idnits 2.17.00 (12 Aug 2021) /tmp/idnits51515/draft-ietf-msdp-spec-11.txt: ** The Abstract section seems to be numbered Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** Missing expiration date. The document expiration date should appear on the first and last page. ** The document seems to lack a 1id_guidelines paragraph about Internet-Drafts being working documents. ** The document is more than 15 pages and seems to lack a Table of Contents. == No 'Intended status' indicated for this document; assuming Proposed Standard == The page length should not exceed 58 lines per page, but there was 31 longer pages, the longest (page 2) being 60 lines == It seems as if not all pages are separated by form feeds - found 0 form feeds but 32 pages Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an Introduction section. ** The document seems to lack separate sections for Informative/Normative References. All references will be assumed normative when checking for downward references. ** There are 19 instances of too long lines in the document, the longest one being 7 characters in excess of 72. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not match the current year == The document seems to lack the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. (The document does seem to have the reference to RFC 2119 which the ID-Checklist requires). -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- Couldn't find a document date in the document -- date freshness check skipped. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'SA-Advertisement-Period' is mentioned on line 159, but not defined == Missing Reference: 'SA-State-Period' is mentioned on line 177, but not defined == Missing Reference: 'SA-Hold-Down-Period' is mentioned on line 187, but not defined == Missing Reference: 'HoldTime-Period' is mentioned on line 541, but not defined == Missing Reference: 'KeepAlive-Period' is mentioned on line 732, but not defined == Missing Reference: 'ConnectRetry-Period' is mentioned on line 480, but not defined == Missing Reference: 'R2' is mentioned on line 401, but not defined == Missing Reference: 'MSDP-GRE-ProtocolType' is mentioned on line 1068, but not defined -- Possible downref: Non-RFC (?) normative reference: ref. 'IANA' ** Obsolete normative reference: RFC 1771 (Obsoleted by RFC 4271) ** Obsolete normative reference: RFC 2283 (Obsoleted by RFC 2858) ** Obsolete normative reference: RFC 2362 (Obsoleted by RFC 4601, RFC 5059) ** Obsolete normative reference: RFC 2401 (Obsoleted by RFC 4301) Summary: 12 errors (**), 0 flaws (~~), 13 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group David Meyer (Editor) 3 INTERNET DRAFT Bill Fenner (Editor) 4 Category Standards Track 5 August, 2001 7 Multicast Source Discovery Protocol (MSDP) 8 10 1. Status of this Memo 12 This document is an Internet-Draft and is in full conformance with 13 all provisions of Section 10 of RFC 2026. 15 Internet Drafts are working documents of the Internet Engineering 16 Task Force (IETF), its areas, and its working groups. Note that other 17 groups may also distribute working documents as Internet-Drafts. 19 Internet-Drafts are draft documents valid for a maximum of six months 20 and may be updated, replaced, or obsoleted by other documents at any 21 time. It is inappropriate to use Internet-Drafts as reference 22 material or to cite them other than as "work in progress." 24 The list of current Internet-Drafts can be accessed at 25 http://www.ietf.org/ietf/1id-abstracts.txt. 27 The list of Internet-Draft Shadow Directories can be accessed at 28 http://www.ietf.org/shadow.html. 30 2. Abstract 32 The Multicast Source Discovery Protocol, MSDP, describes a mechanism 33 to connect multiple PIM-SM domains together. Each PIM-SM domain uses 34 its own independent RP(s) and does not have to depend on RPs in other 35 domains. 37 3. Copyright Notice 39 Copyright (C) The Internet Society (2001). All Rights Reserved. 