idnits 2.17.00 (12 Aug 2021) /tmp/idnits55096/draft-ietf-mpls-mldp-node-protection-03.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (February 3, 2015) is 2664 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Downref: Normative reference to an Informational RFC: RFC 5920 == Outdated reference: draft-ietf-mpls-targeted-mldp has been published as RFC 7060 Summary: 1 error (**), 0 flaws (~~), 2 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group IJ. Wijnands, Ed. 3 Internet-Draft E. Rosen 4 Intended status: Standards Track K. Raza 5 Expires: August 7, 2015 Cisco Systems, Inc. 6 J. Tantsura 7 Ericsson 8 A. Atlas 9 Juniper Networks 10 Q. Zhao 11 Huawei Technology 12 February 3, 2015 14 mLDP Node Protection 15 draft-ietf-mpls-mldp-node-protection-03 17 Abstract 19 This document describes procedures to support node protection for 20 Point-to-Multipoint and Multipoint-to-Multipoint Label Switched Paths 21 (MP LSPs) that has been built by "Multipoint Label Distribution 22 Protocol"(mLDP). In order to protect a node N, the Point of Local 23 Repair (PLR) LSR of N must learn the Merge Point (MPT) LSR(s) of node 24 N such that traffic can be redirected to them in case node N fails. 25 Redirecting the traffic around the failed node N depends on existing 26 P2P LSPs. The pre-established LSPs originate from the PLR LSR and 27 terminate on the MPT LSRs while bypassing LSR N. 29 Status of this Memo 31 This Internet-Draft is submitted in full conformance with the 32 provisions of BCP 78 and BCP 79. 34 Internet-Drafts are working documents of the Internet Engineering 35 Task Force (IETF). Note that other groups may also distribute 36 working documents as Internet-Drafts. The list of current Internet- 37 Drafts is at http://datatracker.ietf.org/drafts/current/. 39 Internet-Drafts are draft documents valid for a maximum of six months 40 and may be updated, replaced, or obsoleted by other documents at any 41 time. It is inappropriate to use Internet-Drafts as reference 42 material or to cite them other than as "work in progress." 44 This Internet-Draft will expire on August 7, 2015. 46 Copyright Notice 48 Copyright (c) 2015 IETF Trust and the persons identified as the 49 document authors. All rights reserved. 51 This document is subject to BCP 78 and the IETF Trust's Legal 52 Provisions Relating to IETF Documents 53 (http://trustee.ietf.org/license-info) in effect on the date of 54 publication of this document. Please review these documents 55 carefully, as they describe your rights and restrictions with respect 56 to this document. Code Components extracted from this document must 57 include Simplified BSD License text as described in Section 4.e of 58 the Trust Legal Provisions and are provided without warranty as 59 described in the Simplified BSD License. 61 Table of Contents 63 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 64 1.1. Conventions used in this document . . . . . . . . . . . . 3 65 1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 66 2. PLR Determination . . . . . . . . . . . . . . . . . . . . . . 4 67 2.1. Transit node procedure . . . . . . . . . . . . . . . . . . 4 68 2.2. MP2MP root node procedure . . . . . . . . . . . . . . . . 5 69 2.3. PLR information encoding . . . . . . . . . . . . . . . . . 5 70 3. Using the tLDP session . . . . . . . . . . . . . . . . . . . . 7 71 4. Link or node failure . . . . . . . . . . . . . . . . . . . . . 9 72 4.1. Re-convergence after node/link failure . . . . . . . . . . 10 73 4.1.1. Node failure . . . . . . . . . . . . . . . . . . . . . 10 74 4.1.2. Link failure . . . . . . . . . . . . . . . . . . . . . 11 75 4.1.3. Switching to new primary path . . . . . . . . . . . . 11 76 5. mLDP Capabilities for Node Protection . . . . . . . . . . . . 11 77 5.1. PLR capability . . . . . . . . . . . . . . . . . . . . . . 12 78 5.2. MPT capability . . . . . . . . . . . . . . . . . . . . . . 12 79 5.3. The Protected LSR . . . . . . . . . . . . . . . . . . . . 12 80 5.4. The Node Protection Capability . . . . . . . . . . . . . . 13 81 6. Security Considerations . . . . . . . . . . . . . . . . . . . 14 82 7. IANA considerations . . . . . . . . . . . . . . . . . . . . . 14 83 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 14 84 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 15 85 9.1. Normative References . . . . . . . . . . . . . . . . . . . 