| draft-ietf-ospf-segment-routing-msd-18.txt | draft-ietf-ospf-segment-routing-msd-19.txt | |||
|---|---|---|---|---|
| OSPF Working Group J. Tantsura | OSPF Working Group J. Tantsura | |||
| Internet-Draft Nuage Networks | Internet-Draft Nuage Networks | |||
| Intended status: Standards Track U. Chunduri | Intended status: Standards Track U. Chunduri | |||
| Expires: March 1, 2019 Huawei Technologies | Expires: March 4, 2019 Huawei Technologies | |||
| S. Aldrin | S. Aldrin | |||
| Google, Inc | Google, Inc | |||
| P. Psenak | P. Psenak | |||
| Cisco Systems | Cisco Systems | |||
| August 28, 2018 | August 31, 2018 | |||
| Signaling MSD (Maximum SID Depth) using OSPF | Signaling MSD (Maximum SID Depth) using OSPF | |||
| draft-ietf-ospf-segment-routing-msd-18 | draft-ietf-ospf-segment-routing-msd-19 | |||
| Abstract | Abstract | |||
| This document defines a way for an Open Shortest Path First (OSPF) | This document defines a way for an Open Shortest Path First (OSPF) | |||
| Router to advertise multiple types of supported Maximum SID Depths | Router to advertise multiple types of supported Maximum SID Depths | |||
| (MSDs) at node and/or link granularity. Such advertisements allow | (MSDs) at node and/or link granularity. Such advertisements allow | |||
| entities (e.g., centralized controllers) to determine whether a | entities (e.g., centralized controllers) to determine whether a | |||
| particular SID stack can be supported in a given network. This | particular SID stack can be supported in a given network. This | |||
| document defines only one type of MSD, but defines an encoding that | document defines only one type of MSD, but defines an encoding that | |||
| can support other MSD types. Here the term OSPF means both OSPFv2 | can support other MSD types. Here the term OSPF means both OSPFv2 | |||
| skipping to change at page 1, line 42 ¶ | skipping to change at page 1, line 42 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on March 1, 2019. | This Internet-Draft will expire on March 4, 2019. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2018 IETF Trust and the persons identified as the | Copyright (c) 2018 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (https://trustee.ietf.org/license-info) in effect on the date of | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 2, line 23 ¶ | skipping to change at page 2, line 23 ¶ | |||
| described in the Simplified BSD License. | described in the Simplified BSD License. | |||
| Table of Contents | Table of Contents | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 | 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 | |||
| 1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 | 1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 | |||
| 1.2. Requirements Language . . . . . . . . . . . . . . . . . . 4 | 1.2. Requirements Language . . . . . . . . . . . . . . . . . . 4 | |||
| 2. Node MSD Advertisement . . . . . . . . . . . . . . . . . . . 4 | 2. Node MSD Advertisement . . . . . . . . . . . . . . . . . . . 4 | |||
| 3. Link MSD sub-TLV . . . . . . . . . . . . . . . . . . . . . . 5 | 3. Link MSD sub-TLV . . . . . . . . . . . . . . . . . . . . . . 5 | |||
| 4. Using Node and Link MSD Advertisements . . . . . . . . . . . 6 | 4. Using Node and Link MSD Advertisements . . . . . . . . . . . 6 | |||
| 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6 | 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7 | |||
| 6. Security Considerations . . . . . . . . . . . . . . . . . . . 7 | 6. Security Considerations . . . . . . . . . . . . . . . . . . . 7 | |||
| 7. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 7 | 7. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 7 | |||
| 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 7 | 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 8 | |||
| 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 7 | 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 8 | |||
| 9.1. Normative References . . . . . . . . . . . . . . . . . . 7 | 9.1. Normative References . . . . . . . . . . . . . . . . . . 8 | |||
| 9.2. Informative References . . . . . . . . . . . . . . . . . 8 | 9.2. Informative References . . . . . . . . . . . . . . . . . 8 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 9 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 10 | |||