41 4. Introduction 43 The Multicast Source Discovery Protocol, MSDP, describes a mechanism 44 to connect multiple PIM-SM domains together. Each PIM-SM domain uses 45 its own independent RP(s) and does not have to depend on RPs in other 46 domains. Advantages of this approach include: 48 o No Third-party resource dependencies on RP 50 PIM-SM domains can rely on their own RPs only. 52 o Receiver only Domains 54 Domains with only receivers get data without globally 55 advertising group membership. 57 Note that MSDP may be used with protocols other than PIM-SM, but such 58 usage is not specified in this memo. 60 The keywords MUST, MUST NOT, MAY, OPTIONAL, REQUIRED, RECOMMENDED, 61 SHALL, SHALL NOT, SHOULD, SHOULD NOT are to be interpreted as defined 62 in RFC 2119 [RFC2119]. 64 5. Overview 66 MSDP-speaking routers in a PIM-SM [RFC2362] domain have a MSDP 67 peering relationship with MSDP peers in another domain. The peering 68 relationship is made up of a TCP connection in which control 69 information is exchanged. Each domain has one or more connections to 70 this virtual topology. 72 The purpose of this topology is to allow domains to discover 73 multicast sources from other domains. If the multicast sources are of 74 interest to a domain which has receivers, the normal source-tree 75 building mechanism in PIM-SM will be used to deliver multicast data 76 over an inter-domain distribution tree. 78 We envision this virtual topology will essentially be congruent to 79 the existing BGP topology used in the unicast-based Internet today. 80 That is, the TCP connections between MSDP peers are likely to be 81 congruent to the connections in the BGP routing system. 83 6. Procedure 85 When an RP in a PIM-SM domain first learns of a new sender, e.g. via 86 PIM register messages, it constructs a "Source-Active" (SA) message 87 and sends it to its MSDP peers. The SA message contains the following 88 fields: 90 o Source address of the data source. 91 o Group address the data source sends to. 92 o IP address of the RP. 94 Each MSDP peer receives and forwards the message away from the RP 95 address in a "peer-RPF flooding" fashion. The notion of peer-RPF 96 flooding is with respect to forwarding SA messages. The Multicast RPF 97 Routing Information Base (MRIB) is examined to determine which peer 98 towards the originating RP of the SA message is selected. Such a peer 99 is called an "RPF peer". See section 14 for the details of peer-RPF 100 forwarding. 102 If the MSDP peer receives the SA from a non-RPF peer towards the 103 originating RP, it will drop the message. Otherwise, it forwards the 104 message to all its MSDP peers (except the one from which it received 105 the SA message). 107 When an MSDP peer which is also an RP for its own domain receives a 108 new SA message, it determines if it has any group members interested 109 in the group which the SA message describes. That is, the RP checks 110 for a (*,G) entry with a non-empty outgoing interface list; this 111 implies that the domain is interested in the group. In this case, the 112 RP triggers a (S,G) join event towards the data source as if a 113 Join/Prune message was received addressed to the RP itself. This sets 114 up a branch of the source-tree to this domain. Subsequent data 115 packets arrive at the RP which are forwarded down the shared-tree 116 inside the domain. If leaf routers choose to join the source-tree 117 they have the option to do so according to existing PIM-SM 118 conventions. Finally, if an RP in a domain receives a PIM Join 119 message for a new group G, the RP SHOULD trigger a (S,G) join event 120 for each SA for that group in its cache. 122 This procedure has been affectionately named flood-and-join because 123 if any RP is not interested in the group, they can ignore the SA 124 message. Otherwise, they join a distribution tree. 126 7. Caching 128 A MSDP speaker MUST cache SA messages. Caching allows pacing of MSDP 129 messages as well as reducing join latency for new receivers of a 130 group G at an originating RP which has existing MSDP (S,G) state. In 131 addition, caching greatly aids in diagnosis and debugging of various 132 problems. 