15 86 9.2. Informative References . . . . . . . . . . . . . . . . . . 15 87 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 15 89 1. Introduction 91 This document describes procedures to support node protection for 92 Point-to-Multipoint and Multipoint-to-Multipoint Label Switched Paths 93 (MP LSPs) that has been built by "Multipoint Label Distribution 94 Protocol"(mLDP). In order to protect a node N, the Point of Local 95 Repair (PLR) LSR of N must learn the Merge Point (MPT) LSR(s) of node 96 N such that traffic can be redirected to them in case node N fails. 97 Redirecting the traffic around the failed node N depends on existing 98 P2P LSPs. The pre-established LSPs originate from the PLR LSR and 99 terminate on the MPT LSRs while bypassing LSR N. The procedures to 100 setup these P2P LSPs are outside the scope of this document, but one 101 can imagine using RSVP-TE or LDP LFA based techniques to accomplish 102 this. 104 The solution described in this document notifies the PLR(s) of the 105 MPT LST(s) via signalling using a Targetted LDP (tLDP) session 106 [RFC5036]. By having a tLDP session with the PLR, most of the (m)LDP 107 features currently defined should just work, like Make-Before-Break 108 (MBB), Graceful Restart (GR), Typed Wildcard FEC support, etc. All 109 this is achieved at the expense of having additional tLDP sessions 110 between each MPT and PLR LSR. 112 1.1. Conventions used in this document 114 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 115 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 116 document are to be interpreted as described in RFC 2119 [RFC2119]. 118 The terms "node" is used to refer to an LSR and used interchangeably. 119 The terms "PLR" and "MPT" are used as shorthand to refer to "PLR LSR" 120 and "MPT LSR" respectively. 122 1.2. Terminology 124 mLDP: Multipoint extensions to LDP. 126 PLR: Point of Local Repair (the LSR that redirects the traffic to 127 one or more Merge Point LSRs). 129 MPT: Merge Point (the LSR that merges the backup LSP with primary 130 LSP. Note, there can be multiple MPT LSRs for a single MP-LSP 131 node protection). 133 tLDP: Targeted LDP. 135 MP LSP: Multi-Point LSP (either a P2MP or MP2MP LSP). 137 2. PLR Determination 139 In order for a MPT to establish a tLDP session with a PLR, it first 140 has to learn the PLR for a particular MP LSP. It is the 141 responsibility of the protected node N to advertise the address of 142 the PLR to the MPT. The PLR address for a MP LSP on node N is the 143 address of the upstream LDP peer, but only when node N is NOT the 144 root node of the MP2MP LSP. If the upstream LDP peer is unable to 145 function as PLR, the procedures in this document do not apply and are 146 out of the scope. If node N is the root node, the procedures are 147 slightly different as described in Section 2.2. The procedures that 148 follow assume that all the participating nodes (N, PLRs, MPTs) are 149 enabled (e.g. by a user configuration) to support and implement the 150 PLR determination feature. 152 2.1. Transit node procedure 154 Below we are describing the procedures when the protected node is a 155 transit node along the path to the root. 157 root 158 ^ 159 | 160 (LSR1) 161 . | . 162 . | . 163 . (N) . 164 . / \ . 165 . / \. 166 (LSR2) (LSR3) 167 | | 168 Figure 1. 170 N: The node being protected, 171 ...: Backup LSPs from LSR1 to the LSR2 and LSR3. 173 Node N uses the root address of the MP LSP to determine the upstream 174 LSR for a given MP LSP following the procedures as documented in 175 [RFC6388] section 2.4.1.1. The upstream LSR in figure 1 is LSR1 176 because it is the first hop along the shortest path to reach the root 177 address. After determining the upstream LSR, node N (which is 178 feature enabled), MUST advertise the address of LSR1 as the PLR 179 address to the downstream members of the MP LSP (i.e. LSR2 and LSR3) 180 if the given downstream member has announced support for node 181 protection (see Section 5) for Capability negotiation). For the 182 format and encoding of PLR address information, see Section 2.3. 184 2.2. MP2MP root node procedure 186 In this section we are describing the procedures for when the 187 protected node is the root of a MP2MP LSP. Consider figure 2 below; 189 | 190 (LSR1) 191 . | . 