idnits 2.17.00 (12 Aug 2021) /tmp/idnits62189/draft-ietf-msdp-spec-03.txt: ** The Abstract section seems to be numbered Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** Missing expiration date. The document expiration date should appear on the first and last page. ** The document seems to lack a 1id_guidelines paragraph about Internet-Drafts being working documents. ** The document is more than 15 pages and seems to lack a Table of Contents. == No 'Intended status' indicated for this document; assuming Proposed Standard == The page length should not exceed 58 lines per page, but there was 23 longer pages, the longest (page 21) being 61 lines == It seems as if not all pages are separated by form feeds - found 0 form feeds but 25 pages Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an Introduction section. ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** The document seems to lack separate sections for Informative/Normative References. All references will be assumed normative when checking for downward references. ** There are 7 instances of too long lines in the document, the longest one being 7 characters in excess of 72. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not match the current year == Line 201 has weird spacing: '... by the activ...' == The document seems to lack the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. (The document does seem to have the reference to RFC 2119 which the ID-Checklist requires). -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- Couldn't find a document date in the document -- date freshness check skipped. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'SA-State-Period' is mentioned on line 187, but not defined == Missing Reference: 'SA-Hold-Down-Period' is mentioned on line 193, but not defined == Missing Reference: 'KeepAlive-Period' is mentioned on line 207, but not defined == Missing Reference: 'ConnectRetry-Period' is mentioned on line 218, but not defined == Missing Reference: 'Hold-Time-Period' is mentioned on line 231, but not defined == Missing Reference: 'MSDP-GRE-ProtocolType' is mentioned on line 889, but not defined == Outdated reference: draft-meyer-gre-update has been published as RFC 2784 ** Obsolete normative reference: RFC 1771 (Obsoleted by RFC 4271) ** Obsolete normative reference: RFC 1825 (Obsoleted by RFC 2401) ** Downref: Normative reference to an Historic RFC: RFC 1828 ** Obsolete normative reference: RFC 2283 (Obsoleted by RFC 2858) ** Obsolete normative reference: RFC 2362 (Obsoleted by RFC 4601, RFC 5059) Summary: 14 errors (**), 0 flaws (~~), 13 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 Network Working Group Dino Farinacci 2 INTERNET DRAFT Procket Networks 3 Yakov Rekhter 4 David Meyer 5 Cisco Systems 6 Peter Lothberg 7 Sprint 8 Hank Kilmer 9 Jeremy Hall 10 UUnet 11 Category Standards Track 12 January, 2000 14 Multicast Source Discovery Protocol (MSDP) 15 17 1. Status of this Memo 19 This document is an Internet-Draft and is in full conformance with 20 all provisions of Section 10 of RFC 2026. 22 Internet Drafts are working documents of the Internet Engineering 23 Task Force (IETF), its areas, and its working groups. Note that other 24 groups may also distribute working documents as Internet-Drafts. 26 Internet-Drafts are draft documents valid for a maximum of six months 27 and may be updated, replaced, or obsoleted by other documents at any 28 time. It is inappropriate to use Internet-Drafts as reference 29 material or to cite them other than as "work in progress." 31 The list of current Internet-Drafts can be accessed at 32 http://www.ietf.org/ietf/1id-abstracts.txt. 34 The list of Internet-Draft Shadow Directories can be accessed at 35 http://www.ietf.org/shadow.html. 37 2. Abstract 39 The Multicast Source Discovery Protocol, MSDP, describes a mechanism 40 to connect multiple PIM-SM domains together. Each PIM-SM domain uses 41 its own independent RP(s) and does not have to depend on RPs in other 42 domains. 44 3. Copyright Notice 46 Copyright (C) The Internet Society (2000). All Rights Reserved. 48 4. Introduction 50 The Multicast Source Discovery Protocol, MSDP, describes a mechanism 51 to connect multiple PIM-SM domains together. Each PIM-SM domain uses 52 its own independent RP(s) and does not have to depend on RPs in other 53 domains. Advantages of this approach include: 55 o No Third-party resource dependencies on RP 57 PIM-SM domains can rely on their own RPs only. 59 o Receiver only Domains 61 Domains with only receivers get data without globally 62 advertising group membership. 64 o Global Source State 66 Global source state is not required, since a router need not 67 cache Source Active (SA) messages (see below). MSDP is a 68 periodic protocol. 70 The keywords MUST, MUST NOT, MAY, OPTIONAL, REQUIRED, RECOMMENDED, 71 SHALL, SHALL NOT, SHOULD, SHOULD NOT are to be interpreted as defined 72 in RFC 2119 [RFC2119]. 74 5. Overview 76 An RP (or other MSDP SA originator) in a PIM-SM [RFC2362] domain will 77 have a MSDP peering relationship with a MSDP peers in another domain. 78 The peering relationship will be made up of a TCP connection in which 79 control information exchanged. Each domain will have one or more 80 connections to this virtual topology. 