idnits 2.17.00 (12 Aug 2021) /tmp/idnits52373/draft-ietf-msdp-spec-09.txt: ** The Abstract section seems to be numbered Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** Missing expiration date. The document expiration date should appear on the first and last page. ** The document seems to lack a 1id_guidelines paragraph about Internet-Drafts being working documents. ** The document is more than 15 pages and seems to lack a Table of Contents. == No 'Intended status' indicated for this document; assuming Proposed Standard == The page length should not exceed 58 lines per page, but there was 28 longer pages, the longest (page 2) being 60 lines == It seems as if not all pages are separated by form feeds - found 0 form feeds but 29 pages Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an Introduction section. ** The document seems to lack separate sections for Informative/Normative References. All references will be assumed normative when checking for downward references. ** There are 15 instances of too long lines in the document, the longest one being 7 characters in excess of 72. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not match the current year == Line 657 has weird spacing: '...ndition is d...' == The document seems to lack the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. (The document does seem to have the reference to RFC 2119 which the ID-Checklist requires). == Using lowercase 'not' together with uppercase 'MUST', 'SHALL', 'SHOULD', or 'RECOMMENDED' is not an accepted usage according to RFC 2119. Please use uppercase 'NOT' together with RFC 2119 keywords (if that is what you mean). Found 'MUST not' in this paragraph: RPs which originate SA messages do it periodically as long as there is data being sent by the source. There is one SA-Advertisement-Timer covering the sources that an RP may advertise. [SA-Advertisement-Period] MUST be 60 seconds. An RP MUST not send more than one periodic SA message for a given (S,G) within an SA Advertisement interval. Originating periodic SA messages is required to keep announcements alive in caches, and so that new receivers who join after a source has been active can get data quickly via a non-caching RP. Finally, an originating RP SHOULD trigger the transmission of an SA message as soon as it receives data from an internal source for the first time. -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- Couldn't find a document date in the document -- date freshness check skipped. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'SA-Advertisement-Period' is mentioned on line 158, but not defined == Missing Reference: 'SA-State-Period' is mentioned on line 176, but not defined == Missing Reference: 'SA-Hold-Down-Period' is mentioned on line 184, but not defined == Missing Reference: 'Hold-Time-Period' is mentioned on line 209, but not defined == Missing Reference: 'KeepAlive-Period' is mentioned on line 210, but not defined == Missing Reference: 'ConnectRetry-Period' is mentioned on line 221, but not defined == Missing Reference: 'R2' is mentioned on line 394, but not defined == Missing Reference: 'MSDP-GRE-ProtocolType' is mentioned on line 982, but not defined -- Possible downref: Non-RFC (?) normative reference: ref. 'IANA' ** Obsolete normative reference: RFC 1771 (Obsoleted by RFC 4271) ** Obsolete normative reference: RFC 2401 (Obsoleted by RFC 4301) ** Downref: Normative reference to an Historic RFC: RFC 1828 ** Obsolete normative reference: RFC 2283 (Obsoleted by RFC 2858) ** Obsolete normative reference: RFC 2362 (Obsoleted by RFC 4601, RFC 5059) Summary: 13 errors (**), 0 flaws (~~), 15 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 Network Working Group David Meyer (Editor) 2 INTERNET DRAFT Bill Fenner (Editor) 3 Category Standards Track 4 May, 2001 6 Multicast Source Discovery Protocol (MSDP) 7 9 1. Status of this Memo 11 This document is an Internet-Draft and is in full conformance with 12 all provisions of Section 10 of RFC 2026. 14 Internet Drafts are working documents of the Internet Engineering 15 Task Force (IETF), its areas, and its working groups. Note that other 16 groups may also distribute working documents as Internet-Drafts. 18 Internet-Drafts are draft documents valid for a maximum of six months 19 and may be updated, replaced, or obsoleted by other documents at any 20 time. It is inappropriate to use Internet-Drafts as reference 21 material or to cite them other than as "work in progress." 23 The list of current Internet-Drafts can be accessed at 24 http://www.ietf.org/ietf/1id-abstracts.txt. 26 The list of Internet-Draft Shadow Directories can be accessed at 27 http://www.ietf.org/shadow.html. 29 2. Abstract 31 The Multicast Source Discovery Protocol, MSDP, describes a mechanism 32 to connect multiple PIM-SM domains together. Each PIM-SM domain uses 33 its own independent RP(s) and does not have to depend on RPs in other 34 domains. 36 3. Copyright Notice 38 Copyright (C) The Internet Society (2001). All Rights Reserved. 40 4. Introduction 42 The Multicast Source Discovery Protocol, MSDP, describes a mechanism 43 to connect multiple PIM-SM domains together. Each PIM-SM domain uses 44 its own independent RP(s) and does not have to depend on RPs in other 45 domains. Advantages of this approach include: 47 o No Third-party resource dependencies on RP 49 PIM-SM domains can rely on their own RPs only. 51 o Receiver only Domains 53 Domains with only receivers get data without globally 54 advertising group membership. 56 Note that MSDP may be used with protocols other than PIM-SM, but such 57 usage is not specified in this memo. 59 The keywords MUST, MUST NOT, MAY, OPTIONAL, REQUIRED, RECOMMENDED, 60 SHALL, SHALL NOT, SHOULD, SHOULD NOT are to be interpreted as defined 61 in RFC 2119 [RFC2119]. 63 5. Overview 65 MSDP-speaking routers in a PIM-SM [RFC2362] domain have a MSDP 66 peering relationship with MSDP peers in another domain. The peering 67 relationship is made up of a TCP connection in which control 68 information is exchanged. Each domain has one or more connections to 69 this virtual topology. 