idnits 2.17.00 (12 Aug 2021) /tmp/idnits50951/draft-ietf-msdp-spec-08.txt: ** The Abstract section seems to be numbered Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** Missing expiration date. The document expiration date should appear on the first and last page. ** The document seems to lack a 1id_guidelines paragraph about Internet-Drafts being working documents. ** The document is more than 15 pages and seems to lack a Table of Contents. == No 'Intended status' indicated for this document; assuming Proposed Standard == The page length should not exceed 58 lines per page, but there was 27 longer pages, the longest (page 2) being 60 lines == It seems as if not all pages are separated by form feeds - found 0 form feeds but 28 pages Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an Introduction section. ** The document seems to lack separate sections for Informative/Normative References. All references will be assumed normative when checking for downward references. ** There are 13 instances of too long lines in the document, the longest one being 7 characters in excess of 72. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not match the current year == The document seems to lack the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. (The document does seem to have the reference to RFC 2119 which the ID-Checklist requires). == Using lowercase 'not' together with uppercase 'MUST', 'SHALL', 'SHOULD', or 'RECOMMENDED' is not an accepted usage according to RFC 2119. Please use uppercase 'NOT' together with RFC 2119 keywords (if that is what you mean). Found 'MUST not' in this paragraph: RPs which originate SA messages do it periodically as long as there is data being sent by the source. There is one SA-Advertisement-Timer covering the sources that an RP may advertise. [SA-Advertisement-Period] MUST be 60 seconds. An RP MUST not send more than one periodic SA message for a given (S,G) within an SA Advertisement interval. Originating periodic SA messages is important so that new receivers who join after a source has been active can get data quickly via the receiver's own RP. Finally, an originating RP SHOULD trigger the transmission of an SA message as soon as it receives data from an internal source for the first time. -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- Couldn't find a document date in the document -- date freshness check skipped. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'SA-Advertisement-Period' is mentioned on line 164, but not defined == Missing Reference: 'SA-State-Period' is mentioned on line 182, but not defined == Missing Reference: 'SA-Hold-Down-Period' is mentioned on line 190, but not defined == Missing Reference: 'KeepAlive-Period' is mentioned on line 200, but not defined == Missing Reference: 'ConnectRetry-Period' is mentioned on line 211, but not defined == Missing Reference: 'Hold-Time-Period' is mentioned on line 224, but not defined == Missing Reference: 'MSDP-GRE-ProtocolType' is mentioned on line 907, but not defined == Unused Reference: 'RFC1700' is defined on line 982, but no explicit reference was found in the text -- Possible downref: Non-RFC (?) normative reference: ref. 'IANA' ** Obsolete normative reference: RFC 1700 (Obsoleted by RFC 3232) ** Obsolete normative reference: RFC 1771 (Obsoleted by RFC 4271) ** Obsolete normative reference: RFC 1825 (Obsoleted by RFC 2401) ** Downref: Normative reference to an Historic RFC: RFC 1828 ** Obsolete normative reference: RFC 2283 (Obsoleted by RFC 2858) ** Obsolete normative reference: RFC 2362 (Obsoleted by RFC 4601, RFC 5059) Summary: 14 errors (**), 0 flaws (~~), 14 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 Network Working Group David Meyer (Editor) 2 INTERNET DRAFT 3 Category Standards Track 4 April, 2001 6 Multicast Source Discovery Protocol (MSDP) 7 9 1. Status of this Memo 11 This document is an Internet-Draft and is in full conformance with 12 all provisions of Section 10 of RFC 2026. 14 Internet Drafts are working documents of the Internet Engineering 15 Task Force (IETF), its areas, and its working groups. Note that other 16 groups may also distribute working documents as Internet-Drafts. 18 Internet-Drafts are draft documents valid for a maximum of six months 19 and may be updated, replaced, or obsoleted by other documents at any 20 time. It is inappropriate to use Internet-Drafts as reference 21 material or to cite them other than as "work in progress." 23 The list of current Internet-Drafts can be accessed at 24 http://www.ietf.org/ietf/1id-abstracts.txt. 26 The list of Internet-Draft Shadow Directories can be accessed at 27 http://www.ietf.org/shadow.html. 29 2. Abstract 31 The Multicast Source Discovery Protocol, MSDP, describes a mechanism 32 to connect multiple PIM-SM domains together. Each PIM-SM domain uses 33 its own independent RP(s) and does not have to depend on RPs in other 34 domains. 36 3. Copyright Notice 38 Copyright (C) The Internet Society (2000). All Rights Reserved. 40 4. Introduction 42 The Multicast Source Discovery Protocol, MSDP, describes a mechanism 43 to connect multiple PIM-SM domains together. Each PIM-SM domain uses 44 its own independent RP(s) and does not have to depend on RPs in other 45 domains. Advantages of this approach include: 47 o No Third-party resource dependencies on RP 49 PIM-SM domains can rely on their own RPs only. 51 o Receiver only Domains 53 Domains with only receivers get data without globally 54 advertising group membership. 56 The keywords MUST, MUST NOT, MAY, OPTIONAL, REQUIRED, RECOMMENDED, 57 SHALL, SHALL NOT, SHOULD, SHOULD NOT are to be interpreted as defined 58 in RFC 2119 [RFC2119]. 