192 . | . 193 . (N) . root 194 . / \ . 195 . / \. 196 (LSR2)....(LSR3) 197 | | 198 Figure 2. 200 N: The MP2MP root node being protected. 201 ...: Backup LSPs between LSR1, LSR2 and LSR3. 203 Assume that LSR1, LSR2 and LSR3 are all members of a MP2MP LSP for 204 which N is the root node. Since N is the root of the MP2MP LSP, 205 there is no upstream LSR and no 'single' PLR LSR for protecting node 206 N. In order to protect node N, all the directly connected members of 207 the MP2MP must participate in protecting node N by acting both as PLR 208 and MPT LSR. An LSR will act as MPT for traffic coming from the 209 other LSR(s) and it will act as PLR for traffic it is sending to the 210 other LSR(s). Since node N knows the members of the MP2MP LSP, it 211 will advertise the member list to its directly connected members, 212 excluding the member it is sending to. For example, node N will 213 advertise {LSR3,LSR1} list to LSR2 excluding LSR2 from it. Instead 214 of advertising a single PLR when node N is not the root, a list of 215 PLRs is advertised using the procedures documented in Section 2.3. 217 It should be noted that the MP2MP root node protection mechanism 218 don't replace the Root Node Redundancy (RNR) procedures as described 219 in [RFC6388] section 7. The node protection procedures in this draft 220 will help restoring traffic for the existing MP2MP LSPs after node 221 failure, but a new root node has to be elected eventually in order to 222 allow new MP2MP LSPs to be created. 224 2.3. PLR information encoding 226 The upstream LSR address is conveyed via an LDP Notification message 227 with MP Status TLV, where the MP status TLV contains a new "PLR 228 Status Value Element" that specifies the address of the PLR. 230 The new "PLR Status Value Element" is encoded as follows; 232 PLR Status Element: 234 0 1 2 3 235 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 236 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 237 | Type = TBA-1 | Length | Addr Family | 238 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 239 | Addr Fam cont | Num PLR entry | | 240 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + 241 | | 242 | PLR entry (1 or more) ~ 243 | | 244 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 246 Where 248 Type: PLR Status Value Element (Type TBA-1 to be assigned by IANA) 250 Length: The Length field encodes the length of the Status Value 251 following the Length field. The encoded Length varies based on 252 the Address Family and the number of PLR entries. 254 Address Family: Two octet quantity containing a value from IANA's 255 "Address Family Numbers" registry that encodes the address family 256 for the PLR Address encoded in the PLR entry. 258 Num PLR entry: Number of "PLR entries" encoded in the Status Value 259 Element, followed by "Num PLR entry" field (please see format of a 260 PLR entry below). 262 The format of a "PLR Entry" is as follows: 264 0 1 2 3 265 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 266 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 267 |A| Reserved | PLR address | 268 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 269 ~ PLR address (cont) ~ 270 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 272 Where 274 A bit: 0 = Withdraw, 1 = Add. 276 Reserved: 15 bits, must be zero on transmit and ignored on receipt 278 PLR address: PLR Address encoded according to Address Family field 279 encoded in the PLR Status Value Element. Note, the length of the 280 PLR address field is specific to the Address Family that is 281 encoded. 283 The size of a "PLR Entry" is the 2 octets ("A bit + Reserved") + PLR 284 address length. The length of the PLR address is depending on the 285 Address Family as encoded in the PLR Status Value Element. The size 286 of a "PLR entry" is 6 octets and 18 octets respectively for an IPv4 287 PLR address and an IPv6 PLR address. 