71 The purpose of this topology is to allow domains to discover 72 multicast sources from other domains. If the multicast sources are of 73 interest to a domain which has receivers, the normal source-tree 74 building mechanism in PIM-SM will be used to deliver multicast data 75 over an inter-domain distribution tree. 77 We envision this virtual topology will essentially be congruent to 78 the existing BGP topology used in the unicast-based Internet today. 79 That is, the TCP connections between MSDP peers are likely to be 80 congruent to the connections in the BGP routing system. 82 6. Procedure 84 When an RP in a PIM-SM domain first learns of a new sender, e.g. via 85 PIM register messages, it constructs a "Source-Active" (SA) message 86 and sends it to its MSDP peers. The SA message contains the following 87 fields: 89 o Source address of the data source. 90 o Group address the data source sends to. 91 o IP address of the RP. 93 Each MSDP peer receives and forwards the message away from the RP 94 address in a "peer-RPF flooding" fashion. The notion of peer-RPF 95 flooding is with respect to forwarding SA messages. The Multicast RPF 96 Routing Information Base (MRIB) is examined to determine which peer 97 towards the originating RP of the SA message is selected. Such a peer 98 is called an "RPF peer". See section 14 below for the details of 99 peer-RPF forwarding. 101 If the MSDP peer receives the SA from a non-RPF peer towards the 102 originating RP, it will drop the message. Otherwise, it forwards the 103 message to all its MSDP peers (except the one from which it received 104 the SA message). 106 When an MSDP peer which is also an RP for its own domain receives a 107 new SA message, it determines if it has any group members interested 108 in the group which the SA message describes. That is, the RP checks 109 for a (*,G) entry with a non-empty outgoing interface list; this 110 implies that the domain is interested in the group. In this case, the 111 RP triggers a (S,G) join event towards the data source as if a 112 Join/Prune message was received addressed to the RP itself. This sets 113 up a branch of the source-tree to this domain. Subsequent data 114 packets arrive at the RP which are forwarded down the shared-tree 115 inside the domain. If leaf routers choose to join the source-tree 116 they have the option to do so according to existing PIM-SM 117 conventions. Finally, if an RP in a domain receives a PIM Join 118 message for a new group G, the RP SHOULD trigger a (S,G) join event 119 for each SA for that group in its cache. 121 This procedure has been affectionately named flood-and-join because 122 if any RP is not interested in the group, they can ignore the SA 123 message. Otherwise, they join a distribution tree. 125 7. Caching 127 A MSDP speaker SHOULD cache SA messages. Caching allows pacing of 128 MSDP messages as well as reducing join latency for new receivers of a 129 group G at an originating RP which has existing MSDP (S,G) state. In 130 addition, caching greatly aids in diagnosis and debugging of various 131 problems. 133 8. Timers 135 The main timers for MSDP are: SA-Advertisement-Timer, SA-Hold-Down- 136 Timer, SA Cache Entry timer, KeepAlive timer, ConnectRetry and Peer 137 Hold Timer. Each is considered below. 139 8.1. SA-Advertisement-Timer 141 RPs which originate SA messages do it periodically as long as there 142 is data being sent by the source. There is one SA-Advertisement-Timer 143 covering the sources that an RP may advertise. [SA-Advertisement- 144 Period] MUST be 60 seconds. An RP MUST not send more than one 145 periodic SA message for a given (S,G) within an SA Advertisement 146 interval. Originating periodic SA messages is required to keep 147 announcements alive in caches, and so that new receivers who join 148 after a source has been active can get data quickly via a non-caching 149 RP. Finally, an originating RP SHOULD trigger the transmission of an 150 SA message as soon as it receives data from an internal source for 151 the first time. 153 8.2. SA-Advertisement-Timer Processing 155 An RP MUST spread the generation of periodic SA messages over its 156 reporting interval (i.e. SA-Advertisement-Period). An RP starts the 157 SA-Advertisement-Timer when the MSDP process is configured. When the 158 timer expires, an RP resets the timer to [SA-Advertisement-Period] 159 seconds, and begins the advertisement of its active sources. Active 160 sources are advertised in the following manner: An RP packs its 161 active sources into an SA message until the largest MSDP packet that 162 can be sent is built or there are no more sources, and then sends the 163 message. This process is repeated periodically within the SA- 164 Advertisement-Period in such a way that all of the RP's sources are 165 advertised. Note that the largest MSDP packet that can be sent has 166 size that is the minimum of MTU of outgoing link minus size of TCP 167 and IP headers, and 1400 (largest MSDP packet). Finally, the timer is 168 deleted when the MSDP process is deconfigured. 170 8.3. SA Cache Timeout (SA-State-Timer) 172 Each entry in an SA Cache has an associated SA-State-Timer. A 173 (S,G)-SA-State-Timer is started when an (S,G)-SA message is initially 174 received by a MSDP peer. The timer is reset to [SA-State-Period] if 175 another (S,G)-SA message is received before the (S,G)-SA-State-Timer 176 expires. [SA-State-Period] MUST NOT be less than 90 seconds. 178 8.4. SA-Hold-Down-Timer 180 The per-(S,G) timer is set to [SA-Hold-Down-Period] when forwarding 181 an SA message, and a SA message MUST only be forwarded when its 182 associated timer is not running. [SA-Hold-Down-Period] SHOULD be set 183 to 30 seconds. A MSDP peer MUST NOT forward a (S,G)-SA message it has 184 received in during the previous [SA-Hold-Down-Period] seconds. 185 Finally, the timer is deleted when the SA cache entry is deleted. 