60 5. Overview 62 MSDP-speaking routers in a PIM-SM [RFC2362] domain will have a MSDP 63 peering relationship with MSDP peers in another domain. The peering 64 relationship will be made up of a TCP connection in which control 65 information is exchanged. Each domain will have one or more 66 connections to this virtual topology. 68 The purpose of this topology is to allow domains discover multicast 69 sources from other domains. If the multicast sources are of interest 70 to a domain which has receivers, the normal source-tree building 71 mechanism in PIM-SM will be used to deliver multicast data over an 72 inter-domain distribution tree. 74 We envision this virtual topology will essentially be congruent to 75 the existing BGP topology used in the unicast-based Internet today. 76 That is, the TCP connections between MSDP peers are likely to be 77 congruent to the connections in the BGP routing system. 79 6. Procedure 81 A source in a PIM-SM domain originates traffic to a multicast group. 82 The PIM DR which is directly connected to the source sends the data 83 encapsulated in a PIM Register message to the RP in the domain. 85 The RP will construct a "Source-Active" (SA) message and send it to 86 its MSDP peers. The SA message contains the following fields: 88 o Source address of the data source. 89 o Group address the data source sends to. 90 o IP address of the RP. 92 Each MSDP peer receives and forwards the message away from the RP 93 address in a "peer-RPF flooding" fashion. The notion of peer-RPF 94 flooding is with respect to forwarding SA messages. The BGP routing 95 table is examined to determine which peer is the NEXT_HOP towards the 96 originating RP of the SA message. Such a peer is called an "RPF 97 peer". See section 14 below for the details of peer-RPF forwarding. 99 If the MSDP peer receives the SA from a non-RPF peer towards the 100 originating RP, it will drop the message. Otherwise, it forwards the 101 message to all its MSDP peers (except the one from which it received 102 the SA message). 104 The flooding can be further constrained to children of the peer by 105 interrogating BGP reachability information. That is, if a BGP peer 106 advertises a route (back to you) and you are the next to last AS in 107 the AS_PATH, the peer is using you as the NEXT_HOP. This is known in 108 other circles as Split-Horizon with Poison Reverse. An implementation 109 SHOULD NOT forward SA messages (which were originated from the RP 110 address covered by a route) to peers which have not Poison Reversed 111 that route. 113 When an MSDP peer which is also an RP for its own domain receives a 114 new SA message, it determines if it has any group members interested 115 in the group which the SA message describes. That is, the RP checks 116 for a (*,G) entry with a non-empty outgoing interface list; this 117 implies that the domain is interested in the group. In this case, the 118 RP triggers a (S,G) join event towards the data source as if a 119 Join/Prune message was received addressed to the RP itself. This sets 120 up a branch of the source-tree to this domain. Subsequent data 121 packets arrive at the RP which are forwarded down the shared-tree 122 inside the domain. If leaf routers choose to join the source-tree 123 they have the option to do so according to existing PIM-SM 124 conventions. Finally, if an RP in a domain receives a PIM Join 125 message for a new group G, the RP SHOULD trigger a (S,G) join event 126 for each SA for that group in its cache. 128 This procedure has been affectionately named flood-and-join because 129 if any RP is not interested in the group, they can ignore the SA 130 message. Otherwise, they join a distribution tree. 132 7. Caching 134 A MSDP speaker MUST cache SA messages. Caching allows pacing of MSDP 135 messages as well as reducing join latency for new receivers of a 136 group G at an orginating RP which has existing MSDP (S,G) state. In 137 addition, caching greatly aids in diagnosis and debugging of various 138 problems. 140 8. Timers 142 The main timers for MSDP are: SA-Advertisement-Timer, SA-Hold-Down- 143 Timer, SA Cache Entry timer, KeepAlive timer, and ConnectRetry and 144 Peer Hold Timer. Each is considered below. 146 8.1. SA-Advertisement-Timer 148 RPs which originate SA messages do it periodically as long as there 149 is data being sent by the source. There is one SA-Advertisement-Timer 150 covering the sources that an RP may advertise. [SA-Advertisement- 151 Period] MUST be 60 seconds. An RP MUST not send more than one 152 periodic SA message for a given (S,G) within an SA Advertisement 153 interval. Originating periodic SA messages is important so that new 154 receivers who join after a source has been active can get data 155 quickly via the receiver's own RP. Finally, an originating RP SHOULD 156 trigger the transmission of an SA message as soon as it receives data 157 from an internal source for the first time. 159 8.2. SA-Advertisement-Timer Processing 161 An RP MUST spread the generation of periodic SA messages over its 162 reporting interval (i.e. SA-Advertisement-Period). An RP starts the 163 SA-Advertisement-Timer when the MSDP process is configured. When the 164 timer expires, an RP resets the timer to [SA-Advertisement-Period] 165 seconds, and begins the advertisement of its active sources. Active 166 sources are advertised in the following manner: An RP packs its 167 active sources into an SA message until the largest MSDP packet that 168 can be sent is built or there are no more sources, and then sends the 169 message. This process is repeated periodically within the SA- 170 Advertisement-Period in such a way that all of the RP's sources are 171 advertised. Note that the largest MSDP packet that can be sent has 172 size that is the minimum of MTU of outgoing link minus size of TCP 173 and IP headers, and 1400 (largest MSDP packet). Finally, the timer is 174 deleted when the MSDP process is deconfigured. 