82 The purpose of this topology is to have domains discover multicast 83 sources from other domains. If the multicast sources are of interest 84 to a domain which has receivers, the normal source-tree building 85 mechanism in PIM-SM will be used to deliver multicast data over an 86 inter-domain distribution tree. 88 We envision this virtual topology will essentially be congruent to 89 the existing BGP topology used in the unicast-based Internet today. 90 That is, the TCP connections between MSDP peers can be realized by 91 the underlying BGP routing system. 93 6. Procedure 95 A source in a PIM-SM domain originates traffic to a multicast group. 96 The PIM DR which is directly connected to the source sends the data 97 encapsulated in a PIM Register message to the RP in the domain. 99 The RP will construct a "Source-Active" (SA) message and send it to 100 its MSDP peers. The SA message contains the following fields: 102 o Source address of the data source. 103 o Group address the data source sends to. 104 o IP address of the RP. 106 Each MSDP peer receives and forwards the message away from the RP 107 address in a "peer-RPF flooding" fashion. The notion of peer-RPF 108 flooding is with respect to forwarding SA messages. The BGP routing 109 table is examined to determine which peer is the NEXT_HOP towards the 110 originating RP of the SA message. Such a peer is called an "RPF 111 peer". See section 14 below for the details of peer-RPF forwarding. 113 If the MSDP peer receives the SA from a non-RPF peer towards the 114 originating RP, it will drop the message. Otherwise, it forwards the 115 message to all its MSDP peers. 117 The flooding can be further constrained to children of the peer by 118 interrogating BGP reachability information. That is, if a BGP peer 119 advertises a route (back to you) and you are the next to last AS in 120 the AS_PATH, the peer is using you as the NEXT_HOP. This is known in 121 other circles as Split-Horizon with Poison Reverse. An implementation 122 SHOULD NOT forward SA messages (which were originated from the RP 123 address covered by a route) to peers which have not Poison Reversed 124 that route. 126 When an MSDP peer which is also an RP for its own domain receives a 127 new SA message, it determines if it has any group members interested 128 in the group which the SA message describes. That is, the RP checks 129 for a (*,G) entry with a non-empty outgoing interface list; this 130 implies that the domain is interested in the group. In this case, the 131 RP triggers a (S,G) join event towards the data source as if a 132 Join/Prune message was received addressed to the RP itself (See 133 [RFC2362] Section 3.2.2). This sets up a branch of the source-tree to 134 this domain. Subsequent data packets arrive at the RP which are 135 forwarded down the shared-tree inside the domain. If leaf routers 136 choose to join the source-tree they have the option to do so 137 according to existing PIM-SM conventions. Finally, if an RP in a 138 domain receives a PIM Join message for a new group G, and it is 139 caching SAs, then the RP should trigger a (S,G) join event for each 140 SA for that group in its cache. 142 This procedure has been affectionately named flood-and-join because 143 if any RP is not interested in the group, they can ignore the SA 144 message. Otherwise, they join a distribution tree. 146 7. Controlling State 148 While RPs which receive SA messages are not required to keep MSDP 149 (S,G) state, an RP SHOULD cache SA messages by default. The advantage 150 of caching is that newly formed MSDP peers can get MSDP (S,G) state 151 sooner and therefore reduce join latency for new joiners. In 152 addition, caching greatly aids in diagnosis and debugging of various 153 problems. 155 8. Timers 157 The main timers for MSDP are: SA-Advertisement-Timer, SA-Hold-Down- 158 Timer, SA Cache Entry timer, KeepAlive timer, and ConnectRetry and 159 Peer Hold Timer. Each is considered below. 161 8.1. SA-Advertisement-Timer 163 RPs which originate SA messages do it periodically as long as there 164 is data being sent by the source. There is one SA-Advertisement-Timer 165 covering the sources that an RP may advertise. [SA-Advertisement- 166 Period] MUST be 60 seconds. An RP will not send more than one 167 periodic SA message for a given (S,G) within an SA Advertisement 168 interval. Originating periodic SA messages is important so that new 169 receivers who join after a source has been active can get data 170 quickly via the receiver's own RP when it is not caching SA state. 172 8.2. SA-Advertisement-Timer Processing 174 An RP starts the SA-Advertisement-Timer when the MSDP process is 175 configured. When the timer expires, an RP advertises any candidate 176 internal sources to its peers and resets the timer to [SA- 177 Advertisement-Period] seconds. The timer is deleted when the MSDP 178 process is deconfigured. Note that a caching implementation may also 179 wish to check the SA-Cache on this timer event. 181 8.3. SA Cache Timeout (SA-State-Timer) 183 Each entry in an SA Cache has an associated SA-State-Timer. A 184 (S,G)-SA-State-Timer is started when an (S,G)-SA message is initially 185 received by a caching MSDP peer. The timer is reset to [SA-State- 186 Period] if another (S,G)-SA message is received before the (S,G)-SA- 187 State-Timer expires. [SA-State-Period] MUST NOT be less than 90 188 seconds. 