134 8. Timers 136 The main timers for MSDP are: SA-Advertisement-Timer, SA-Hold-Down- 137 Timer, SA Cache Entry timer, KeepAlive timer, ConnectRetry and Peer 138 Hold Timer. Each is considered below. 140 8.1. SA-Advertisement-Timer 142 RPs which originate SA messages do it periodically as long as there 143 is data being sent by the source. There is one SA-Advertisement-Timer 144 covering the sources that an RP may advertise. [SA-Advertisement- 145 Period] MUST be 60 seconds. An RP MUST not send more than one 146 periodic SA message for a given (S,G) within an SA Advertisement 147 interval. Originating periodic SA messages is required to keep 148 announcements alive in caches, and so that new receivers who join 149 after a source has been active can get data quickly via a non-caching 150 RP. Finally, an originating RP SHOULD trigger the transmission of an 151 SA message as soon as it receives data from an internal source for 152 the first time. 154 8.2. SA-Advertisement-Timer Processing 156 An RP MUST spread the generation of periodic SA messages over its 157 reporting interval (i.e. SA-Advertisement-Period). An RP starts the 158 SA-Advertisement-Timer when the MSDP process is configured. When the 159 timer expires, an RP resets the timer to [SA-Advertisement-Period] 160 seconds, and begins the advertisement of its active sources. Active 161 sources are advertised in the following manner: An RP packs its 162 active sources into an SA message until the largest MSDP packet that 163 can be sent is built or there are no more sources, and then sends the 164 message. This process is repeated periodically within the SA- 165 Advertisement-Period in such a way that all of the RP's sources are 166 advertised. Note that since MSDP is a periodic protocol, an 167 implemenation SHOULD send all cached SA messages when a connection is 168 established. Finally, the timer is deleted when the MSDP process is 169 deconfigured. 171 8.3. SA Cache Timeout (SA-State Timer) 173 Each entry in an SA Cache has an associated SA-State Timer. A 174 (S,G)-SA-State-Timer is started when an (S,G)-SA message is initially 175 received by a MSDP peer. The timer is reset to [SA-State-Period] if 176 another (S,G)-SA message is received before the (S,G)-SA-State Timer 177 expires. [SA-State-Period] MUST NOT be less than 90 seconds. 179 8.4. SA-Hold-Down Timer 181 When an SA message is received which creates (S,G) state, the 182 (S,G)-SA message will be forwarded if the peer-RPF check succeeds. If 183 the peer-RPF check succeeds and the (S,G)-SA message is not already 184 in the SA cache, then the (S,G)-SA-Hold-Down timer is set to [SA- 185 Hold-Down-Period] seconds. When an (S,G)-SA message is received and 186 an (S,G) entry already exists, the message is forwarded only if the 187 (S,G)-SA-Hold-Down timer is not running. [SA-Hold-Down-Period] SHOULD 188 be set to 30 seconds. 190 8.5. Peer Hold Timer 192 If a system has not received any MSDP message within the period 193 specified by the Hold Timer, then a Notification message with Hold 194 Timer Expired Error Code MUST be sent and the MSDP connection MUST be 195 closed. [HoldTime-Period] MUST be at least three seconds. The 196 recommended value for [HoldTime-Period] is 90 seconds. 198 The Hold Timer is initialized to [HoldTime-Period] when the peer's 199 transport connection is established, and is reset to [HoldTime- 200 Period] when any MSDP message is received. Finally, the timer is 201 deleted when the peer's transport connection is closed. 203 8.6. KeepAlive Timer 205 Once an MSDP transport connection is established, each side of the 206 connection sends a KeepAlive message and sets a KeepAlive timer. If 207 the KeepAlive timer expires, the local system sends a KeepAlive 208 message and restarts its KeepAlive timer. 210 The KeepAlive timer is set to [KeepAlive-Period] when the peer comes 211 up. The timer is reset to [KeepAlive-Period] each time an MSDP 212 message is sent to the peer, and reset when the timer expires. 213 Finally, the KeepAlive timer is deleted when the peer's transport 214 connection is closed. 