176 8.3. SA Cache Timeout (SA-State-Timer) 178 Each entry in an SA Cache has an associated SA-State-Timer. A 179 (S,G)-SA-State-Timer is started when an (S,G)-SA message is initially 180 received by a MSDP peer. The timer is reset to [SA-State-Period] if 181 another (S,G)-SA message is received before the (S,G)-SA-State-Timer 182 expires. [SA-State-Period] MUST NOT be less than 90 seconds. 184 8.4. SA-Hold-Down-Timer 186 The per-(S,G) timer is set to [SA-Hold-Down-Period] when forwarding 187 an SA message, and a SA message MUST only be forwarded when it's 188 associated timer is not running. [SA-Hold-Down-Period] SHOULD be set 189 to 30 seconds. A MSDP peer MUST NOT forward a (S,G)-SA message it has 190 received in during the previous [SA-Hold-Down-Period] seconds. 191 Finally, the timer is deleted when the SA cache entry is deleted. 193 8.5. KeepAlive Timer 195 The KeepAlive timer contols when to send MSDP KeepAlive messages. In 196 particular, the KeepAlive timer is used to reset the TCP connection 197 when the passive-connect side of the connection goes down. The 198 KeepAlive timer is set to [KeepAlive-Period] when the passive-connect 199 peer comes up. [KeepAlive-Period] SHOULD NOT be less that 75 seconds. 200 The timer is reset to [KeepAlive-Period] upon receipt of an MSDP 201 message from peer, and deleted when the timer expires or the 202 passive-connect peer closes the connection. 204 8.6. ConnectRetry Timer 206 The ConnectRetry timer is used by an MSDP peer to transition from 207 INACTIVE to CONNECTING states. There is one timer per peer, and the 208 [ConnectRetry-Period] SHOULD be set to 30 seconds. The timer is 209 initialized to [ConnectRetry-Period] when an MSDP peer's active 210 connect attempt fails. When the timer expires, the peer retries the 211 connection and the timer is reset to [ConnectRetry-Period]. It is 212 deleted if either the connection transitions into ESTABLISHED state 213 or the peer is deconfigured. 215 8.7. Peer Hold Timer 217 If a system does not receive successive KeepAlive messages (or any SA 218 message) within the period specified by the Hold Timer, then a 219 Notification message with Hold Timer Expired Error Code MUST be sent 220 and the MSDP connection MUST be closed. [Hold-Time-Period] MUST be at 221 least three seconds. A suggested value for [Hold-Time-Period] is 90 222 seconds. 224 The Hold Timer is initialized to [Hold-Time-Period] when the peer's 225 transport connection is established, and is reset to [Hold-Time- 226 Period] when any MSDP message is received. 228 9. Intermediate MSDP Peers 230 Intermediate RPs do not originate periodic SA messages on behalf of 231 sources in other domains. In general, an RP MUST only originate an SA 232 for a source which would register to it. 234 10. SA Filtering and Policy 236 As the number of (S,G) pairs increases in the Internet, an RP may 237 want to filter which sources it describes in SA messages. Also, 238 filtering may be used as a matter of policy which at the same time 239 can reduce state. Only the RP co-located in the same domain as the 240 source can restrict SA messages. Note, however, that MSDP peers in 241 transit domains should not filter SA messages or the flood-and-join 242 model can not guarantee that sources will be known throughout the 243 Internet (i.e., SA filtering by transit domains can cause undesired 244 lack of connectivity). In general, policy should be expressed using 245 MBGP [RFC2283]. This will cause MSDP messages to flow in the desired 246 direction and peer-RPF fail otherwise. An exception occurs at an 247 administrative scope [RFC2365] boundary. In particular, a SA message 248 for a (S,G) MUST NOT be sent to peers which are on the other side of 249 an administrative scope boundary for G. 251 11. SA Requests 253 A MSDP speaker MAY accept SA-Requests from other MSDP peers. When an 254 MSDP speaker receives an SA-Request for a group range, it will 255 respond to the peer with a set of SA entries, in an SA-Response 256 message, for all active sources sending to the group range requested 257 in the SA-Request message. The peer that sends the request will not 258 flood the responding SA-Response message to other peers. See section 259 17 for discussion of error handling relating to SA requests and 260 responses. 262 12. Encapsulated Data Packets 264 For bursty sources, the RP may encapsulate multicast data from the 265 source. An interested RP may decapsulate the packet, which SHOULD be 266 forwarded as if a PIM register encapsulated packet was received. That 267 is, if packets are already arriving over the interface toward the 268 source, then the packet is dropped. Otherwise, if the outgoing 269 interface list is non-null, the packet is forwarded appropriately. 270 Note that when doing data encapsulation, an implementation MUST bound 271 the time during which packets are encapsulated. 273 This allows for small bursts to be received before the multicast tree 274 is built back toward the source's domain. For example, an 275 implementation SHOULD encapsulate at least the first packet to 276 provide service to bursty sources. 278 13. Other Scenarios 280 MSDP is not limited to deployment across different routing domains. 281 It can be used within a routing domain when it is desired to deploy 282 multiple RPs for the same group ranges. As long as all RPs have a 283 interconnected MSDP topology, each can learn about active sources as 284 well as RPs in other domains. 