak,
              "Signaling Maximum SID Depth (MSD) Using OSPF", RFC 8476,
              DOI 10.17487/RFC8476, December 2018,


10.2.  Informative References

              Previdi, S., Talaulikar, K., Filsfils, C., Gredler, H.,
              and M. Chen, "BGP Link-State extensions for Segment
              Routing", draft-ietf-idr-bgp-ls-segment-routing-ext-16
              (work in progress), June 2019.

              Xu, X., Kini, S., Psenak, P., Filsfils, C., and S.
              Litkowski, "Signaling Entropy Label Capability and Entropy
              Readable Label-stack Depth Using OSPF", draft-ietf-ospf-
              mpls-elc-09 (work in progress), May September 2019.

   [RFC7752]  Gredler, H., Ed., Medved, J., Previdi, S., Farrel, A., and
              S. Ray, "North-Bound Distribution of Link-State and
              Traffic Engineering (TE) Information Using BGP", RFC 7752,
              DOI 10.17487/RFC7752, March 2016,

Appendix A.  Inter-Area Topology Retrieval Process

   When an IP SDN Controller receives this BGP-LS [RFC7752] information, it
   should compare the prefix Network Layer Reachability Information
   (NLRI) that is included in the BGP-LS packet. NLRI.  When it encounters the
   same prefix but with different source router ID, it should extract
   the corresponding area-ID, rebuild the link between these two different source
   routers in the non-backbone area.  Belows  Below is one example that based on
   the Figure 1:

   Assuming we want to rebuild the connection between router S1 and
   router S2 that locates located in area 1:

   a.  Normally, router S1 will advertise prefix N1 within its router-

   b.  When this router-LSA reaches the ABR router R1, it will convert
       it into summary-LSA, add the Prefix Source Router-ID sub-TLV,
       which is router id of S1 in this example.

   c.  R1 then floods this extension summary-LSA to R0, which is running using
       the BGP-LS protocol with IP SDN Controller.  The controller then
       knows the prefixes of prefix for N1 is from S1.

   d.  Router S2 will do the perform a similar process, and the controller will
       also learn that prefixes prefix N1 is also from S2.

   e.  Then it can reconstruct the link between S1 and S2, using the
       prefix N1.  The topology within Area 1 can then be reconstructed

   Iterating the above process continuously, the IP SDN controller can
   retrieve a detailed topology that spans multiple areas.

Appendix B.  Special Considerations on Inter-Area Topology Retrieval

   The above topology retrieval process can be applied in the case where
   each point-to-point or multi-access link between connecting routers is
   assigned a unique prefix.  However, there are some situations where
   this heuristic cannot be applied.  Specifically, the cases where the
   link is unnumbered or the prefix corresponding to the link is an
   anycast prefix.

   The Appendix A heuristic to rebuild the topology can normally be used
   if all links are numbered.  For anycast prefixes, if it corresponds
   to the loopback interface and has a host prefix length, i.e., 32 for
   IPv4 prefixes and 128 for IPv6 prefixes, Appendix A can also apply. applied
   since these anycast prefixes are not required to reconstruct the

Authors' Addresses

   Aijun Wang
   China Telecom
   Beiqijia Town, Changping District
   Beijing  102209


   Acee Lindem
   Cisco Systems
   301 Midenhall Way
   Cary, NC  27513

   Jie Dong
   Huawei Technologies


   Peter Psenak
   Cisco Systems
   Pribinova Street 10
   Bratislava, Eurovea Centre, Central 3  81109


   Ketan Talaulikar
   Cisco Systems
   S.No. 154/6, Phase I, Hinjawadi
   Pune  411 057