190 8.4. SA-Hold-Down-Timer 192 A caching MSDP peer SHOULD NOT forward an SA message it has received 193 in during the previous [SA-Hold-Down-Period] seconds. [SA-Hold-Down- 194 Period] SHOULD be set to 30 seconds. The timer is set to [SA-Hold- 195 Down-Period] upon receipt of an (S,G)-SA message, and reset to [SA- 196 Hold-Down-Period] when forwarding an (S,G)-SA message. Finally, the 197 timer is deleted when the (S,G)-SA cache entry is deleted. 199 8.5. KeepAlive Timer 201 The KeepAlive timer is used by the active connect side of the MSDP 202 connection to track the state of the passive-connect side of the 203 connection. In particular, the KeepAlive timer is be used to reset 204 the TCP connection when the passive-connect side of the connection 205 goes down. The KeepAlive timer is set to [KeepAlive-Period] when 206 passive-connect peer comes up. [KeepAlive-Period] SHOULD NOT be less 207 that 75 seconds. The timer is reset to [KeepAlive-Period] upon 208 receipt of data from peer, and deleted when the timer expires or the 209 passive-connect peer closes the connection. 211 8.6. ConnectRetry Timer 213 The ConnectRetry timer is used by an MSDP peer to transition from 214 INACTIVE to CONNECTING states. There is one timer per peer, and the 215 [ConnectRetry-Period] SHOULD be set to 30 seconds. The timer is 216 initialized to [ConnectRetry-Period] when an MSDP peer's active 217 connect attempt fails. When the timer expires, the peer retries the 218 connection and the timer is is reset to [ConnectRetry-Period]. It is 219 deleted deleted if either the connection transitions into ESTABLISHED 220 state or the peer is deconfigured. 222 8.7. Peer Hold Timer 224 If a system does not receive successive KeepAlive messages (or any SA 225 message) within the period specified by the Hold Timer, then a 226 Notification message with Hold Timer Expired Error Code MUST be sent 227 and the MSDP MUST be connection closed. [Hold-Time-Period] MUST be at 228 least three seconds. A suggested value for [Hold-Time-Period] is 90 229 seconds. 231 The Hold Timer is initialized to [Hold-Time-Period] when the peer's 232 transport connection is established, and is reset to [Hold-Time- 233 Period] when either a KeepAlive or any SA message is received. 235 9. Intermediate MSDP Peers 237 Intermediate RPs do not originate periodic SA messages on behalf of 238 sources in other domains. In general, an RP MUST only originate an SA 239 for its own sources. 241 10. SA Filtering and Policy 243 As the number of (S,G) pairs increases in the Internet, an RP may 244 want to filter which sources it describes in SA messages. Also, 245 filtering may be used as a matter of policy which at the same time 246 can reduce state. Only the RP co-located in the same domain as the 247 source can restrict SA messages. Note, however, that MSDP peers in 248 transit domains should not filter SA messages or the flood-and-join 249 model can not guarantee that sources will be known throughout the 250 Internet (i.e., SA filtering by transit domains can cause undesired 251 lack of connectivity). In general, policy should be expressed using 252 MBGP [RFC2283]. This will cause MSDP messages will flow in the 253 desired direction and peer-RPF fail otherwise. An exception occurs at 254 an administrative scope [RFC2365] boundary. In particular, a SA 255 message for a (S,G) MUST NOT be sent to peers which are on the other 256 side of an administrative scope boundary for G. 258 11. SA Requests 260 If an MSDP peer decides to cache SA state, it MAY accept SA-Requests 261 from other MSDP peers. When an MSDP peer receives an SA-Request for a 262 group range, it will respond to the peer with a set of SA entries, in 263 an SA-Response message, for all active sources sending to the group 264 range requested in the SA-Request message. The peer that sends the 265 request will not flood the responding SA-Response message to other 266 peers. See section 17 for discussion of error handling relating to SA 267 requests and responses. 269 12. Encapsulated Data Packets 271 For bursty sources, the RP may encapsulate multicast data from the 272 source. An interested RP may decapsulate the packet, which SHOULD be 273 forwarded as if a PIM register encapsulated packet was received. That 274 is, if packets are already arriving over the interface toward the 275 source, then the packet is dropped. Otherwise, if the outgoing 276 interface list is non-null, the packet is forwarded appropriately. 277 Note that when doing data encapsulation, an implementation MUST bound 278 the time during which the source which are encapsulated. 280 This allows for small bursts to be received before the multicast tree 281 is built back toward the source's domain. For example, an 282 implementation SHOULD encapsulate at least the first packet to 283 provide service to bursty sources. 285 13. Other Scenarios 287 MSDP is not limited to deployment across different routing domains. 288 It can be used within a routing domain when it is desired to deploy 289 multiple RPs for different group ranges. As long as all RPs have a 290 interconnected MSDP topology, each can learn about active sources as 291 well as RPs in other domains. 