286 14. MSDP Peer-RPF Forwarding 288 The MSDP Peer-RPF Forwarding rules are used for forwarding SA 289 messages throughout an MSDP enabled internet. Unlike the RPF check 290 used when forwarding data packets, the Peer-RPF check is against the 291 RP address carried in the SA message. 293 14.1. Peer-RPF Forwarding Rules 295 An SA message originated by R and received by X 296 from N is accepted if N is the peer-RPF neighbor for R, and is 297 discarded otherwise. 299 MP(R,N) MP(N,X) 300 R ---------....-------> N ------------------> X 301 SA(S,G,R) SA(S,G,R) 303 Where MP(R,N) is an MSDP peering path (one or more 304 MSDP peers) between R and N, and SA(S,G,R) is an 305 SA message for source S on group G orignated by 306 an RP R. 308 The peer-RPF neighbor is chosen deterministically, 309 using the first of the following rules that matches. 311 X accepts the SA from R forwarded by N if : 313 (i). R is the RPF neighbor of X if we have an MSDP peering 314 with R (e.g. N == R). 316 (ii). N is the RPF neighbor of X if N is a MSDP peer of 317 X and N is the next hop toward R. 319 (iii) N is the RPF neighbor of X if N resides in the first AS 320 towards R and N has a higher IP address than any other 321 MSDP peer of X that resides in first AS towards R. 323 (iv). N is the RPF neighbor of X if (intra-domain case): 325 (a). N == R (i.e. N originated the SA), or 327 (b). X and N are part of a MSDP Mesh Group. Note that in 328 this case every member of mesh group is an peer-RPF 329 neighbor of X. 331 (v). If none of the above match, and we have an 332 MSDP default-peer configured, the MSDP 333 default-peer is the RPF neighbor. 335 14.2. MSDP default-peer semantics 337 An MSDP default-peer is much like a default route. It is intended to 338 be used in those cases where a stub network isn't running BGP. An 339 MSDP peer configured with a default-peer accepts all SA messages from 340 the default-peer. Note that a router running BGP SHOULD NOT allow 341 configuration of default peers, since this allows the possibility for 342 SA looping or black-holes to occur. 344 14.3. MSDP mesh-group semantics 346 A MSDP mesh-group is a operational mechanism for reducing SA 347 flooding, typically in an intra-domain setting. In particular, when 348 some subset of a domain's MSDP speakers are fully meshed, then can be 349 configured into a mesh-group. The semantics of the mesh-group are as 350 follows: 352 (i). If a member R of a mesh-group M receives a SA message from an 353 MSDP peer that is also a member of mesh-group M, R accepts the 354 SA message and forwards it to all of it's peers that are not 355 part of any mesh-group. R MUST NOT forward the SA message to 356 other members of mesh-group M. 358 (ii). If a member R of a mesh-group M receives a SA message from an 359 MSDP peer that is not a member of mesh-group M, and the SA 360 message passes the peer-RPF check, then R forwards the SA 361 message to all members of mesh-group M. 363 Note that since mesh-groups suspend peer-RPF checking of SAs received 364 from a mesh-group member ((i). above), they allow for mis- 365 configuration to cause SA looping. 367 15. MSDP Connection Establishment 369 MSDP messages will be encapsulated in a TCP connection. An MSDP peer 370 listens for new TCP connections on port 639. One side of the MSDP 371 peering relationship will listen on the well-known port and the other 372 side will do an active connect to the well-known port. The side with 373 the higher peer IP address will do the listen. This connection 374 establishment algorithm avoids call collision. Therefore, there is no 375 need for a call collision procedure. It should be noted, however, 376 that the disadvantage of this approach is that it may result in 377 longer startup times at the passive end. 379 An MSDP peer starts in the INACTIVE state. MSDP peers establish 380 peering sessions according to the following state machine: 382 De-configured or 383 disabled 384 +-------------------------------------------+ 385 | | 386 | | 387 Enable | 388 +-----|--------->+----------+ Connect Retry Timer | 389 | | +->| INACTIVE |----------------+ | 390 | | | +----------+ | | 391 Deconf'ed | | | /|\ /|\ | | Lower Address 392 or | | | | | | | 393 disabled | | | | | \|/ | 394 | | | | | | +-------------+ 395 | | | | | +---------------| CONNECTING | 396 | | | | | Timeout or +-------------+ 397 | | | | | Local Address Change | 398 \|/ \|/ | | | | 399 +----------+ | | | | 400 | DISABLED | | | +---------------------+ | TCP Established 401 +----------+ | | | | 402 /|\ /|\ | | Connection Timeout, | | 403 | | | | Local Address change, | | 404 | | | | Authorization Failure | | 405 | | | | | | 406 | | | | | \|/ 407 | | | | +-------------+ 408 | | Local | | | ESTABLISHED | 409 | | Address | | Higher Address +-------------+ 410 | | Change | \|/ /|\ | 411 | | | +--------+ | | 412 | | +--| LISTEN |--------------------+ | 413 | | +--------+ TCP Accept | 414 | | | | 415 | | | | 416 | +---------------+ | 417 | De-configured or | 418 | disabled | 419 | | 420 +------------------------------------------------------+ 421 De-configured or 422 disabled 424 16. Packet Formats 426 MSDP messages will be encoded in TLV format. If an implementation 427 receives a TLV that has length that is longer than expected, the TLV 428 SHOULD be accepted. Any additional data SHOULD be ignored. 430 16.1. MSDP TLV format: 432 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 433 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 434 | Type | Length | Value .... | 435 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 437 Type (8 bits) 438 Describes the format of the Value field. 440 Length (16 bits) 441 Length of Type, Length, and Value fields in octets. 