187 8.5. Peer Hold Timer 189 If a system has not received any MSDP message within the period 190 specified by the Hold Timer, then a Notification message with Hold 191 Timer Expired Error Code MUST be sent and the MSDP connection MUST be 192 closed. [Hold-Time-Period] MUST be at least three seconds. A 193 suggested value for [Hold-Time-Period] is 90 seconds. 195 The Hold Timer is initialized to [Hold-Time-Period] when the peer's 196 transport connection is established, and is reset to [Hold-Time- 197 Period] when any MSDP message is received. Finally, the timer is 198 deleted when the peer's transport connection is closed. 200 8.6. KeepAlive Timer 202 Once an MSDP transport connection is established, each side of the 203 connection sends a KeepAlive message and sets a KeepAlive timer. If 204 the KeepAlive timer expires, the local system sends a KeepAlive 205 message and restarts its KeepAlive timer. 207 The KeepAlive timer is set to [KeepAlive-Period] when the peer comes 208 up. [KeepAlive-Period] SHOULD NOT be less than 75 seconds, and MUST 209 NOT be less than [Hold-Time-Period]. The timer is reset to 210 [KeepAlive-Period] each time an MSDP message is sent to peer, and 211 reset when the timer expires. Finally, the KeepAlive timer is deleted 212 when the peer's transport connection is closed. 214 8.7. ConnectRetry Timer 216 The ConnectRetry timer is used by an MSDP peer to transition from 217 INACTIVE to CONNECTING states. There is one timer per peer, and the 218 [ConnectRetry-Period] SHOULD be set to 30 seconds. The timer is 219 initialized to [ConnectRetry-Period] when an MSDP peer's active 220 connect attempt fails. When the timer expires, the peer retries the 221 connection and the timer is reset to [ConnectRetry-Period]. It is 222 deleted if either the connection transitions into ESTABLISHED state 223 or the peer is deconfigured. 225 9. Intermediate MSDP Peers 227 Intermediate MSDP speakers do not originate periodic SA messages on 228 behalf of sources in other domains. In general, an RP MUST only 229 originate an SA for a source which would register to it, and ONLY RPs 230 may originate SA messages. 232 10. SA Filtering and Policy 234 As the number of (S,G) pairs increases in the Internet, an RP may 235 want to filter which sources it describes in SA messages. Also, 236 filtering may be used as a matter of policy which at the same time 237 can reduce state. Only the RP co-located in the same domain as the 238 source can restrict SA messages. Note, however, that MSDP peers in 239 transit domains should not filter SA messages or the flood-and-join 240 model can not guarantee that sources will be known throughout the 241 Internet (i.e., SA filtering by transit domains can cause undesired 242 lack of connectivity). In general, policy should be expressed using 243 MBGP [RFC2283]. This will cause MSDP messages to flow in the desired 244 direction and peer-RPF fail otherwise. An exception occurs at an 245 administrative scope [RFC2365] boundary. In particular, a SA message 246 for a (S,G) MUST NOT be sent to peers which are on the other side of 247 an administrative scope boundary for G. 249 11. SA Requests 251 A MSDP speaker MAY accept SA-Requests from other MSDP peers. When an 252 MSDP speaker receives an SA-Request for a group range, it will 253 respond to the peer with a set of SA entries, in an SA-Response 254 message, for all active sources in its SA cache sending to the group 255 requested in the SA-Request message. The peer that sends the request 256 will not flood the responding SA-Response message to other peers. See 257 section 17 for discussion of error handling relating to SA requests 258 and responses. 260 12. Encapsulated Data Packets 262 The RP may encapsulate multicast data from the source. An interested 263 RP may decapsulate the packet, which SHOULD be forwarded as if a PIM 264 register encapsulated packet was received. That is, if packets are 265 already arriving over the interface toward the source, then the 266 packet is dropped. Otherwise, if the outgoing interface list is non- 267 null, the packet is forwarded appropriately. Note that when doing 268 data encapsulation, an implementation MUST bound the time during 269 which packets are encapsulated. 271 This allows for small bursts to be received before the multicast tree 272 is built back toward the source's domain. For example, an 273 implementation SHOULD encapsulate at least the first packet to 274 provide service to bursty sources. 276 13. Other Scenarios 278 MSDP is not limited to deployment across different routing domains. 279 It can be used within a routing domain when it is desired to deploy 280 multiple RPs for the same group ranges. As long as all RPs have a 281 interconnected MSDP topology, each can learn about active sources as 282 well as RPs in other domains. 284 14. MSDP Peer-RPF Forwarding 286 The MSDP Peer-RPF Forwarding rules are used for forwarding SA 287 messages throughout an MSDP enabled internet. Unlike the RPF check 288 used when forwarding data packets, the Peer-RPF check is against the 289 RP address carried in the SA message. 291 14.1. Definitions 293 The following definitions are used in the description of the Peer-RPF 294 Forwarding Rules: 296 14.1.1. Multicast RPF Routing Information Base (MRIB) 298 The MRIB is the multicast topology table. It is typically derived 299 from the unicast routing table or from other routing protocols such 300 as multi-protocol BGP [RFC2283]. 302 14.1.2. RPF Route 304 The RPF route is the route that the MRIB chooses for a given address. 305 The RPF route for a SA's originating RP is used to select the peer 306 from which the SA is accepted. 308 14.2. Peer-RPF Forwarding Rules 310 An SA message originated by R and received by X from N is 311 accepted if N is the peer-RPF neighbor for X, and is discarded 312 otherwise. 314 MPP(R,N) MP(N,X) 315 R ---------....