293 14. MSDP Peer-RPF Forwarding 295 The MSDP Peer-RPF Forwarding rules are used for forwarding SA 296 messages throughout an MSDP enabled internet. Unlike the RPF check 297 used when forwarding data packets, the Peer-RPF check is against the 298 RP address carried in the SA message. 300 14.1. Peer-RPF Forwarding Rules 302 An SA message originated by an MSDP originator R and received by a 303 MSDP router from MSDP peer N is accepted if N is the appropriate RPF 304 neighbor for originator R, and discarded otherwise. 306 The RPF neighbor is chosen using the first of the following rules 307 that matches: 309 (i). R is the RPF neighbor if we have an MSDP peering with R. 311 (ii). The external MBGP neighbor towards which we are 312 poison-reversing the MBGP route towards R is the RPF neighbor 313 if we have an MSDP peering with it. 315 (iii). If we have any MSDP peerings with neighbors in the first 316 AS along the AS_PATH (the AS from which we learned this 317 route), but no external MBGP peerings with them, 318 pick one via a deterministic rule. 320 (vi). The internal MBGP advertiser of the router towards R is 321 the RPF neighbor if we have an MSDP peering with it. 323 (v). If none of the above match, and we have an MSDP 324 default-peer configured, the MSDP default-peer is 325 the RPF neighbor. 327 14.2. MSDP default-peer semantics 329 A MSDP default-peer is much like a default route. It is intended to 330 be used in those cases where a stub network isn't running BGP or 331 MBGP. An MSDP peer configured with a default-peer accepts all SA 332 messages from the default-peer. Note that a router running BGP or 333 MBGP SHOULD NOT allow configuration of default peers, since this 334 allows the possibility for SA looping to occur. 336 15. MSDP Connection Establishment 338 MSDP messages will be encapsulated in a TCP connection. An MSDP peer 339 listens for new TCP connections on port 639. One side of the MSDP 340 peering relationship will listen on the well-known port and the other 341 side will do an active connect on the well-known port. The side with 342 the higher peer IP address will do the listen. This connection 343 establishment algorithm avoids call collision. Therefore, there is no 344 need for a call collision procedure. It should be noted, however, 345 that the disadvantage of this approach is that it may result in 346 longer startup times at the passive end. 348 An MSDP peer starts in the INACTIVE state. MSDP peers establish 349 peering sessions according to the following state machine: 351 De-configured or 352 disabled 353 +-------------------------------------------+ 354 | | 355 | | 356 Enable | 357 +-----|--------->+----------+ | 358 | | +->| INACTIVE |----------------+ | 359 | | | +----------+ | | 360 Deconf'ed | | | /|\ /|\ | | Lower Address 361 or | | | | | | | 362 disabled | | | | | \|/ | 363 | | | | | | +-------------+ 364 | | | | | +---------------| CONNECTING | 365 | | | | | Timeout or +-------------+ 366 | | | | | Local Address Change | 367 \|/ \|/ | | | | 368 +----------+ | | | | 369 | DISABLED | | | +---------------------+ | TCP Established 370 +----------+ | | | | 371 /|\ /|\ | | Connection Timeout, | | 372 | | | | Local Address change, | | 373 | | | | Authorization Failure | | 374 | | | | | | 375 | | | | | \|/ 376 | | | | +-------------+ 377 | | Local | | | ESTABLISHED | 378 | | Address | | Higher Address +-------------+ 379 | | Change | \|/ /|\ | 380 | | | +--------+ | | 381 | | +--| LISTEN |--------------------+ | 382 | | +--------+ TCP Accept | 383 | | | | 384 | | | | 385 | +---------------+ | 386 | De-configured or | 387 | disabled | 388 | | 389 +------------------------------------------------------+ 390 De-configured or 391 disabled 393 16. Packet Formats 395 MSDP messages will be encoded in TLV format. If an implementation 396 receives a TLV that has length that is longer than expected, the TLV 397 SHOULD be accepted. Any additional data SHOULD be ignored. 399 16.1. MSDP TLV format: 401 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 402 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 403 | Type | Length | Value .... | 404 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 406 Type (8 bits) 407 Describes the format of the Value field. 409 Length (16 bits) 410 Length of Type, Length, and Value fields in octets. The 411 minimum length required is 4 octets. The total length 412 of the TLV should be a multiple of 2 octets. 414 Value (variable length) 415 Format is based on the Type value. See below. The length of 416 the value field is Length field minus 3. All reserved fields 417 in the Value field MUST be transmitted as zeros and ignored on 418 receipt. 420 16.2. Defined TLVs 422 The following TLV Types are defined: 424 Code Type 425 =========================================================== 426 1 IPv4 Source-Active 427 2 IPv4 Source-Active Request 428 3 IPv4 Source-Active Response 429 4 KeepAlive 430 5 Notification 432 Each TLV is described below. 434 16.2.1. IPv4 Source-Active TLV 436 The maximum size SA message that can be sent is 1400 octets. If an 437 MSDP peer needs to originate a message with information greater than 438 1400 octets, it sends successive 1400-octet messages. The 1400 octet 439 size does not include the TCP, IP, layer-2 headers. 