442 minimum length required is 4 octets, except for 443 Keepalive messages. 445 Value (variable length) 446 Format is based on the Type value. See below. The length of 447 the value field is Length field minus 3. All reserved fields 448 in the Value field MUST be transmitted as zeros and ignored on 449 receipt. 451 16.2. Defined TLVs 453 The following TLV Types are defined: 455 Code Type 456 =========================================================== 457 1 IPv4 Source-Active 458 2 IPv4 Source-Active Request 459 3 IPv4 Source-Active Response 460 4 KeepAlive 461 5 Notification 463 Each TLV is described below. 465 16.2.1. IPv4 Source-Active TLV 467 The maximum size SA message that can be sent is 1400 octets. If an 468 MSDP peer needs to originate a message with information greater than 469 1400 octets, it sends successive 1400 octet or smaller messages. The 470 1400 octet size does not include the TCP, IP, layer-2 headers. 472 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 473 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 474 | 1 | x + y | Entry Count | 475 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 476 | RP Address | 477 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 478 | Reserved | Sprefix Len | \ 479 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ \ 480 | Group Address | ) z 481 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ / 482 | Source Address | / 483 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 485 Type 486 IPv4 Source-Active TLV is type 1. 488 Length x 489 Is the length of the control information in the message. x is 490 8 octets (for the first two 32-bit quantities) plus 12 times 491 Entry Count octets. 493 Length y 494 If 0, then there is no data encapsulated. Otherwise an IPv4 495 packet follows and y is the length of the total length field 496 of the IPv4 header encapsulated. If there are multiple SA TLVs 497 in a message, and data is also included, y must be 0 in all SA 498 TLVs except the last one and the last SA TLV must reflect the 499 source and destination addresses in the IP header of the 500 encapsulated data. 502 Entry Count 503 Is the count of z entries (note above) which follow the RP 504 address field. This is so multiple (S,G)s from the same domain 505 can be encoded efficiently for the same RP address. 507 RP Address 508 The address of the RP in the domain the source has become 509 active in. 511 Reserved 512 The Reserved field MUST be transmitted as zeros and ignored 513 by a receiver. 515 Sprefix Len 516 The route prefix length associated with source address. 517 This field MUST be transmitted as 32 (/32). An Invalid 518 Sprefix Len Notification SHOULD be sent upon receipt 519 of any other value. 521 Group Address 522 The group address the active source has sent data to. 524 Source Address 525 The IP address of the active source. 527 Multiple SA TLVs MAY appear in the same message and can be batched 528 for efficiency at the expense of data latency. This would typically 529 occur on intermediate forwarding of SA messages. 531 16.2.2. IPv4 Source-Active Request TLV 533 The Source-Active Request is used to request SA-state from a MSDP 534 peer. If an RP in a domain receives a PIM Join message for a group, 535 creates (*,G) state and wants to know all active sources for group G, 536 it may send an SA-Request message for the group. 538 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 539 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 540 | 2 | 8 | Reserved | 541 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 542 | Group Address Prefix | 543 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 545 Type 546 IPv4 Source-Active Request TLV is type 2. 548 Reserved 549 Must be transmitted as zero and ignored on receipt. 551 Group Address 552 The group address the MSDP peer is requesting. 554 16.2.3. IPv4 Source-Active Response TLV 556 The Source-Active Response is sent in response to a Source-Active 557 Request message. The Source-Active Response message has the same 558 format as a Source-Active message but does not allow encapsulation of 559 multicast data. 561 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 562 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 563 | 3 | x | .... | 564 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 566 Type 567 IPv4 Source-Active Response TLV is type 3. 569 Length x 570 Is the length of the control information in the message. x is 8 571 octets (for the first two 32-bit quantities) plus 12 times Entry 572 Count octets. 574 16.2.4. KeepAlive TLV 576 A KeepAlive TLV is sent to an MSDP peer if and only if there were no 577 MSDP messages sent to the peer after a period of time. This message 578 is necessary for the active connect side of the MSDP connection. The 579 passive connect side of the connection knows that the connection will 580 be reestablished when a TCP SYN packet is sent from the active 581 connect side. However, the active connect side will not know when the 582 passive connect side goes down. Therefore, the KeepAlive timeout will 583 be used to reset the TCP connection. 585 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 586 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 587 | 4 | 3 | 588 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 590 The length of the message is 3 octets which encompasses the one octet 591 Type field and the two octet Length field. 593 16.2.5. Notification TLV 595 A Notification message is sent when an error condition is detected, 596 and has the following form: 598 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 599 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 600 | 5 | x + 5 |O| Error Code | 601 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 602 | Error subcode | ... | 603 +-+-+-+-+-+-+-+-+ | 604 | Data | 605 | ... | 606 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 608 Type 609 The Notification TLV is type 5. 