-------> N ------------------> X 316 SA(S,G,R) SA(S,G,R) 318 Where MPP(R,N) is an MSDP peering path (zero or more MSDP 319 peers) between R and N. SA(S,G,R) is an SA message for source 320 S on group G originated by an RP R. MP(N,X) is an MSDP 321 peering between N and X. 323 The peer-RPF neighbor is chosen deterministically, using the 324 first of the following rules that matches. In particular, 325 N is the RPF neighbor of X with respect to R if 327 (i). N == R (X has an MSDP peering with R). 329 (ii). N is the BGP NEXT_HOP of the active RPF route 330 for R. 332 (iii). The active RPF route for R is learned through a 333 distance-vector or path-vector routing protocol 334 (e.g. BGP, RIP, DVMRP) and N is the neighbor that 335 advertised the active RPF route for R. 337 (iv). N resides in an AS that is in the AS_PATH of the active 338 RPF route for R, and N has the highest IP address among 339 the MSDP peers that reside in ASs in that AS_PATH. 341 (v). N is configured as the static RPF-peer for R. 343 14.3. MSDP static RPF-peer semantics 345 If none of the rules (i) - (iv) are able to determine an RPF peer for 346 R, a longest-match lookup is performed in the static RPF peer table. 347 This table MUST be able to contain a default entry, and SHOULD be 348 able to contain prefix or per-host (RP) entries. This table 349 statically maps RP addresses to peers, and allows configuration of 350 topology that is e.g. unknown to the MRIB. 352 The result of the longest-match lookup of an RP address R in the 353 static RPF peer table is an MSDP peer, which is the RPF neighbor for 354 R. 356 14.4. MSDP mesh-group semantics 358 A MSDP mesh-group is a operational mechanism for reducing SA 359 flooding, typically in an intra-domain setting. In particular, when 360 some subset of a domain's MSDP speakers are fully meshed, then can be 361 configured into a mesh-group. 363 Note that mesh-groups assume that a member doesn't have to forward an 364 SA to other members of the mesh-group because the originator will 365 forward to all members. To be able for the originator to forward to 366 all members (and to have each member also be a potential originator), 367 the mesh-group must be a full mesh of MSDP peering among all members. 369 The semantics of the mesh-group are as follows: 371 (i). If a member R of a mesh-group M receives a SA message from an 372 MSDP peer that is also a member of mesh-group M, R accepts the 373 SA message and forwards it to all of its peers that are not 374 part of any mesh-group. R MUST NOT forward the SA message to 375 other members of mesh-group M. 377 (ii). If a member R of a mesh-group M receives a SA message from an 378 MSDP peer that is not a member of mesh-group M, and the SA 379 message passes the peer-RPF check, then R forwards the SA 380 message to all members of mesh-group M. 382 (iii). Cross mesh-group forwarding 384 If a member R of a mesh-groups M and N receives an SA 385 message from an MSDP peer in mesh-group M, R forwards the SA 386 to its MSDP peers in mesh-group N if it receives that SA 387 message from a peer that is in the same mesh-group as its 388 peer-RPF neighbor for that SA. 390 For example, consider the case in which three routers (R1, R2, 391 and R3) and three mesh-groups (A, B, and C) are arranged in a 392 triangle, e.g., 394 [R2] {A,B} 395 / \ 396 / \ 397 / \ 398 / \ 399 {A,C} [R1]--------[R3] {B,C} 401 Now, when R1 receives an SA message from R2 and R1's 402 peer-RPF neighbor for this SA lies in mesh-group A, R1 403 forwards the SA message its peers in other mesh-groups 404 (in particular, R3 in mesh-group C). Similarly, if R3's 405 peer-RPF neighbor lies in mesh-group B, R3 will forward an 406 SA message from R2. In this case, both R1 and R3 will send 407 SA messages to each other (because they share common mesh-group 408 C), but neither of them will forward any further the SA messages 409 received from each other (as their peer-RPF neighbors do 410 not lie in mesh-group C). 412 Note that since mesh-groups suspend peer-RPF checking of SAs received 413 from a mesh-group member ((i). above), they allow for mis- 414 configuration to cause SA looping. 416 15. MSDP Connection Establishment 418 MSDP messages will be encapsulated in a TCP connection. An MSDP peer 419 listens for new TCP connections on port 639. One side of the MSDP 420 peering relationship will listen on the well-known port and the other 421 side will do an active connect to the well-known port. The side with 422 the higher peer IP address will do the listen. This connection 423 establishment algorithm avoids call collision. Therefore, there is no 424 need for a call collision procedure. It should be noted, however, 425 that the disadvantage of this approach is that it may result in 426 longer startup times at the passive end. 428 An MSDP peer starts in the INACTIVE state. MSDP peers establish 429 peering sessions according to the following state machine: 431 De-configured or 432 disabled 433 +-------------------------------------------+ 434 | | 435 | | 436 Enable | 437 +-----|--------->+----------+ Connect Retry Timer | 438 | | +->| INACTIVE |----------------+ | 439 | | | +----------+ | | 440 Deconf'ed | | | /|\ /|\ | | Lower Address 441 or | | | | | | | 442 disabled | | | | | \|/ | 443 | | | | | | +-------------+ 444 | | | | | +---------------| CONNECTING | 445 | | | | | Timeout or +-------------+ 446 | | | | | Local Address Change | 447 \|/ \|/ | | | | 448 +----------+ | | | | 449 | DISABLED | | | +---------------------+ | TCP Established 450 +----------+ | | | | 451 /|\ /|\ | | Connection Timeout, | | 452 | | | | Local Address change, | | 453 | | | | Authorization Failure | | 454 | | | | | | 455 | | | | | \|/ 456 | | | | +-------------+ 457 | | Local | | | ESTABLISHED | 458 | | Address | | Higher Address +-------------+ 459 | | Change | \|/ /|\ | 460 | | | +--------+ | | 461 | | +--| LISTEN |--------------------+ | 462 | | +--------+ TCP Accept | 463 | | | | 464 | | | | 465 | +---------------+ | 466 | De-configured or | 467 | disabled | 468 | | 469 +------------------------------------------------------+ 470 De-configured or 471 disabled 473 16. Packet Formats 475 MSDP messages will be encoded in TLV format. If an implementation 476 receives a TLV that has length that is longer than expected, the TLV 477 SHOULD be accepted. Any additional data SHOULD be ignored. 