| 1. Introduction | 1. Introduction | |||
| When Segment Routing (SR) paths are computed by a centralized | When Segment Routing (SR) paths are computed by a centralized | |||
| controller, it is critical that the controller learns the Maximum SID | controller, it is critical that the controller learns the Maximum SID | |||
| Depth (MSD) that can be imposed at each node/link on a given SR path | Depth (MSD) that can be imposed at each node/link on a given SR path | |||
| to insure that the SID stack depth of a computed path doesn't exceed | to insure that the SID stack depth of a computed path doesn't exceed | |||
| the number of SIDs the node is capable of imposing. | the number of SIDs the node is capable of imposing. | |||
| Path Computation Element Protocol(PCEP) SR draft | Path Computation Element Protocol(PCEP) SR draft | |||
| skipping to change at page 3, line 4 ¶ | skipping to change at page 3, line 4 ¶ | |||
| supported/configured on the head-end of an SR tunnel or a Binding-SID | supported/configured on the head-end of an SR tunnel or a Binding-SID | |||
| anchor node and controller does not participate in IGP routing, it | anchor node and controller does not participate in IGP routing, it | |||
| has no way to learn the MSD of nodes and links. BGP-LS (Distribution | has no way to learn the MSD of nodes and links. BGP-LS (Distribution | |||
| of Link-State and TE Information using Border Gateway Protocol) | of Link-State and TE Information using Border Gateway Protocol) | |||
| [RFC7752] defines a way to expose topology and associated attributes | [RFC7752] defines a way to expose topology and associated attributes | |||
| and capabilities of the nodes in that topology to a centralized | and capabilities of the nodes in that topology to a centralized | |||
| controller. MSD signaling by BGP-LS has been defined in | controller. MSD signaling by BGP-LS has been defined in | |||
| [I-D.ietf-idr-bgp-ls-segment-routing-msd]. Typically, BGP-LS is | [I-D.ietf-idr-bgp-ls-segment-routing-msd]. Typically, BGP-LS is | |||
| configured on a small number of nodes that do not necessarily act as | configured on a small number of nodes that do not necessarily act as | |||
| head-ends. In order for BGP-LS to signal MSD for all the nodes and | head-ends. In order for BGP-LS to signal MSD for all the nodes and | |||
| links in the network MSD is relevant, MSD capabilities should be | links in the network where MSD is relevant, MSD capabilities should | |||
| advertised by every OSPF router in the network. | be advertised by every OSPF router in the network. | |||
| Other types of MSD are known to be useful. For example, | Other types of MSD are known to be useful. For example, | |||
| [I-D.ietf-ospf-mpls-elc] defines Readable Label Depth Capability | [I-D.ietf-ospf-mpls-elc] defines Readable Label Depth Capability | |||
| (RLDC) that is used by a head-end to insert an Entropy Label (EL) at | (RLDC) that is used by a head-end to insert an Entropy Label (EL) at | |||
| a depth that can be read by transit nodes. | a depth that can be read by transit nodes. | |||
| This document defines an extension to OSPF used to advertise one or | This document defines an extension to OSPF used to advertise one or | |||
| more types of MSD at node and/or link granularity. In the future it | more types of MSD at node and/or link granularity. In the future it | |||
| is expected, that new MSD types will be defined to signal additional | is expected, that new MSD types will be defined to signal additional | |||
| capabilities e.g., entropy labels, SIDs that can be imposed through | capabilities e.g., entropy labels, SIDs that can be imposed through | |||
| skipping to change at page 5, line 17 ¶ | skipping to change at page 5, line 17 ¶ | |||
| Information LSA. If the Node MSD TLV appears in multiple Router | Information LSA. If the Node MSD TLV appears in multiple Router | |||
| Information LSAs that have different flooding scopes, the Node MSD | Information LSAs that have different flooding scopes, the Node MSD | |||
| TLV in the Router Information LSA with the area-scoped flooding scope | TLV in the Router Information LSA with the area-scoped flooding scope | |||