441 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 442 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 443 | 1 | x + y | Entry Count | 444 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 445 | RP Address | 446 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 447 | Reserved | Sprefix Len | \ 448 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ \ 449 | Group Address | ) z 450 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ / 451 | Source Address | / 452 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 454 Type 455 IPv4 Source-Active TLV is type 1. 457 Length x 458 Is the length of the control information in the message. x is 459 8 octets (for the first two 32-bit quantities) plus 12 times 460 Entry Count octets. 462 Length y 463 If 0, then there is no data encapsulated. Otherwise an IPv4 464 packet follows and y is the length of the total length field 465 of the IPv4 header encapsulated. If there are multiple SA TLVs 466 in a message, and data is also included, y must be 0 in all SA 467 TLVs except the last one. And the last SA TLV must reflect the 468 source and destination addresses in the IP header of the 469 encapsulated data. 471 Entry Count 472 Is the count of z entries (note above) which follow the RP 473 address field. This is so multiple (S,G)s from the same domain 474 can be encoded efficiently for the same RP address. 476 RP Address 477 The address of the RP in the domain the source has become 478 active in. 480 Reserved 481 The Reserved field MUST be transmitted as zeros and ignored 482 by a receiver. 484 Sprefix Len 485 The route prefix length associated with source address. 486 This field MUST be transmitted as 32 (/32). An Invalid 487 Sprefix Len Notification SHOULD be sent upon receipt 488 of any other value. 490 Group Address 491 The group address the active source has sent data to. 493 Source Address 494 The IP address of the active source. 496 Multiple SA TLVs MAY appear in the same message and can be batched 497 for efficiency at the expense of data latency. This would typically 498 occur on intermediate forwarding of SA messages. 500 16.2.2. IPv4 Source-Active Request TLV 502 The Source-Active Request is used to request SA-state from a caching 503 MSDP peer. If an RP in a domain receives a PIM Join message for a 504 group, creates (*,G) state and wants to know all active sources for 505 group G, and it has been configured to peer with an SA-state caching 506 peer, it may send an SA-Request message for the group. 508 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 509 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 510 | 2 | 8 | Gprefix Len | 511 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 512 | Group Address Prefix | 513 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 515 Type 516 IPv4 Source-Active Request TLV is type 2. 518 Gprefix Len 519 The route prefix length associated with the group address prefix. 521 Group Address 522 The group address the MSDP peer is requesting. 524 16.2.3. IPv4 Source-Active Response TLV 526 The Source-Active Response is sent in response to a Source-Active 527 Request message. The Source-Active Response message has the same 528 format as a Source-Active message but does not allow encapsulation of 529 multicast data. 531 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 532 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 533 | 3 | x | .... | 534 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 536 Type 537 IPv4 Source-Active Response TLV is type 3. 539 Length x 540 Is the length of the control information in the message. x is 8 541 octets (for the first two 32-bit quantities) plus 12 times Entry 542 Count octets. 544 16.2.4. KeepAlive TLV 546 A KeepAlive TLV is sent to an MSDP peer if and only if there were no 547 MSDP messages sent to the peer after a period of time. This message 548 is necessary for the active connect side of the MSDP connection. The 549 passive connect side of the connection knows that the connection will 550 be reestablished when a TCP SYN packet is sent from the active 551 connect side. However, the active connect side will not know when the 552 passive connect side goes down. Therefore, the KeepAlive timeout will 553 be used to reset the TCP connection. 555 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 556 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 557 | 4 | 3 | 558 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 560 The length of the message is 3 octets which encompasses the one octet 561 Type field and the two octet Length field. 563 16.2.5. Notification TLV 565 A Notification message is sent when an error condition is detected, 566 and has the following form: 568 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 569 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 570 | 5 | x + 5 |O| Error Code | 571 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 572 | Error subcode | ... | 573 +-+-+-+-+-+-+-+-+ | 574 | Data | 575 | ... | 576 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 578 Type 579 The Notification TLV is type 5. 581 Length 582 Length is a two octet field with value x + 5, where x is 583 the length of the notification data field. 