479 16.1. MSDP TLV format: 481 0 1 2 3 482 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 483 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 484 | Type | Length | Value .... | 485 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 487 Type (8 bits) 488 Describes the format of the Value field. 490 Length (16 bits) 491 Length of Type, Length, and Value fields in octets. 492 minimum length required is 4 octets, except for 493 Keepalive messages. The maximum TLV length is 1400. 495 Value (variable length) 496 Format is based on the Type value. See below. The length of 497 the value field is Length field minus 3. All reserved fields 498 in the Value field MUST be transmitted as zeros and ignored on 499 receipt. 501 16.2. Defined TLVs 503 The following TLV Types are defined: 505 Code Type 506 =========================================================== 507 1 IPv4 Source-Active 508 2 IPv4 Source-Active Request 509 3 IPv4 Source-Active Response 510 4 KeepAlive 511 5 Notification 513 Each TLV is described below. 515 In addition, the following TLV Types are assigned but not described 516 in this memo: 518 Code Type 519 =========================================================== 520 6 MSDP traceroute in progress 521 7 MSDP traceroute reply 523 16.2.1. IPv4 Source-Active TLV 525 The maximum size SA message that can be sent is 1400 octets. If an 526 MSDP peer needs to originate a message with information greater than 527 1400 octets, it sends successive 1400 octet or smaller messages. The 528 1400 octet size does not include the TCP, IP, layer-2 headers. 530 0 1 2 3 531 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 532 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 533 | 1 | x + y | Entry Count | 534 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 535 | RP Address | 536 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 537 | Reserved | Sprefix Len | \ 538 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ \ 539 | Group Address | ) z 540 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ / 541 | Source Address | / 542 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 544 Type 545 IPv4 Source-Active TLV is type 1. 547 Length x 548 Is the length of the control information in the message. x is 549 8 octets (for the first two 32-bit quantities) plus 12 times 550 Entry Count octets. 552 Length y 553 If 0, then there is no data encapsulated. Otherwise an IPv4 554 packet follows and y is the length of the total length field 555 of the IPv4 header encapsulated. If there are multiple SA TLVs 556 in a message, and data is also included, y must be 0 in all SA 557 TLVs except the last one and the last SA TLV must reflect the 558 source and destination addresses in the IP header of the 559 encapsulated data. 561 Entry Count 562 Is the count of z entries (note above) which follow the RP 563 address field. This is so multiple (S,G)s from the same domain 564 can be encoded efficiently for the same RP address. 566 RP Address 567 The address of the RP in the domain the source has become 568 active in. 570 Reserved 571 The Reserved field MUST be transmitted as zeros and MUST be 572 ignored by a receiver. 574 Sprefix Len 575 The route prefix length associated with source address. 576 This field MUST be transmitted as 32 (/32). An Invalid 577 Sprefix Len Notification SHOULD be sent upon receipt 578 of any other value. 580 Group Address 581 The group address the active source has sent data to. 583 Source Address 584 The IP address of the active source. 586 Multiple SA TLVs MAY appear in the same message and can be batched 587 for efficiency at the expense of data latency. This would typically 588 occur on intermediate forwarding of SA messages. 590 16.2.2. IPv4 Source-Active Request TLV 592 The Source-Active Request is used to request SA-state from a MSDP 593 peer. If an RP in a domain receives a PIM Join message for a group, 594 creates (*,G) state and wants to know all active sources for group G, 595 it may send an SA-Request message for the group. 597 0 1 2 3 598 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 599 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 600 | 2 | 8 | Reserved | 601 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 602 | Group Address | 603 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 605 Type 606 IPv4 Source-Active Request TLV is type 2. 608 Reserved 609 Must be transmitted as zero and ignored on receipt. 611 Group Address 612 The group address the MSDP peer is requesting. 614 16.2.3. IPv4 Source-Active Response TLV 616 The Source-Active Response is sent in response to a Source-Active 617 Request message. The Source-Active Response message has the same 618 format as a Source-Active message but does not allow encapsulation of 619 multicast data. 621 0 1 2 3 622 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 623 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 624 | 3 | x | .... | 625 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 627 Type 628 IPv4 Source-Active Response TLV is type 3. 630 Length x 631 Is the length of the control information in the message. x is 8 632 octets (for the first two 32-bit quantities) plus 12 times Entry 633 Count octets. 635 16.2.4. KeepAlive TLV 637 A KeepAlive TLV is sent to an MSDP peer if and only if there were no 638 MSDP messages sent to the peer after a period of time. This message 639 is necessary for the active connect side of the MSDP connection. The 640 passive connect side of the connection knows that the connection will 641 be reestablished when a TCP SYN packet is sent from the active 642 connect side. However, the active connect side will not know when the 643 passive connect side goes down. Therefore, the KeepAlive timeout will 644 be used to reset the TCP connection. 