| MUST be used. If the Node MSD TLV appears in multiple Router | MUST be used. If the Node MSD TLV appears in multiple Router | |||
| Information LSAs that have the same flooding scope, the Node MSD TLV | Information LSAs that have the same flooding scope, the Node MSD TLV | |||
| in the Router Information (RI) LSA with the numerically smallest | in the Router Information (RI) LSA with the numerically smallest | |||
| Instance ID MUST be used and subsequent instances of the Node MSD TLV | Instance ID MUST be used and subsequent instances of the Node MSD TLV | |||
| MUST be ignored. The RI LSA can be advertised at any of the defined | MUST be ignored. The RI LSA can be advertised at any of the defined | |||
| opaque flooding scopes (link, area, or Autonomous System (AS)). For | opaque flooding scopes (link, area, or Autonomous System (AS)). For | |||
| the purpose of Node MSD TLV advertisement, area-scoped flooding is | the purpose of Node MSD TLV advertisement, area-scoped flooding is | |||
| REQUIRED. | RECOMMENDED. | |||
| 3. Link MSD sub-TLV | 3. Link MSD sub-TLV | |||
| The link sub-TLV is defined to carry the MSD of the interface | The link sub-TLV is defined to carry the MSD of the interface | |||
| associated with the link. MSD values may be learned via a hardware | associated with the link. MSD values may be learned via a hardware | |||
| API or may be provisioned. | API or may be provisioned. | |||
| 0 1 2 3 | 0 1 2 3 | |||
| 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 | 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 | |||
| skipping to change at page 6, line 27 ¶ | skipping to change at page 6, line 27 ¶ | |||
| If this sub-TLV is advertised multiple times in the same OSPFv2 | If this sub-TLV is advertised multiple times in the same OSPFv2 | |||
| Extended Link Opaque LSA/E-Router-LSA, only the first instance of the | Extended Link Opaque LSA/E-Router-LSA, only the first instance of the | |||
| TLV MUST be used by receiving OSPF routers. This situation SHOULD be | TLV MUST be used by receiving OSPF routers. This situation SHOULD be | |||
| logged as an error. | logged as an error. | |||
| If this sub-TLV is advertised multiple times for the same link in | If this sub-TLV is advertised multiple times for the same link in | |||
| different OSPF Extended Link Opaque LSAs/E-Router-LSAs originated by | different OSPF Extended Link Opaque LSAs/E-Router-LSAs originated by | |||
| the same OSPF router, the OSPFv2 Extended Link TLV in the OSPFv2 | the same OSPF router, the OSPFv2 Extended Link TLV in the OSPFv2 | |||
| Extended Link Opaque LSA with the smallest Opaque ID or in the OSPFv3 | Extended Link Opaque LSA with the smallest Opaque ID or in the OSPFv3 | |||
| E-Router-LSA with the smallest Link State ID is used by receiving | E-Router-LSA with the smallest Link State ID MUSR be used by | |||
| OSPF routers. This situation MAY be logged as a warning. | receiving OSPF routers. This situation MAY be logged as a warning. | |||
| 4. Using Node and Link MSD Advertisements | 4. Using Node and Link MSD Advertisements | |||
| When Link MSD is present for a given MSD type, the value of the Link | When Link MSD is present for a given MSD type, the value of the Link | |||
| MSD MUST take preference over the Node MSD. When a Link MSD type is | MSD MUST take preference over the Node MSD. When a Link MSD type is | |||
| not signalled but the Node MSD type is, then the value of that Node | not signalled but the Node MSD type is, then the value of that Node | |||
| MSD type MUST be considered as the corresponding Link MSD type value. | MSD type MUST be considered as the corresponding Link MSD type value. | |||
| In order to increase flooding efficiency, it is RECOMMENDED, that | In order to increase flooding efficiency, it is RECOMMENDED, that | |||
| routers with homogenous Link MSD values advertise just the Node MSD | routers with homogenous Link MSD values advertise just the Node MSD | |||
| value. | value. | |||
| Information received in an MSD advertisements is to to ensure that | ||||
| the controller learns the Maximum SID Depth (MSD) that can be imposed | ||||
| at each node/link on a given SR path so that the SID stack depth of a | ||||
| computed path doesn't exceed the number of SIDs the node is capable | ||||