585 O-bit 586 Open-bit. If clear, the connection will be closed. 588 Error code 589 This 7-bit unsigned integer indicates the type of Notification. 590 The following Error Codes have been defined: 592 Error Code Symbolic Name Reference 594 1 Message Header Error Section 17.1 595 2 SA-Request Error Section 17.2 596 3 SA-Message/SA-Response Error Section 17.3 597 4 Hold Timer Expired Section 17.4 598 5 Finite State Machine Error Section 17.5 599 6 Notification Section 17.6 600 7 Cease Section 17.7 602 Error subcode: 603 This one-octet unsigned integer provides more specific information 604 about the reported error. Each Error Code may have one or more Error 605 Subcodes associated with it. If no appropriate Error Subcode is 606 defined, then a zero (Unspecific) value is used for the Error Subcode 607 field, and the O-bit must be cleared (i.e. the connection will be 608 closed). The used notation in the error description below is: MC = 609 Must Close connection = O-bit clear; CC = Can Close connection = 610 O-bit might be cleared. 612 Message Header Error subcodes: 614 0 - Unspecific (MC) 615 2 - Bad Message Length (MC) 616 3 - Bad Message Type (CC) 618 SA-Request Error subcodes: 620 0 - Unspecific (MC) 621 1 - Does not cache SA (MC) 622 2 - Invalid Group (MC) 624 SA-Message/SA-Response Error subcodes 626 0 - Unspecific (MC) 627 1 - Invalid Entry Count (CC) 628 2 - Invalid RP Address (MC) 629 3 - Invalid Group Address (MC) 630 4 - Invalid Source Address (MC) 631 5 - Invalid Sprefix Length (MC) 632 6 - Looping SA (Self is RP) (MC) 633 7 - Unknown Encapsulation (MC) 634 8 - Administrative Scope Boundary Violated (MC) 636 Hold Timer Expired subcodes (the O-bit is always clear): 638 0 - Unspecific (MC) 640 Finite State Machine Error subcodes: 642 0 - Unspecific (MC) 643 1 - Unexpected Message Type FSM Error (MC) 645 Notification subcodes (the O-bit is always clear): 647 0 - Unspecific (MC) 649 Cease subcodes (the O-bit is always clear): 651 0 - Unspecific (MC) 653 17. MSDP Error Handling 655 This section describes actions to be taken when errors are detected 656 while processing MSDP messages. MSDP Error Handling is similar to 657 that of BGP [RFC1771]. 659 When any of the conditions described here are detected, a 660 Notification message with the indicated Error Code, Error Subcode, 661 and Data fields is sent. In addition, the MSDP connection might be 662 closed. If no Error Subcode is specified, then a zero (Unspecific) 663 must be used. 665 The phrase "the MSDP connection is closed" means that the transport 666 protocol connection has been closed and that all resources for that 667 MSDP connection have been deallocated. 669 17.1. Message Header Error Handling 671 All errors detected while processing the Message Header are indicated 672 by sending the Notification message with Error Code Message Header 673 Error. The Error Subcode describes the specific nature of the error. 674 The Data field contains the erroneous Message (including the message 675 header). 677 If the Length field of the message header is less than 4 or greater 678 than 1400, or the length of a KeepAlive message is not equal to 3, 679 then the Error Subcode is set to Bad Message Length. 681 If the Type field of the message header is not recognized, then the 682 Error Subcode is set to Bad Message Type. 684 17.2. SA-Request Error Handling 686 The SA-Request Error code is used to signal the receipt of a SA 687 request at a non-caching MSDP peer, or at a caching MSDP peer when an 688 invalid group address requested. 690 When a non-caching MSDP peer receives an SA-Request, it returns the 691 following notification: 693 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 694 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 695 | 5 | 12 |O| 2 | 696 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 697 | 1 | Reserved | 698 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 699 | Group Address | 700 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 702 If a caching MSDP peer receives a request for an invalid group, it 703 returns the following notification: 705 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 706 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 707 | 5 | 12 |O| 2 | 708 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 709 | 2 | Reserved | 710 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 711 | Invalid Group Address | 712 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 714 17.3. SA-Message/SA-Response Error Handling 716 The SA-Message/SA-Response Error code is used to signal the receipt 717 of a erroneous SA Message at an MSDP peer, or the receipt of an SA- 718 Response Message by a peer that did not issue a SA-Request. It has 719 the following form: 721 17.3.1. Invalid Entry Count (IEC) 723 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 724 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 725 | 5 | 6 |O| 3 | 726 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 727 | 1 | IEC | 728 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 730 17.3.2. Invalid RP Address 732 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 733 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 734 | 5 | 12 |O| 3 | 735 