289 If the PLR address on N changes for a given MP LSP, N needs to 290 trigger a new PLR Status to update the MPT(s). A node N can 291 advertise or withdraw a given PLR from its PLR set by setting "A bit" 292 to 1 or 0 respectively in corresponding PLR entry. Removing a PLR 293 address is likely due to a link failure, see the procedures as 294 documented in Section 4.1. To remove all PLR addresses belonging to 295 the encoded Address Family, an LSR N MUST encode PLR Status Value 296 Element with no PLR entry and "Num PLR entry" field MUST be set to 297 zero. 299 Along with the PLR MP Status a MP FEC TLV MUST be included in the LDP 300 Notification message so that a receiver is able to associate the PLR 301 Status with the MP LSP. 303 3. Using the tLDP session 305 The receipt of a PLR MP Status (with PLR addresses) for a MP LSP on a 306 receiving LSR makes it an MPT for node protection. If not already 307 established, the MPT LSR MUST establish a tLDP session with all of 308 the learned PLR addresses using the procedures as documented in 309 [I-D.ietf-mpls-targeted-mldp]. 311 Using Figure 1 as the reference topology, let us assume that both 312 LSR2 and LSR3 are MPTs and have established a tLDP session with the 313 PLR being LSR1. Assume that both LSR2 and LSR3 have a FEC with 314 a upstream LSR N and label Ln assigned to FEC towards N. The MPTs 315 will create a secondary upstream LSR (using the received PLR address) 316 and assigned a Label Lpx to FEC towards PLR for it. The MPTs 317 will do that for each PLR address that was learned for the MP LSP. 318 In this example, the MPTs will have a FEC with two local labels 319 associated with it. Ln that was assigned to N via the normal mLDP 320 procedures, and Label Lpx that was assigned for PLR (LSR1) for the 321 purpose of node protecting MP LSP via node N. Note, when the 322 protected node is a MP2MP root node, there will be an upstream LSR 323 for each PLR address that was advertised along with a unique Label 324 Lpx. 326 The receipt of a FEC Label Mapping alone over the tLDP session from 327 MPT on a PLR conveys the label information but does not convey the 328 node being protected. The information about a protected node is 329 known to the MPT LSR and needs to be communicated to the PLR as well. 330 For this reason, the FEC Label Mapping (FEC : Lpx) sent by the 331 MPT over the tLDP session to the PLR MUST include a Status TLV with 332 MP Status including a new LDP MP status Value Element called the 333 "Protected Node Status Value Element". This new value element is 334 used to specify the address of the node being protected. The 335 "Protected Node Status Value Element" has the following format; 337 0 1 2 3 338 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 339 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 340 | Type = TBA-2 | Length | Addr Family | 341 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 342 | Addr Fam cont | Node address ~ 343 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 345 Type : Protected Node Status Value Element (Type TBA-2 to be 346 assigned by IANA) 348 Length: The Length field encodes the length of the Status Value 349 following the Length field. The encoded Length varies based on 350 the Address Family and is 6 octets (for Address Family + IPv4 351 address and 18 octets for Address Family + IPv6 address. 353 Address Family: Two octet quantity containing a value from IANA's 354 "Address Family Numbers" registry that encodes the address family 355 for the Node Address. 357 Node address: Protected node address encoded according to Address 358 Family field. 360 When a PLR receives a Label Mapping for FEC that includes a 361 Protected Node Status, it will only use that label binding once the 362 Node advertised in the Status value becomes unreachable. If the LSP 363 is a MP2MP LSP, the PLR would have assigned a Label Mapping for the 364 upstream MP2MP FEC Element to the MPT ([RFC6388] section 3) for FEC 365 . This label binding on the MPT MUST only be used once node N 366 becomes unreachable. 368 The procedures to determine if a node is unreachable is a local 369 decision and not spelled out in this draft. Typical link failure or 370 Bidirectional Forwarding Detection (BFD) can be used to determine and 371 detect node unreachability. 373 4. Link or node failure 375 Consider the following topology; 377 root 378 ^ 379 | 380 . (LSR1) 381 . / | . 382 . (M) | . 383 . \ | . 384 . (N) . 385 . / \ . 386 . / \. 387 (LSR2) (LSR3) 388 | | 389 Figure 3. 391 N: The node being protected 392 M: The backup node to protect link LSR1 - N 393 ...; Backup LSPs from LSR1 to LSR2 and LSR3. 