216 [KeepAlive-Period] MUST be less than [HoldTime-Period], and MUST be 217 at least one second. The recommended value for [KeepAlive-Period] is 218 75 seconds. 220 8.7. ConnectRetry Timer 222 The ConnectRetry timer is used by an MSDP peer to transition from 223 INACTIVE to CONNECTING states. There is one timer per peer, and the 224 [ConnectRetry-Period] SHOULD be set to 30 seconds. The timer is 225 initialized to [ConnectRetry-Period] when an MSDP speaker attempts to 226 actively open a TCP connection to its peer (see section 15, event E2, 227 action A2 ). When the timer expires, the peer retries the connection 228 and the timer is reset to [ConnectRetry-Period]. It is deleted if 229 either the connection transitions into ESTABLISHED state or the peer 230 is deconfigured. 232 9. Intermediate MSDP Peers 234 Intermediate MSDP speakers do not originate periodic SA messages on 235 behalf of sources in other domains. In general, an RP MUST only 236 originate an SA for a source which would register to it, and ONLY RPs 237 may originate SA messages. 239 10. SA Filtering and Policy 241 As the number of (S,G) pairs increases in the Internet, an RP may 242 want to filter which sources it describes in SA messages. Also, 243 filtering may be used as a matter of policy which at the same time 244 can reduce state. Only the RP co-located in the same domain as the 245 source can restrict SA messages. Note, however, that MSDP peers in 246 transit domains should not filter SA messages or the flood-and-join 247 model can not guarantee that sources will be known throughout the 248 Internet (i.e., SA filtering by transit domains can cause undesired 249 lack of connectivity). In general, policy should be expressed using 250 MBGP [RFC2283]. This will cause MSDP messages to flow in the desired 251 direction and peer-RPF fail otherwise. An exception occurs at an 252 administrative scope [RFC2365] boundary. In particular, a SA message 253 for a (S,G) MUST NOT be sent to peers which are on the other side of 254 an administrative scope boundary for G. 256 11. SA Requests 258 A MSDP speaker MAY accept SA-Requests from other MSDP peers. When an 259 MSDP speaker receives an SA-Request for a group range, it will 260 respond to the peer with a set of SA entries, in an SA-Response 261 message, for all active sources in its SA cache sending to the group 262 requested in the SA-Request message. The peer that sends the request 263 will not flood the responding SA-Response message to other peers. See 264 section 17 for discussion of error handling relating to SA requests 265 and responses. 267 12. Encapsulated Data Packets 269 The RP may encapsulate multicast data from the source. An interested 270 RP may decapsulate the packet, which SHOULD be forwarded as if a PIM 271 register encapsulated packet was received. That is, if packets are 272 already arriving over the interface toward the source, then the 273 packet is dropped. Otherwise, if the outgoing interface list is non- 274 null, the packet is forwarded appropriately. Note that when doing 275 data encapsulation, an implementation MUST bound the time during 276 which packets are encapsulated. 278 This allows for small bursts to be received before the multicast tree 279 is built back toward the source's domain. For example, an 280 implementation SHOULD encapsulate at least the first packet to 281 provide service to bursty sources. 283 13. Other Scenarios 285 MSDP is not limited to deployment across different routing domains. 286 It can be used within a routing domain when it is desired to deploy 287 multiple RPs for the same group ranges. As long as all RPs have a 288 interconnected MSDP topology, each can learn about active sources as 289 well as RPs in other domains. 291 14. MSDP Peer-RPF Forwarding 293 The MSDP Peer-RPF Forwarding rules are used for forwarding SA 294 messages throughout an MSDP enabled internet. Unlike the RPF check 295 used when forwarding data packets, the Peer-RPF check is against the 296 RP address carried in the SA message. 