646 0 1 2 3 647 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 648 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 649 | 4 | 3 | 650 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 652 The length of the message is 3 octets which encompasses the one octet 653 Type field and the two octet Length field. 655 16.2.5. Notification TLV 657 A Notification message is sent when an error condition is detected, 658 and has the following form: 660 0 1 2 3 661 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 662 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 663 | 5 | x + 5 |O| Error Code | 664 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 665 | Error subcode | ... | 666 +-+-+-+-+-+-+-+-+ | 667 | Data | 668 | ... | 669 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 671 Type 672 The Notification TLV is type 5. 674 Length 675 Length is a two octet field with value x + 5, where x is 676 the length of the notification data field. 678 O-bit 679 Open-bit. If clear, the connection will be closed. 681 Error code 682 This 7-bit unsigned integer indicates the type of Notification. 683 The following Error Codes have been defined: 685 Error Code Symbolic Name Reference 687 1 Message Header Error Section 17.1 688 2 SA-Request Error Section 17.2 689 3 SA-Message/SA-Response Error Section 17.3 690 4 Hold Timer Expired Section 17.4 691 5 Finite State Machine Error Section 17.5 692 6 Notification Section 17.6 693 7 Cease Section 17.7 695 Error subcode: 696 This one-octet unsigned integer provides more specific information 697 about the reported error. Each Error Code may have one or more 698 Error 699 Subcodes associated with it. If no appropriate Error Subcode is 700 defined, then a zero (Unspecific) value is used for the Error 702 Subcode 703 field, and the O-bit must be cleared (i.e. the connection will be 704 closed). The used notation in the error description below is: MC = 705 Must Close connection = O-bit clear; CC = Can Close connection = 706 O-bit MAY be cleared. 708 Message Header Error subcodes: 710 0 - Unspecific (MC) 711 2 - Bad Message Length (MC) 712 3 - Bad Message Type (CC) 714 SA-Request Error subcodes (the O-bit is always clear): 716 0 - Unspecific (MC) 717 1 - Invalid Group (MC) 719 SA-Message/SA-Response Error subcodes 721 0 - Unspecific (MC) 722 1 - Invalid Entry Count (CC) 723 2 - Invalid RP Address (MC) 724 3 - Invalid Group Address (MC) 725 4 - Invalid Source Address (MC) 726 5 - Invalid Sprefix Length (MC) 727 6 - Looping SA (Self is RP) (MC) 728 7 - Unknown Encapsulation (MC) 729 8 - Administrative Scope Boundary Violated (MC) 731 Hold Timer Expired subcodes (the O-bit is always clear): 733 0 - Unspecific (MC) 735 Finite State Machine Error subcodes (the O-bit is always clear): 737 0 - Unspecific (MC) 738 1 - Unexpected Message Type FSM Error (MC) 740 Notification subcodes (the O-bit is always clear): 742 0 - Unspecific (MC) 744 Cease subcodes (the O-bit is always clear): 746 0 - Unspecific (MC) 748 17. MSDP Error Handling 750 This section describes actions to be taken when errors are detected 751 while processing MSDP messages. MSDP Error Handling is similar to 752 that of BGP [RFC1771]. 754 When any of the conditions described here are detected, a 755 Notification message with the indicated Error Code, Error Subcode, 756 and Data fields is sent. In addition, the MSDP connection MAY be 757 closed. If no Error Subcode is specified, then a zero (Unspecific) 758 must be used. 760 The phrase "the MSDP connection is closed" means that the transport 761 protocol connection has been closed and that all resources for that 762 MSDP connection have been deallocated. 764 17.1. Message Header Error Handling 766 All errors detected while processing the Message Header are indicated 767 by sending the Notification message with Error Code Message Header 768 Error. The Error Subcode describes the specific nature of the error. 769 The Data field contains the erroneous Message (including the message 770 header). 772 If the Length field of the message header is less than 4 or greater 773 than 1400, or the length of a KeepAlive message is not equal to 3, 774 then the Error Subcode is set to Bad Message Length. 776 If the Type field of the message header is not recognized, then the 777 Error Subcode is set to Bad Message Type. 779 17.2. SA-Request Error Handling 781 The SA-Request Error code is used to signal the receipt of a SA 782 request at a MSDP peer when an invalid group address requested. 784 When a MSDP peer receives a request for an invalid group, it returns 785 the following notification: 787 0 1 2 3 788 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 789 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 790 | 5 | 12 |O| 2 | 791 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 792 | 2 | Reserved | 793 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 794 | Group Address | 795 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 797 17.3. SA-Message/SA-Response Error Handling 799 The SA-Message/SA-Response Error code is used to signal the receipt 800 of a erroneous SA Message at an MSDP peer, or the receipt of an SA- 801 Response Message by a peer that did not issue a SA-Request. It has 802 the following form: 804 17.3.1. Invalid Entry Count (IEC) 806 0 1 2 3 807 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 808 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 809 | 5 | 6 |O| 3 | 810 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 811 | 1 | Entry Count | 812 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 814 17.3.2. Invalid RP Address 816 0 1 2 3 817 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 818 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 819 | 5 | 12 |O| 3 | 820 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 821 | 2 | Reserved | 822 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 823 | RP Address | 824 