611 Length 612 Length is a two octet field with value x + 5, where x is 613 the length of the notification data field. 615 O-bit 616 Open-bit. If clear, the connection will be closed. 618 Error code 619 This 7-bit unsigned integer indicates the type of Notification. 620 The following Error Codes have been defined: 622 Error Code Symbolic Name Reference 624 1 Message Header Error Section 17.1 625 2 SA-Request Error Section 17.2 626 3 SA-Message/SA-Response Error Section 17.3 627 4 Hold Timer Expired Section 17.4 628 5 Finite State Machine Error Section 17.5 629 6 Notification Section 17.6 630 7 Cease Section 17.7 632 Error subcode: 633 This one-octet unsigned integer provides more specific information 634 about the reported error. Each Error Code may have one or more Error 635 Subcodes associated with it. If no appropriate Error Subcode is 636 defined, then a zero (Unspecific) value is used for the Error Subcode 637 field, and the O-bit must be cleared (i.e. the connection will be 638 closed). The used notation in the error description below is: MC = 639 Must Close connection = O-bit clear; CC = Can Close connection = 640 O-bit might be cleared. 642 Message Header Error subcodes: 644 0 - Unspecific (MC) 645 2 - Bad Message Length (MC) 646 3 - Bad Message Type (CC) 648 SA-Request Error subcodes: 650 0 - Unspecific (MC) 651 1 - Invalid Group (MC) 653 SA-Message/SA-Response Error subcodes 655 0 - Unspecific (MC) 656 1 - Invalid Entry Count (CC) 657 2 - Invalid RP Address (MC) 658 3 - Invalid Group Address (MC) 659 4 - Invalid Source Address (MC) 660 5 - Invalid Sprefix Length (MC) 661 6 - Looping SA (Self is RP) (MC) 662 7 - Unknown Encapsulation (MC) 663 8 - Administrative Scope Boundary Violated (MC) 665 Hold Timer Expired subcodes (the O-bit is always clear): 667 0 - Unspecific (MC) 669 Finite State Machine Error subcodes: 671 0 - Unspecific (MC) 672 1 - Unexpected Message Type FSM Error (MC) 674 Notification subcodes (the O-bit is always clear): 676 0 - Unspecific (MC) 678 Cease subcodes (the O-bit is always clear): 680 0 - Unspecific (MC) 682 17. MSDP Error Handling 684 This section describes actions to be taken when errors are detected 685 while processing MSDP messages. MSDP Error Handling is similar to 686 that of BGP [RFC1771]. 688 When any of the conditions described here are detected, a 689 Notification message with the indicated Error Code, Error Subcode, 690 and Data fields is sent. In addition, the MSDP connection might be 691 closed. If no Error Subcode is specified, then a zero (Unspecific) 692 must be used. 694 The phrase "the MSDP connection is closed" means that the transport 695 protocol connection has been closed and that all resources for that 696 MSDP connection have been deallocated. 698 17.1. Message Header Error Handling 700 All errors detected while processing the Message Header are indicated 701 by sending the Notification message with Error Code Message Header 702 Error. The Error Subcode describes the specific nature of the error. 703 The Data field contains the erroneous Message (including the message 704 header). 706 If the Length field of the message header is less than 4 or greater 707 than 1400, or the length of a KeepAlive message is not equal to 3, 708 then the Error Subcode is set to Bad Message Length. 710 If the Type field of the message header is not recognized, then the 711 Error Subcode is set to Bad Message Type. 713 17.2. SA-Request Error Handling 715 The SA-Request Error code is used to signal the receipt of a SA 716 request at a MSDP peer when an invalid group address requested. 718 When a MSDP peer receives a request for an invalid group, it returns 719 the following notification: 721 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 722 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 723 | 5 | 16 |O| 2 | 724 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 725 | 2 | Reserved | Gprefix Len | 726 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 727 | Gprefix | 728 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 729 | Invalid Group Address | 730 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 732 17.3. SA-Message/SA-Response Error Handling 734 The SA-Message/SA-Response Error code is used to signal the receipt 735 of a erroneous SA Message at an MSDP peer, or the receipt of an SA- 736 Response Message by a peer that did not issue a SA-Request. It has 737 the following form: 739 17.3.1. Invalid Entry Count (IEC) 741 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 742 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 743 | 5 | 6 |O| 3 | 744 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 745 | 1 | IEC | 746 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 748 17.3.2. Invalid RP Address 750 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 751 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 752 | 5 | 12 |O| 3 | 753 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 754 | 2 | Reserved | 755 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 756 | Invalid RP Address | 757 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 759 17.3.3. Invalid Group Address 761 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 762 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 763 | 5 | 12 |O| 3 | 764 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 765 | 3 | Reserved | 766 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 767 | Invalid Group Address | 768 