298 14.1. Definitions 300 The following definitions are used in the description of the Peer-RPF 301 Forwarding Rules: 303 14.1.1. Multicast RPF Routing Information Base (MRIB) 305 The MRIB is the multicast topology table. It is typically derived 306 from the unicast routing table or from other routing protocols such 307 as multi-protocol BGP [RFC2283]. 309 14.1.2. RPF Route 311 The RPF route is the route that the MRIB chooses for a given address. 312 The RPF route for a SA's originating RP is used to select the peer 313 from which the SA is accepted. 315 14.2. Peer-RPF Forwarding Rules 317 An SA message originated by R and received by X from N is 318 accepted if N is the peer-RPF neighbor for X, and is discarded 319 otherwise. 321 MPP(R,N) MP(N,X) 322 R ---------....-------> N ------------------> X 323 SA(S,G,R) SA(S,G,R) 325 Where MPP(R,N) is an MSDP peering path (zero or more MSDP 326 peers) between R and N. SA(S,G,R) is an SA message for source 327 S on group G originated by an RP R. MP(N,X) is an MSDP 328 peering between N and X. 330 The peer-RPF neighbor is chosen deterministically, using the 331 first of the following rules that matches. In particular, 332 N is the RPF neighbor of X with respect to R if 334 (i). N == R (X has an MSDP peering with R). 336 (ii). N is the BGP NEXT_HOP of the active RPF route 337 for R. 339 (iii). The active RPF route for R is learned through a 340 distance-vector or path-vector routing protocol 341 (e.g. BGP, RIP, DVMRP) and N is the neighbor that 342 advertised the active RPF route for R. 344 (iv). N resides in an AS that is in the AS_PATH of the active 345 RPF route for R, and N has the highest IP address among 346 the MSDP peers that reside in ASs in that AS_PATH. 348 (v). N is configured as the static RPF-peer for R. 350 14.3. MSDP static RPF-peer semantics 352 If none of the rules (i) - (iv) are able to determine an RPF peer for 353 R, a longest-match lookup is performed in the static RPF peer table. 354 This table MUST be able to contain a default entry, and SHOULD be 355 able to contain prefix or per-host (RP) entries. This table 356 statically maps RP addresses to peers, and allows configuration of 357 topology that is e.g. unknown to the MRIB. 359 The result of the longest-match lookup of an RP address R in the 360 static RPF peer table is an MSDP peer, which is the RPF neighbor for 361 R. 363 14.4. MSDP mesh-group semantics 365 A MSDP mesh-group is a operational mechanism for reducing SA 366 flooding, typically in an intra-domain setting. In particular, when 367 some subset of a domain's MSDP speakers are fully meshed, then can be 368 configured into a mesh-group. 370 Note that mesh-groups assume that a member doesn't have to forward an 371 SA to other members of the mesh-group because the originator will 372 forward to all members. To be able for the originator to forward to 373 all members (and to have each member also be a potential originator), 374 the mesh-group must be a full mesh of MSDP peering among all members. 376 The semantics of the mesh-group are as follows: 378 (i). If a member R of a mesh-group M receives a SA message from an 379 MSDP peer that is also a member of mesh-group M, R accepts the 380 SA message and forwards it to all of its peers that are not 381 part of any mesh-group. R MUST NOT forward the SA message to 382 other members of mesh-group M. 384 (ii). If a member R of a mesh-group M receives a SA message from an 385 MSDP peer that is not a member of mesh-group M, and the SA 386 message passes the peer-RPF check, then R forwards the SA 387 message to all members of mesh-group M. 389 (iii). Cross mesh-group forwarding 391 If a member R of a mesh-groups M and N receives an SA 392 message from an MSDP peer in mesh-group M, R forwards the SA 393 to its MSDP peers in mesh-group N if it receives that SA 394 message from a peer that is in the same mesh-group as its 395 peer-RPF neighbor for that SA. 397 For example, consider the case in which three routers (R1, R2, 398 and R3) and three mesh-groups (A, B, and C) are arranged in a 399 triangle, e.g., 401 [R2] {A,B} 