| of imposing | ||||
| The meaning of the absence of both Node and Link MSD advertisements | The meaning of the absence of both Node and Link MSD advertisements | |||
| for a given MSD type is specific to the MSD type. Generally it can | for a given MSD type is specific to the MSD type. Generally it can | |||
| only be inferred that the advertising node does not support | only be inferred that the advertising node does not support | |||
| advertisement of that MSD type. However, in some cases the lack of | advertisement of that MSD type. However, in some cases the lack of | |||
| advertisement might imply that the functionality associated with the | advertisement might imply that the functionality associated with the | |||
| MSD type is not supported. The correct interpretation MUST be | MSD type is not supported. The correct interpretation MUST be | |||
| specified when an MSD type is defined. | specified when an MSD type is defined. | |||
| 5. IANA Considerations | 5. IANA Considerations | |||
| skipping to change at page 7, line 4 ¶ | skipping to change at page 7, line 10 ¶ | |||
| advertisement of that MSD type. However, in some cases the lack of | advertisement of that MSD type. However, in some cases the lack of | |||
| advertisement might imply that the functionality associated with the | advertisement might imply that the functionality associated with the | |||
| MSD type is not supported. The correct interpretation MUST be | MSD type is not supported. The correct interpretation MUST be | |||
| specified when an MSD type is defined. | specified when an MSD type is defined. | |||
| 5. IANA Considerations | 5. IANA Considerations | |||
| This document requests IANA to allocate TLV type (TBD1) from the OSPF | This document requests IANA to allocate TLV type (TBD1) from the OSPF | |||
| Router Information (RI) TLVs Registry as defined by [RFC7770]. IANA | Router Information (RI) TLVs Registry as defined by [RFC7770]. IANA | |||
| has allocated the value 12 through the early assignment process. | has allocated the value 12 through the early assignment process. | |||
| Also, this document requests IANA to allocate a sub-TLV type (TBD2) | Also, this document requests IANA to allocate a sub-TLV type (TBD2) | |||
| from the OSPFv2 Extended Link TLV Sub-TLVs registry. IANA has | from the OSPFv2 Extended Link TLV Sub-TLVs registry. IANA has | |||
| allocated the value 6 through the early assignment process. Finally, | allocated the value 6 through the early assignment process. Finally, | |||
| this document requests IANA to allocate a sub-TLV type (TBD3) from | this document requests IANA to allocate a sub-TLV type (TBD3) from | |||
| the OSPFv3 Extended-LSA Sub-TLV registry. | the OSPFv3 Extended-LSA Sub-TLV registry. | |||
| 6. Security Considerations | 6. Security Considerations | |||
| Security concerns for OSPF are addressed in [RFC7474]. Further | Security concerns for OSPF are addressed in [RFC7474], [RFC4552] and | |||
| security analysis for OSPF protocol is done in [RFC6863] Security | [RFC7166]. Further security analysis for OSPF protocol is done in | |||
| considerations, as specified by [RFC7770], [RFC7684] and [RFC8362] | [RFC6863]. Security considerations, as specified by [RFC7770], | |||
| are applicable to this document. | [RFC7684] and [RFC8362] are applicable to this document. | |||
| Advertisement of an incorrect MSD value may result: in a path | Implementations MUST assure that malformed TLV and Sub-TLV defined in | |||
| computation failing and the service unavailable or instantiation of a | this document are detected and do not provide a vulnerability for | |||
| path that can't be supported by the head-end (the node performing the | attackers to crash the OSPF router or routing process. Reception of | |||
| malformed TLV or Sub-TLV SHOULD be counted and/or logged for further | ||||
| analysis. Logging of malformed TLVs and Sub-TLVs SHOULD be rate- | ||||
| limited to prevent a Denial of Service (DoS) attack (distributed or | ||||
| otherwise) from overloading the OSPF control plane. | ||||
| Advertisement of an incorrect MSD value may result: | ||||
| If the value is smaller than supported - path computation failing to | ||||
| compute a viable path. | ||||