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 736 | 2 | Reserved | 737 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 738 | Invalid RP Address | 739 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 741 17.3.3. Invalid Group Address 743 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 744 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 745 | 5 | 12 |O| 3 | 746 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 747 | 3 | Reserved | 748 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 749 | Invalid Group Address | 750 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 752 17.3.4. Invalid Source Address 754 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 755 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 756 | 5 | 12 |O| 3 | 757 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 758 | 4 | Reserved | 759 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 760 | Invalid Source Address | 761 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 763 17.3.5. Invalid Sprefix Length (ISL) 765 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 766 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 767 | 5 | 6 |O| 3 | 768 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 769 | 5 | ISL | 770 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 772 17.3.6. Looping SAs (Self is RP in received SA) 774 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 775 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 776 | 5 | x + 5 |O| 3 | 777 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 778 | 6 | Looping SA Message .... 779 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 781 Length x 782 x is the length of the looping SA message contained in the data 783 field of the Notification message. 785 17.3.7. Unknown Encapsulation 787 This notification is sent on receipt of SA data that is encapsulated 788 in an unknown encapsulation type. See section 18 for known 789 encapsulations. 791 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 792 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 793 | 5 | x + 5 |O| 3 | 794 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 795 | 7 | SA Message .... 796 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 798 Length x 799 x is the length of the SA message (which contained data which 800 was encapsulated in some unknown way) that is with contained in the 801 data field of the Notification message. 803 17.3.8. Adminstrative Scope Boundary Violated 805 This notification is used when an SA message is received for a group 806 G from a peer which is across an administrative scope boundary for G. 808 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 809 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 810 | 5 | 16 |O| 3 | 811 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 812 | 8 | Reserved | 813 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 814 | Peer IP Address | 815 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 816 | Group Address | 817 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 819 17.4. Hold Time Expired 821 If a system does not receive successive KEEPALIVE or any SA Message 822 and/or Notification messages within the period specified in the Hold 823 Timer, then the notification message with Hold Timer Expired Error 824 Code must be sent and the MSDP connection closed. 826 17.5. Finite State Machine Error Handling 828 Any error detected by the MSDP Finite State Machine (e.g., receipt of 829 an unexpected event) is indicated by sending the Notification message 830 with Error Code Finite State Machine Error. 832 17.6. Notification Message Error Handling 834 If a node sends a Notification message, and there is an error in that 835 message, and the O-bit of that message is not clear, a Notification 836 with O-bit clear, Error Code of Notification Error, and subcode 837 Unspecific must be sent. In addition, the Data field must include 838 the Notification message that triggered the error. However, if the 839 erroneous Notification message had the O-bit clear, then any error, 840 such as an unrecognized Error Code or Error Subcode, should be 841 noticed, logged locally, and brought to the attention of the 842 administrator of the remote node. 844 17.7. Cease 846 In absence of any fatal errors (that are indicated in this section), 847 an MSDP node may choose at any given time to close its MSDP 848 connection by sending the Notification message with Error Code Cease. 849 However, the Cease Notification message MUST NOT be used when a fatal 850 error indicated by this section does exist. 852 18. SA Data Encapsulation 854 This section describes UDP, GRE, and TCPC encapsulation of SA data. 855 Encapsulation type is a configuration option. 857 18.1. UDP Data Encapsulation 859 Data packets MAY be encapsulated in UDP. In this case, the UDP 860 pseudo-header has the following form: 862 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 863 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 864 | Source Port | Destination Port | 865 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 866 | Length | Checksum | 867 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 868 | Origin RP Address | 869 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 870 The Source port, Destination Port, Length, and Checksum are used 871 according to RFC 768. Source and Destination ports are known via an 872 implementation-specific method (e.g. per-peer configuration). 