395 Assume that LSR1 is the PLR for protected node N, LSR2 and LSR3 are 396 MPTs for node N. When LSR1 discovered that node N is unreachable, it 397 can't determine whether it is the 'LSR1 - N' link or node N that 398 failed. In Figure 3, the link between LSR1 and N is also protected 399 using Fast ReRoute (FRR) [RFC4090] link protection via node M. LSR1 400 MAY potentially invoke 2 protection mechanisms at the same time, 401 redirection the traffic due to link protection via node M to N, and 402 for node protection directly to LSR1 and LSR2. If only the link 403 failed, LSR2 and LSR3 will receive the packets twice due to the two 404 protection mechanisms. To prevent duplicate packets to be forwarded 405 to the receivers on the tree, LSR2 and LSR3 need to determin which 406 upstream node to accept the packets from. So, either from the 407 primary upstream LSR N or from the secondary upstream LSR1, but never 408 both at the same time. The selection between the primary upstream 409 LSR or (one or more) secondary upstream LSRs (on LSR2 and LSR3) is 410 based on the reachability of the protected node N. As long as N is 411 reachable, N is the primary upstream LSR who is accepting the MPLS 412 packets and forwarding them. Once N becomes unreachable, the 413 secondary upstream LSRs (LSR1 in our example) are activated. Note 414 that detecting if N is unreachable is a local decision and not 415 spelled out in this draft. Typical link failure or Bidirectional 416 Forwarding Detection (BFD) can be used to determine and detect node 417 unreachability. 419 4.1. Re-convergence after node/link failure 421 Consider the following topology; 423 root 424 ^ 425 _ | 426 /. (LSR1) 427 /. /. | .\ 428 /. (M). | .\ 429 (P). \. | .\ 430 \. ( N ) .(Q) 431 \. / \ ./ 432 \. / \ ./ 433 (LSR2) (LSR3) 434 | | 435 Figure 4. 437 N: The node being protected. 438 M: The backup node to protect link 'LSR1 - N'. 439 P and Q: The nodes on the new primary path after N failure. 440 ...: P2P backup LSPs. 442 Assume that LSR1 has detected that Node N is unreachable and invoked 443 both the Link Protection and Node Protection procedures as described 444 in this draft. LSR1 is acting as PLR and sending traffic over both 445 the backup P2P LSP to node N (via M) and the P2P LSPs directly to 446 LSR2 and LSR3, acting as MPT LSRs. The sequence of events are 447 depending on whether the link 'LSR1 - N' has failed or node N itself. 448 The node's downsteam from the protected node (and participating in 449 node protection) MUST have the capability to determin that the 450 protected node became unreachable. Otherwise the procedures below 451 can not be applied. 453 4.1.1. Node failure 455 If node N failed, both LSR2 and LSR3 will have changed the primary 456 upstream LSR to the secondary upstream LSR (LSR1) due to node N being 457 unreachable. With that, the label bindings previously assigned to 458 LSR1 will be activated on the MPTs (LSR2 and LSR3) and the label 459 binding to N will be disabled. Traffic is now switched over the 460 label bindings that where installed for node protection. 462 4.1.2. Link failure 464 If the link 'LSR1 - N' has failed, both LSR2 and LSR3 will not change 465 the primary upstream LSR because node N is still reachable. LSR2 and 466 LSR3 will receive traffic over two different bindings, the primary 467 label binding assigned to node N (due to link protection via node M) 468 as well as over the binding assigned to LSR1 for the node protection. 469 Since the secondary upstream LSRs have not been activated, the 470 traffic received due to node protection will be dropped. Node N will 471 re-converge and update LSR2 and LSR3 (Section 2.3) with the 472 information that the PLR address (LSR1) is no longer applicable and 473 must be removed. In response, LSR2 and LSR3 MUST sent a Label 474 Withdraw to LSR1 to withdraw the label binding. This will stop the 475 traffic being forwarded over the backup P2P LSPs for node protection. 476 LSR1 will respond back with a Label Release as soon as the binding 477 has been removed. 