| If the value is larger than supported - instantiation of a path that | ||||
| can't be supported by the head-end (the node performing the SID | ||||
| imposition). | imposition). | |||
| The MSD discloses capabilities of the nodes (how many SIDs it | ||||
| supports), which could provide an indication of the abilities or even | ||||
| types of the nodes being used. This information could be used to | ||||
| gain intelligence about devices in the network. | ||||
| There's no Denial of Service risk specific to this extension, and it | ||||
| is not vulnerable to replay attacks. | ||||
| 7. Contributors | 7. Contributors | |||
| The following people contributed to this document: | The following people contributed to this document: | |||
| Les Ginsberg | Les Ginsberg | |||
| Email: ginsberg@cisco.com | Email: ginsberg@cisco.com | |||
| 8. Acknowledgments | 8. Acknowledgments | |||
| The authors would like to thank Acee Lindem, Ketan Talaulikar, Tal | The authors would like to thank Acee Lindem, Ketan Talaulikar, Tal | |||
| Mizrahi, Stephane Litkowski and Bruno Decraene for their reviews and | Mizrahi, Stephane Litkowski and Bruno Decraene for their reviews and | |||
| valuable comments. | valuable comments. | |||
| 9. References | 9. References | |||
| skipping to change at page 8, line 44 ¶ | skipping to change at page 9, line 23 ¶ | |||
| Litkowski, "Signaling Entropy Label Capability and Entropy | Litkowski, "Signaling Entropy Label Capability and Entropy | |||
| Readable Label-stack Depth Using OSPF", draft-ietf-ospf- | Readable Label-stack Depth Using OSPF", draft-ietf-ospf- | |||
| mpls-elc-06 (work in progress), August 2018. | mpls-elc-06 (work in progress), August 2018. | |||
| [I-D.ietf-pce-segment-routing] | [I-D.ietf-pce-segment-routing] | |||
| Sivabalan, S., Filsfils, C., Tantsura, J., Henderickx, W., | Sivabalan, S., Filsfils, C., Tantsura, J., Henderickx, W., | |||
| and J. Hardwick, "PCEP Extensions for Segment Routing", | and J. Hardwick, "PCEP Extensions for Segment Routing", | |||
| draft-ietf-pce-segment-routing-12 (work in progress), June | draft-ietf-pce-segment-routing-12 (work in progress), June | |||
| 2018. | 2018. | |||
| [RFC4552] Gupta, M. and N. Melam, "Authentication/Confidentiality | ||||
| for OSPFv3", RFC 4552, DOI 10.17487/RFC4552, June 2006, | ||||
| <https://www.rfc-editor.org/info/rfc4552>. | ||||
| [RFC6863] Hartman, S. and D. Zhang, "Analysis of OSPF Security | [RFC6863] Hartman, S. and D. Zhang, "Analysis of OSPF Security | |||
| According to the Keying and Authentication for Routing | According to the Keying and Authentication for Routing | |||
| Protocols (KARP) Design Guide", RFC 6863, | Protocols (KARP) Design Guide", RFC 6863, | |||
| DOI 10.17487/RFC6863, March 2013, | DOI 10.17487/RFC6863, March 2013, | |||
| <https://www.rfc-editor.org/info/rfc6863>. | <https://www.rfc-editor.org/info/rfc6863>. | |||
| [RFC7166] Bhatia, M., Manral, V., and A. Lindem, "Supporting | ||||
| Authentication Trailer for OSPFv3", RFC 7166, | ||||
| DOI 10.17487/RFC7166, March 2014, | ||||
| <https://www.rfc-editor.org/info/rfc7166>. | ||||
| [RFC7474] Bhatia, M., Hartman, S., Zhang, D., and A. Lindem, Ed., | [RFC7474] Bhatia, M., Hartman, S., Zhang, D., and A. Lindem, Ed., | |||
| "Security Extension for OSPFv2 When Using Manual Key | "Security Extension for OSPFv2 When Using Manual Key | |||
| Management", RFC 7474, DOI 10.17487/RFC7474, April 2015, | Management", RFC 7474, DOI 10.17487/RFC7474, April 2015, | |||
| <https://www.rfc-editor.org/info/rfc7474>. | <https://www.rfc-editor.org/info/rfc7474>. | |||
| [RFC7752] Gredler, H., Ed., Medved, J., Previdi, S., Farrel, A., and | [RFC7752] Gredler, H., Ed., Medved, J., Previdi, S., Farrel, A., and | |||
| S. Ray, "North-Bound Distribution of Link-State and | S. Ray, "North-Bound Distribution of Link-State and | |||
| Traffic Engineering (TE) Information Using BGP", RFC 7752, | Traffic Engineering (TE) Information Using BGP", RFC 7752, | |||
| DOI 10.17487/RFC7752, March 2016, | DOI 10.17487/RFC7752, March 2016, | |||
| <https://www.rfc-editor.org/info/rfc7752>. | <https://www.rfc-editor.org/info/rfc7752>. | |||
| End of changes. 18 change blocks. | ||||
| 23 lines changed or deleted | 56 lines changed or added | |||
This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||