874 Checksum 875 The checksum is computed according to RFC 768 [RFC768]. 877 Originating RP Address 878 The Originating RP Address is the address of the RP sending 879 the encapsulated data. 881 18.2. GRE Encapsulation 883 MSDP SA-data MAY be encapsulated in GRE using protocol type [MSDP- 884 GRE-ProtocolType]. The GRE header and payload packet have the 885 following form: 887 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 888 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 889 |C| Reserved0 | Ver | [MSDP-GRE-ProtocolType] |\ 890 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ GRE Header 891 | Checksum (optional) | Reserved1 |/ 892 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 893 | Originating RP IPv4 Address |\ 894 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Payload 895 | (S,G) Data Packet .... / 896 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 898 18.2.1. GRE Encapsulation and Path MTU Discovery [RFC1191] 900 Existing implementations of GRE, when using IPv4 as the Delivery 901 Header, do not implement Path MTU discovery and do not set the Don't 902 Fragment bit in the Delivery Header. This can cause large packets to 903 become fragmented within the tunnel and reassembled at the tunnel 904 exit (independent of whether the payload packet is using PMTU). If a 905 tunnel entry point were to use Path MTU discovery, however, that 906 tunnel entry point would also need to relay ICMP unreachable error 907 messages (in particular the "fragmentation needed and DF set" code) 908 back to the originator of the packet, which is not required by the 909 GRE specification [GRE]. Failure to properly relay Path MTU 910 information to an originator can result in the following behavior: 911 the originator sets the don't fragment bit, the packet gets dropped 912 within the tunnel, but since the originator doesn't receive proper 913 feedback, it retransmits with the same PMTU, causing subsequently 914 transmitted packets to be dropped. 916 18.3. TCP Data Encapsulation 918 As discussed earlier, encapsulation of data in SA messages MAY be 919 supported for backwards compatibility with legacy MSDP peers. 921 19. Security Considerations 923 An MSDP implementation MAY use IPsec [RFC1825] or keyed MD5 [RFC1828] 924 to secure control messages. When encapsulating SA data in GRE, 925 security should be relatively similar to security in a normal IPv4 926 network, as routing using GRE follows the same routing that IPv4 uses 927 natively. Route filtering will remain unchanged. However packet 928 filtering at a firewall requires either that a firewall look inside 929 the GRE packet or that the filtering is done on the GRE tunnel 930 endpoints. In those environments in which this is considered to be a 931 security issue it may be desirable to terminate the tunnel at the 932 firewall. 934 20. Acknowledgments 936 The authors would like to thank Bill Nickless, John Meylor, Liming 937 Wei, Manoj Leelanivas, Mark Turner, John Zwiebel, and Cristina 938 Radulescu-Banu for their design feedback and comments. In addition to 939 many other contributions, Tom Pusateri helped to clarify the 940 connection state machine, Dave Thaler helped to clarify the 941 Notification message types, and Bill Fenner helped to clarify the 942 Peer-RPF rules. 944 21. Author's Address: 946 Dino Farinacci 947 Procket Networks 948 3850 No. First St., Ste. C 949 San Jose, CA 95134 950 Email: dino@procket.com 952 Yakov Rehkter 953 Cisco Systems, Inc. 954 170 Tasman Drive 955 San Jose, CA, 95134 956 Email: yakov@cisco.com 958 Peter Lothberg 959 Sprint 960 VARESA0104 961 12502 Sunrise Valley Drive 962 Reston VA, 20196 963 Email: roll@sprint.net 965 Hank Kilmer 966 Email: hank@rem.com 968 Jeremy Hall 969 UUnet Technologies 970 3060 Williams Drive 971 Fairfax, VA 22031 972 Email: jhall@uu.net 974 David Meyer 975 Cisco Systems, Inc. 976 170 Tasman Drive 977 San Jose, CA, 95134 978 Email: dmm@cisco.com 980 22. REFERENCES 982 [GRE] Farinacci, D., et al., "Generic Routing Encapsulation 983 (GRE)", draft-meyer-gre-update-02.txt, January, 984 2000. Work in Progress. 986 [RFC768] Postel, J. "User Datagram Protocol", RFC 768, August, 987 1980. 989 [RFC1191] Mogul, J., and S. Deering, "Path MTU Discovery", 990 RFC 1191, November 1990. 992 [RFC1771] Rekhter, Y., and T. Li, "A Border Gateway Protocol 4 993 (BGP-4)", RFC 1771, March 1995. 995 [RFC1825] Atkinson, R., "Security Architecture for the Internet 996 Protocol", RFC 1825, August, 1995. 998 [RFC1828] P. Metzger and W. Simpson, "IP Authentication using 999 Keyed MD5", RFC 1828, August, 1995. 1001 [RFC2119] S. Bradner, "Key words for use in RFCs to Indicate 1002 Requirement Levels", RFC 2119, March, 1997. 1004 [RFC2283] Bates, T., Chandra, R., Katz, D., and Y. Rekhter., 1005 "Multiprotocol Extensions for BGP-4", RFC 2283, 1006 February 1998. 1008 [RFC2362] Estrin D., et al., "Protocol Independent Multicast - 1009 Sparse Mode (PIM-SM): Protocol Specification", RFC 1010 2362, June 1998. 1012 [RFC2365] Meyer, D. "Administratively Scoped IP Multicast", RFC 1013 2365, July, 1998.