479 4.1.3. Switching to new primary path 481 The network will eventually re-converge and a new best path to the 482 root will be found by LSR2 and LSR3. LSR2 will find that P is its 483 new primary upstream LSR to reach the Root and LSR3 will find Q. Note 484 that although the current active upstream LSR can either be node N or 485 LSR1 (depending on link or node failure), it does not matter for the 486 following procedures. Both LSR2 and LSR3 SHOULD use the Make-Before- 487 Break (MBB) procedures as described in [RFC6388] section 8 to switch 488 to the new primary upstream node. As soon as the new primary 489 upstream LSRs P and Q are activated, a Label Withdraw message MUST be 490 sent to the old upstream LSR. Note that an upstream LSR switchover 491 from a tLDP neighbor to a directly connected LDP neighbor is no 492 different compared to switching between two directly connected 493 neighbors. After the Label Withdraw message has been received by 494 LSR1 or node N, forwarding will stop and a Label Release will be 495 sent. 497 When it is determined that after re-convergence there is no more 498 interest in the tLDP session between the MPT and the PLR, the tLDP 499 session MAY be taken down. It is possible that having no more 500 interest in the tLDP session is temporarily due to link flapping. In 501 order to avoid the tLDP session from flapping, it is RECOMMENDED to 502 apply a delay before tearing down the session. Determining the delay 503 is a local implementation matter. 505 5. mLDP Capabilities for Node Protection 507 In order to describe the capabilities of the participating LSRs , we 508 are organizing it per role in the network i.e., Point of Local Repair 509 (PLR), Merge Point (MPT), and Protected Node (as depicted in Fig 1). 511 5.1. PLR capability 513 A PLR node should handle the following conditions; 515 1. Accept an incoming tLDP session from the MPT LSR. 517 2. Support the receipt of a "Protected Node Status Value Element" 518 status in a MP Status TLV over tLDP session. 520 3. Upon node failure detection, capable of switching traffic towards 521 one or more MPT(s) over P2P LSP (bypassing N) using the labels 522 previously advertised for MP LSPs over the tLDP session. 524 An LSR capable of performing these actions will advertise it self as 525 PLR capable in the Node Protection capability (see Section 5.4). 526 This is a unidirectional capability announced from PLR to the 527 protected LSR. 529 5.2. MPT capability 531 An MPT node should handle the following conditions; 533 1. Support the receipt of "PLR Status Value Element" in a MP Status 534 TLV from a protected node N. 536 2. Support to transmit "Protected Node Status Value Element" in a MP 537 Status TLV to a PLR. 539 A LSR capable of performing these actions will advertise itself as 540 the MPT capable in the Node Protection capability (see Section 5.4). 541 This is a unidirectional capability from MPT to the protected LSR. 543 5.3. The Protected LSR 545 A protected node should handle the following conditions; 547 1. Determine the PLR and MPT capability for directly connected 548 upstream and downstream LSRs for a given MP FEC. 550 2. Support transmitting of "PLR Status Value Element" in a MP Status 551 TLV to one or more downstream MPT LSRs. 553 The protected LSR does not advertise any capability for mLDP Node 554 Protection because it does not need to receive any of the defined MP 555 Status values as described above. However, the protected node does 556 play an important role in the signaling and setup of the node 557 protection. For a given FEC, the protected node can only send PLR 558 information to a downstream LSR if the PLR has signaled the PLR 559 capability and the downstream LSR has signaled the MPT capability. 560 When the downstream LSR (acting as MPT) receives the PLR status, it 561 can implicitly infer that the advertised LSR(s) are PLR capable. The 562 MPT LSR can now proceed with setting up a tLDP session with the 563 PLR(s) and MP LSP node protection signaling. 565 5.4. The Node Protection Capability 567 We define a single capability "MP Node Protection Capability" to 568 announce the PLR and MPT capability. 570 The format of the capability parameter TLV is as follows: 572 0 1 2 3 573 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 574 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 575 |U|F| Type = TBA-3 | Length = 2 | 576 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 577 |S| Reserved |P|M| Reserved | 578 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 580 Where 582 U/F bits: MUST be set to 1 and 0 respectively (as per [RFC5561]) 584 Type: MP Node Protection Capability (Type = TBA-3 to be assigned 585 by IANA) 587 Length: MUST be set to 2. 