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 826 17.3.3. Invalid Group Address 828 0 1 2 3 829 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 830 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 831 | 5 | 12 |O| 3 | 832 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 833 | 3 | Reserved | 834 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 835 | Group Address | 836 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 838 17.3.4. Invalid Source Address 840 0 1 2 3 841 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 842 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 843 | 5 | 12 |O| 3 | 844 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 845 | 4 | Reserved | 846 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 847 | Source Address | 848 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 850 17.3.5. Invalid Sprefix Length (ISL) 852 0 1 2 3 853 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 854 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 855 | 5 | 6 |O| 3 | 856 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 857 | 5 | Sprefix Len | 858 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 860 17.3.6. Looping SAs (Self is RP in received SA) 862 0 1 2 3 863 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 864 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 865 | 5 | x + 5 |O| 3 | 866 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 867 | 6 | SA Message .... 868 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 870 Length x 871 x is the length of the looping SA message contained in the data 872 field of the Notification message. 874 17.3.7. Unknown Encapsulation 876 This notification is sent on receipt of SA data that is encapsulated 877 in an unknown encapsulation type. See section 18 for known 878 encapsulations. 880 0 1 2 3 881 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 882 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 883 | 5 | x + 5 |O| 3 | 884 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 885 | 7 | SA Message .... 886 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 888 Length x 889 x is the length of the SA message (which contained data which 890 was encapsulated in some unknown way) that is contained in the 891 data field of the Notification message. 893 17.3.8. Administrative Scope Boundary Violated 895 This notification is used when an SA message is received for a group 896 G from a peer which is across an administrative scope boundary for G. 898 0 1 2 3 899 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 900 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 901 | 5 | 12 |O| 3 | 902 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 903 | 8 | Reserved | 904 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 905 | Group Address | 906 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 908 17.4. Hold Time Expired 910 If a system has not received any MSDP message within the period 911 specified in the Hold Timer, the notification message with Hold Timer 912 Expired Error Code and no additional data MUST be sent and the MSDP 913 connection closed. 915 17.5. Finite State Machine Error Handling 917 Any error detected by the MSDP Finite State Machine (e.g., receipt of 918 an unexpected event) is indicated by sending the Notification message 919 with Error Code Finite State Machine Error. 921 17.6. Notification Message Error Handling 923 If a node sends a Notification message, and there is an error in that 924 message, and the O-bit of that message is not clear, a Notification 925 with O-bit clear, Error Code of Notification Error, and subcode 926 Unspecific must be sent. In addition, the Data field must include 927 the Notification message that triggered the error. However, if the 928 erroneous Notification message had the O-bit clear, then any error, 929 such as an unrecognized Error Code or Error Subcode, should be 930 noticed, logged locally, and brought to the attention of the 931 administrator of the remote node. 933 17.7. Cease 935 In absence of any fatal errors (that are indicated in this section), 936 an MSDP node may choose at any given time to close its MSDP 937 connection by sending the Notification message with Error Code Cease. 938 However, the Cease Notification message MUST NOT be used when a fatal 939 error indicated by this section does exist. 941 18. SA Data Encapsulation 943 This section describes UDP, GRE, and TCP encapsulation of data 944 packets to be included with SA messages. Encapsulation type is a 945 configuration option. 947 18.1. UDP Data Encapsulation 949 Data packets MAY be encapsulated in UDP. In this case, the UDP 950 pseudo-header has the following form: 952 0 1 2 3 953 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 954 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 955 | Source Port | Destination Port | 956 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 957 | Length | Checksum | 958 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 959 | Origin RP Address | 960 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 962 The Source port, Destination Port, Length, and Checksum are used 963 according to RFC 768. Source and Destination ports are known via an 964 implementation-specific method (e.g. per-peer configuration). 966 Checksum 967 The checksum is computed according to RFC 768 [RFC768]. 