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 770 17.3.4. Invalid Source Address 772 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 773 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 774 | 5 | 12 |O| 3 | 775 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 776 | 4 | Reserved | 777 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 778 | Invalid Source Address | 779 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 781 17.3.5. Invalid Sprefix Length (ISL) 783 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 784 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 785 | 5 | 6 |O| 3 | 786 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 787 | 5 | ISL | 788 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 790 17.3.6. Looping SAs (Self is RP in received SA) 792 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 793 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 794 | 5 | x + 5 |O| 3 | 795 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 796 | 6 | Looping SA Message .... 797 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 799 Length x 800 x is the length of the looping SA message contained in the data 801 field of the Notification message. 803 17.3.7. Unknown Encapsulation 805 This notification is sent on receipt of SA data that is encapsulated 806 in an unknown encapsulation type. See section 18 for known 807 encapsulations. 809 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 810 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 811 | 5 | x + 5 |O| 3 | 812 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 813 | 7 | SA Message .... 814 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 815 Length x 816 x is the length of the SA message (which contained data which 817 was encapsulated in some unknown way) that is contained in the 818 data field of the Notification message. 820 17.3.8. Administrative Scope Boundary Violated 822 This notification is used when an SA message is received for a group 823 G from a peer which is across an administrative scope boundary for G. 825 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 826 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 827 | 5 | 16 |O| 3 | 828 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 829 | 8 | Reserved | Gprefix Len | 830 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 831 | Gprefix | 832 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 833 | Group Address | 834 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 836 17.4. Hold Time Expired 838 If a system does not receive successive KeepAlive or any SA Message 839 and/or Notification messages within the period specified in the Hold 840 Timer, the notification message with Hold Timer Expired Error Code 841 and no additional data MUST be sent and the MSDP connection closed. 843 17.5. Finite State Machine Error Handling 845 Any error detected by the MSDP Finite State Machine (e.g., receipt of 846 an unexpected event) is indicated by sending the Notification message 847 with Error Code Finite State Machine Error. 849 17.6. Notification Message Error Handling 851 If a node sends a Notification message, and there is an error in that 852 message, and the O-bit of that message is not clear, a Notification 853 with O-bit clear, Error Code of Notification Error, and subcode 854 Unspecific must be sent. In addition, the Data field must include 855 the Notification message that triggered the error. However, if the 856 erroneous Notification message had the O-bit clear, then any error, 857 such as an unrecognized Error Code or Error Subcode, should be 858 noticed, logged locally, and brought to the attention of the 859 administrator of the remote node. 861 17.7. Cease 863 In absence of any fatal errors (that are indicated in this section), 864 an MSDP node may choose at any given time to close its MSDP 865 connection by sending the Notification message with Error Code Cease. 866 However, the Cease Notification message MUST NOT be used when a fatal 867 error indicated by this section does exist. 869 18. SA Data Encapsulation 871 This section describes UDP, GRE, and TCP encapsulation of SA data. 872 Encapsulation type is a configuration option. 874 18.1. UDP Data Encapsulation 876 Data packets MAY be encapsulated in UDP. In this case, the UDP 877 pseudo-header has the following form: 879 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 880 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 881 | Source Port | Destination Port | 882 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 883 | Length | Checksum | 884 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 885 | Origin RP Address | 886 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 888 The Source port, Destination Port, Length, and Checksum are used 889 according to RFC 768. Source and Destination ports are known via an 890 implementation-specific method (e.g. per-peer configuration). 892 Checksum 893 The checksum is computed according to RFC 768 [RFC768]. 