589 S bit: Set to 1 to announce and 0 to withdraw the capability (as 590 per [RFC5561]) 592 P bit: PLR capable for MP LSP node protection 594 M bit: MPT capable for MP LSP node protection 596 Reserved: Must be zero on transmit and ignored on receipt 598 The above capability can be sent in an LDP Initialization message to 599 announce capability at the session establishment time, or it can be 600 sent in LDP Capability message to dynamically update (announce or 601 withdraw) its capability towards its peer using procedures specified 602 in [RFC5561]. 604 An LSR that supports the PLR functionality LSR MAY send this 605 capability to its downstream MP peers with "P" bit set; whereas, an 606 LSR that supports an the MPT functionality MAY send this capability 607 to its upstream peer with "M" bit set. Moreover, an LSR that 608 supports both the PLR and MPT functionality MAY sent this capability 609 to its peers with both "P" and "M" bit set. 611 6. Security Considerations 613 The same security considerations apply as those for the base mLDP 614 specification, as described in [RFC6388] and [RFC5920]. 616 7. IANA considerations 618 IANA is requested to allocate two new code points from the "LDP MP 619 Status Value Element type" registry within the Label Distribution 620 Protocol (LDP) Parameters; 622 Value | Name | Reference 623 ------+----------------------------------------+----------- 624 TBA-1 | PLR Status Value Element | this doc 625 ------+----------------------------------------+----------- 626 TBA-2 | Protected Node Status Value Element | this doc 628 IANA is requested to assign a new code points for a new Capability 629 Parameter TLV. The code point should be assigned from the IETF 630 Consensus range of the "TLV Type Name Space" registry within the LDP 631 Parameters. The lowest available new code point after 0x0970 should 632 be used. 634 Value | Description | Reference | Notes/Reg Date 635 ------+-------------------------------+-----------+--------------- 636 TBA-3 | MP Node Protection Capability | This doc | 638 8. Acknowledgments 640 The authors like to thank Nagendra Kumar, Duan Hong, Martin 641 Vigoureux, Kenji Fujihira and Loa Andersson for their comments on 642 this draft. 644 9. References 645 9.1. Normative References 647 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 648 Requirement Levels", BCP 14, RFC 2119, March 1997. 650 [RFC5036] Andersson, L., Minei, I., and B. Thomas, "LDP 651 Specification", RFC 5036, October 2007. 653 [RFC6388] Wijnands, IJ., Minei, I., Kompella, K., and B. Thomas, 654 "Label Distribution Protocol Extensions for Point-to- 655 Multipoint and Multipoint-to-Multipoint Label Switched 656 Paths", RFC 6388, November 2011. 658 [RFC5561] Thomas, B., Raza, K., Aggarwal, S., Aggarwal, R., and JL. 659 Le Roux, "LDP Capabilities", RFC 5561, July 2009. 661 [RFC5920] Fang, L., "Security Framework for MPLS and GMPLS 662 Networks", RFC 5920, July 2010. 664 [I-D.ietf-mpls-targeted-mldp] 665 Napierala, M. and E. Rosen, "Using LDP Multipoint 666 Extensions on Targeted LDP Sessions", 667 draft-ietf-mpls-targeted-mldp-01 (work in progress), 668 January 2013. 670 9.2. Informative References 672 [RFC4090] Pan, P., Swallow, G., and A. Atlas, "Fast Reroute 673 Extensions to RSVP-TE for LSP Tunnels", RFC 4090, 674 May 2005. 676 Authors' Addresses 678 IJsbrand Wijnands (editor) 679 Cisco Systems, Inc. 680 De kleetlaan 6a 681 Diegem 1831 682 Belgium 684 Email: ice@cisco.com 685 Eric Rosen 686 Cisco Systems, Inc. 687 1414 Massachusetts Avenue 688 Boxborough MA 01719 689 USA 691 Email: erosen@cisco.com 693 Kamran Raza 694 Cisco Systems, Inc. 695 2000 Innovation Drive 696 Ottawa Ontario K2K-3E8 697 Canada 699 Email: skraza@cisco.com 701 Jeff Tantsura 702 Ericsson 703 300 Holger Way 704 San Jose CA 95134 705 USA 707 Email: jeff.tantsura@ericsson.com 709 Alia Atlas 710 Juniper Networks 711 10 Technology Park Drive 712 Westford MA 01886 713 USA 715 Email: akatlas@juniper.net 717 Quintin Zhao 718 Huawei Technology 719 125 Nagog Technology Park 720 Acton MA 01719 721 USA 723 Email: quintin.zhao@huawei.com