969 Originating RP Address 970 The Originating RP Address is the address of the RP sending 971 the encapsulated data. 973 18.2. GRE Encapsulation 975 MSDP SA-data MAY be encapsulated in GRE using protocol type [MSDP- 976 GRE-ProtocolType]. The GRE header and payload packet have the 977 following form: 979 0 1 2 3 980 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 981 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 982 |C| Reserved0 | Ver | [MSDP-GRE-ProtocolType] |\ 983 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ GRE Header 984 | Checksum (optional) | Reserved1 |/ 985 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 986 | Originating RP IPv4 Address |\ 987 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Payload 988 | (S,G) Data Packet .... / 989 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 991 18.2.1. Encapsulation and Path MTU Discovery [RFC1191] 993 Existing implementations of GRE, when using IPv4 as the Delivery 994 Header, do not implement Path MTU discovery and do not set the Don't 995 Fragment bit in the Delivery Header. This can cause large packets to 996 become fragmented within the tunnel and reassembled at the tunnel 997 exit (independent of whether the payload packet is using PMTU). If a 998 tunnel entry point were to use Path MTU discovery, however, that 999 tunnel entry point would also need to relay ICMP unreachable error 1000 messages (in particular the "fragmentation needed and DF set" code) 1001 back to the originator of the packet, which is not required by the 1002 GRE specification [RFC2784]. Failure to properly relay Path MTU 1003 information to an originator can result in the following behavior: 1004 the originator sets the don't fragment bit, the packet gets dropped 1005 within the tunnel, but since the originator doesn't receive proper 1006 feedback, it retransmits with the same PMTU, causing subsequently 1007 transmitted packets to be dropped. 1009 18.3. TCP Data Encapsulation 1011 As discussed earlier, encapsulation of data in SA messages MAY be 1012 supported for backwards compatibility with legacy MSDP peers. 1014 19. IANA Considerations 1016 The IANA should assign 0x0009 from the IANA SNAP Protocol IDs [IANA] 1017 to MSDP-GRE-ProtocolType. 1019 20. Security Considerations 1021 An MSDP implementation MAY use IPsec [RFC2401] or keyed MD5 [RFC1828] 1022 to secure control messages. When encapsulating data packets in GRE, 1023 security should be relatively similar to security in a normal IPv4 1024 network, as routing using GRE follows the same routing that IPv4 uses 1025 natively. Route filtering will remain unchanged. However packet 1026 filtering at a firewall requires either that a firewall look inside 1027 the GRE packet or that the filtering is done on the GRE tunnel 1028 endpoints. In those environments in which this is considered to be a 1029 security issue it may be desirable to terminate the tunnel at the 1030 firewall. 1032 21. Acknowledgments 1034 The editor would like to thank the original authors, Dino Farinacci, 1035 Yakov Rehkter, Peter Lothberg, Hank Kilmer, and Jermey Hall for their 1036 orginal contribution to the MSDP specification. In addition, Bill 1037 Fenner, Bill Nickless, John Meylor, Liming Wei, Manoj Leelanivas, 1038 Mark Turner, John Zwiebel, Cristina Radulescu-Banu, Brian Edwards and 1039 IJsbrand Wijnands provided useful and productive design feedback and 1040 comments. In addition to many other contributions, Tom Pusateri 1041 helped to clarify the connection state machine, Dave Thaler helped to 1042 clarify the Notification message types. Ravi Shekhar helped clarify 1043 the semantics of mesh-groups, and countless others helped to clarify 1044 the Peer-RPF rules. 1046 22. Editors' Address: 1048 David Meyer 1049 Cisco Systems, Inc. 1050 170 Tasman Drive 1051 San Jose, CA, 95134 1052 Email: dmm@cisco.com 1054 Bill Fenner 1055 AT&T Labs -- Research 1056 75 Willow Road 1057 Menlo Park, CA 94025 1058 Email: fenner@research.att.com 1060 23. REFERENCES 1062 [IANA] www.iana.org 1064 [RFC2784] Farinacci, D., et al., "Generic Routing Encapsulation 1065 (GRE)", RFC 2784, March 2000. 1067 [RFC768] Postel, J. "User Datagram Protocol", RFC 768, August, 1068 1980. 1070 [RFC1191] Mogul, J., and S. Deering, "Path MTU Discovery", 1071 RFC 1191, November 1990. 1073 [RFC1771] Rekhter, Y., and T. Li, "A Border Gateway Protocol 4 1074 (BGP-4)", RFC 1771, March 1995. 1076 [RFC2401] Kent, S. and R. Atkinson, "Security Architecture for 1077 the Internet Protocol", RFC 2401, November 1998. 1079 [RFC1828] P. Metzger and W. Simpson, "IP Authentication using 1080 Keyed MD5", RFC 1828, August, 1995. 1082 [RFC2119] S. Bradner, "Key words for use in RFCs to Indicate 1083 Requirement Levels", RFC 2119, March, 1997. 1085 [RFC2283] Bates, T., Chandra, R., Katz, D., and Y. Rekhter., 1086 "Multiprotocol Extensions for BGP-4", RFC 2283, 1087 February 1998. 1089 [RFC2362] Estrin D., et al., "Protocol Independent Multicast - 1090 Sparse Mode (PIM-SM): Protocol Specification", RFC 1091 2362, June 1998. 1093 [RFC2365] Meyer, D. "Administratively Scoped IP Multicast", RFC 1094 2365, July, 1998. 1096 24. Full Copyright Statement 1098 Copyright (C) The Internet Society (2001). All Rights Reserved. 1100 This document and translations of it may be copied and furnished to 1101 others, and derivative works that comment on or otherwise explain it 1102 or assist in its implementation may be prepared, copied, published 1103 and distributed, in whole or in part, without restriction of any 1104 kind, provided that the above copyright notice and this paragraph are 1105 included on all such copies and derivative works. However, this 1106 document itself may not be modified in any way, such as by removing 1107 the copyright notice or references to the Internet Society or other 1108 Internet organizations, except as needed for the purpose of 1109 developing Internet standards in which case the procedures for 1110 copyrights defined in the Internet Standards process must be 1111 followed, or as required to translate it into languages other than 1112 English. 1114 The limited permissions granted above are perpetual and will not be 1115 revoked by the Internet Society or its successors or assigns. 1117 This document and the information contained herein is provided on an 1118 "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING 1119 TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING 1120 BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION 1121 HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF 1122 MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.