895 Originating RP Address 896 The Originating RP Address is the address of the RP sending 897 the encapsulated data. 899 18.2. GRE Encapsulation 901 MSDP SA-data MAY be encapsulated in GRE using protocol type [MSDP- 902 GRE-ProtocolType]. The GRE header and payload packet have the 903 following form: 905 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 906 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 907 |C| Reserved0 | Ver | [MSDP-GRE-ProtocolType] |\ 908 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ GRE Header 909 | Checksum (optional) | Reserved1 |/ 910 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 911 | Originating RP IPv4 Address |\ 912 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Payload 913 | (S,G) Data Packet .... / 914 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 916 18.2.1. Encapsulation and Path MTU Discovery [RFC1191] 918 Existing implementations of GRE, when using IPv4 as the Delivery 919 Header, do not implement Path MTU discovery and do not set the Don't 920 Fragment bit in the Delivery Header. This can cause large packets to 921 become fragmented within the tunnel and reassembled at the tunnel 922 exit (independent of whether the payload packet is using PMTU). If a 923 tunnel entry point were to use Path MTU discovery, however, that 924 tunnel entry point would also need to relay ICMP unreachable error 925 messages (in particular the "fragmentation needed and DF set" code) 926 back to the originator of the packet, which is not required by the 927 GRE specification [RFC2784]. Failure to properly relay Path MTU 928 information to an originator can result in the following behavior: 929 the originator sets the don't fragment bit, the packet gets dropped 930 within the tunnel, but since the originator doesn't receive proper 931 feedback, it retransmits with the same PMTU, causing subsequently 932 transmitted packets to be dropped. 934 18.3. TCP Data Encapsulation 936 As discussed earlier, encapsulation of data in SA messages MAY be 937 supported for backwards compatibility with legacy MSDP peers. 939 19. IANA Considerations 941 The IANA should assigne 0x0009 from the IANA SNAP Protocol IDs [IANA] 942 to MSDP-GRE-ProtocolType. 944 20. Security Considerations 946 An MSDP implementation MAY use IPsec [RFC1825] or keyed MD5 [RFC1828] 947 to secure control messages. When encapsulating SA data in GRE, 948 security should be relatively similar to security in a normal IPv4 949 network, as routing using GRE follows the same routing that IPv4 uses 950 natively. Route filtering will remain unchanged. However packet 951 filtering at a firewall requires either that a firewall look inside 952 the GRE packet or that the filtering is done on the GRE tunnel 953 endpoints. In those environments in which this is considered to be a 954 security issue it may be desirable to terminate the tunnel at the 955 firewall. 957 21. Acknowledgments 959 The editor would like to thank the original authors, Dino Farinacci, 960 Yakov Rehkter, Peter Lothberg, Hank Kilmer, and Jermey Hall for their 961 orginal contribution to the MSDP specification. In addition, Bill 962 Nickless, John Meylor, Liming Wei, Manoj Leelanivas, Mark Turner, 963 John Zwiebel, Cristina Radulescu-Banu and IJsbrand Wijnands provided 964 useful and productive design feedback and comments. In addition to 965 many other contributions, Tom Pusateri helped to clarify the 966 connection state machine, Dave Thaler helped to clarify the 967 Notification message types, and countless others helped to clarify 968 the Peer-RPF rules. 970 22. Editor's Address: 972 David Meyer 973 Cisco Systems, Inc. 974 170 Tasman Drive 975 San Jose, CA, 95134 976 Email: dmm@cisco.com 978 23. REFERENCES 980 [IANA] www.iana.org 982 [RFC1700] J. Reynolds and J. Postel, "Assigned Numbers", RFC 1700, 983 October, 1994. 985 [RFC2784] Farinacci, D., et al., "Generic Routing Encapsulation 986 (GRE)", RFC 2784, March 2000. 988 [RFC768] Postel, J. "User Datagram Protocol", RFC 768, August, 989 1980. 991 [RFC1191] Mogul, J., and S. Deering, "Path MTU Discovery", 992 RFC 1191, November 1990. 994 [RFC1771] Rekhter, Y., and T. Li, "A Border Gateway Protocol 4 995 (BGP-4)", RFC 1771, March 1995. 997 [RFC1825] Atkinson, R., "Security Architecture for the Internet 998 Protocol", RFC 1825, August, 1995. 1000 [RFC1828] P. Metzger and W. Simpson, "IP Authentication using 1001 Keyed MD5", RFC 1828, August, 1995. 1003 [RFC2119] S. Bradner, "Key words for use in RFCs to Indicate 1004 Requirement Levels", RFC 2119, March, 1997. 1006 [RFC2283] Bates, T., Chandra, R., Katz, D., and Y. Rekhter., 1007 "Multiprotocol Extensions for BGP-4", RFC 2283, 1008 February 1998. 1010 [RFC2362] Estrin D., et al., "Protocol Independent Multicast - 1011 Sparse Mode (PIM-SM): Protocol Specification", RFC 1012 2362, June 1998. 1014 [RFC2365] Meyer, D. "Administratively Scoped IP Multicast", RFC 1015 2365, July, 1998. 1017 24. Full Copyright Statement 1019 Copyright (C) The Internet Society (2001). All Rights Reserved. 1021 This document and translations of it may be copied and furnished to 1022 others, and derivative works that comment on or otherwise explain it 1023 or assist in its implementation may be prepared, copied, published 1024 and distributed, in whole or in part, without restriction of any 1025 kind, provided that the above copyright notice and this paragraph are 1026 included on all such copies and derivative works. However, this 1027 document itself may not be modified in any way, such as by removing 1028 the copyright notice or references to the Internet Society or other 1029 Internet organizations, except as needed for the purpose of 1030 developing Internet standards in which case the procedures for 1031 copyrights defined in the Internet Standards process must be 1032 followed, or as required to translate it into languages other than 1033 English. 1035 The limited permissions granted above are perpetual and will not be 1036 revoked by the Internet Society or its successors or assigns. 1038 This document and the information contained herein is provided on an 1039 "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING 1040 TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING 1041 BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION 1042 HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF 1043 MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.