402 / \ 403 / \ 404 / \ 405 / \ 406 {A,C} [R1]--------[R3] {B,C} 408 Now, when R1 receives an SA message from R2 and R1's 409 peer-RPF neighbor for this SA lies in mesh-group A, R1 410 forwards the SA message its peers in other mesh-groups 411 (in particular, R3 in mesh-group C). Similarly, if R3's 412 peer-RPF neighbor lies in mesh-group B, R3 will forward an 413 SA message from R2. In this case, both R1 and R3 will send 414 SA messages to each other (because they share common mesh-group 415 C), but neither of them will forward any further the SA messages 416 received from each other (as their peer-RPF neighbors do 417 not lie in mesh-group C). 419 Note that since mesh-groups suspend peer-RPF checking of SAs received 420 from a mesh-group member ((i). above), they allow for mis- 421 configuration to cause SA looping. 423 15. MSDP Connection State Machine 425 MSDP uses TCP as its transport protocol. In a peering relationship, 426 one MSDP peer listens for new TCP connections on the well-known port 427 639. The other side makes an active connect to this port. The peer 428 with the higher IP address will listen. This connection establishment 429 algorithm avoids call collision. Therefore, there is no need for a 430 call collision procedure. It should be noted, however, that the 431 disadvantage of this approach is that it may result in longer startup 432 times at the passive side. 434 An MSDP peer starts in the DISABLED state. MSDP peers establish 435 peering sessions according to the following state machine: 437 --------------->+----------+ 438 / | DISABLED |<---------- 439 | ------>+----------+ \ 440 | / |E1->A1 | 441 | | | | 442 | | V |E7->A7 443 | | +----------+ E3->A3 +--------+ 444 | | | INACTIVE |------->| LISTEN | 445 | | +----------+ +--------+ 446 | | E2->A2| ^ |E5->A5 447 | | | | | 448 | |E7->A6 V |E6 | 449 | \ +------------+ | 450 E7->A8 | ------| CONNECTING | | 451 E8->A9 | +------------+ | 452 E9->A10| |E4->A4 | 453 E10->A11| | | 454 E11->A12| V | 455 \ +-------------+ / 456 --------------| ESTABLISHED |<--------- 457 +-------------+ 459 15.1. Events 461 E1) Enable MSDP peering with P 462 E2) Own IP address < P's IP address 463 E3) Own IP address > P's IP address 464 E4) TCP established (active side) 465 E5) TCP established (passive side) 466 E6) ConnectRetry timer expired 467 E7) Disable MSDP peering with P 468 An example of when to do this is when one's own address is 469 changed) 470 E8) Hold Timer expired 471 E9) Authorization failure 472 E10) Notification TLV received 473 E11) Error detected 475 15.2. Actions 477 A1) Allocate resources for peering with P 478 Compare one's own and peer's IP addresses 479 A2) TCP active OPEN 480 Set ConnectRetry timer to [ConnectRetry-Period] 481 A3) TCP passive OPEN (listen) 482 A4) Delete ConnectRetry timer 483 Send KeepAlive TLV 484 Set KeepAlive timer to [KeepAlive-Period] 485 Set Hold Timer to [HoldTime-Period] 486 A5) Send KeepAlive TLV 487 Set KeepAlive timer to [KeepAlive-Period] 488 Set Hold Timer to [HoldTime-Period] 489 A6) Abort TCP active OPEN attempt 490 Release resources allocated for peering with P 491 A7) Abort TCP passive OPEN attempt 492 Release resources allocated for peering with P 494 In action sets 8)-12), the action "Close peering session" includes 495 the following steps: 496 Close TCP connection 497 Delete KeepAlive timer 498 Delete Hold Timer 499 Release resources allocated for peering with P 501 A8) Send Notification TLV with Error Code "Cease" 502 Close peering session 503 A9) Send Notification TLV with Error Code "Hold Timer Expired" 504 Close peering session 506 A10) Notify management system unless this has already been done by 507 the security mechanism 508 Close peering session 509 A11) Notify management system 510 If the received Notification TLV's O-bit was cleared, close 511 peering session. Otherwise, remain in ESTABLISHED state. 512 A12) Send Notification TLV with appropriate Error Code 513 Notify management system 514 If the sent Notification TLV's O-bit was cleared, close peering 515 session. Otherwise, remain in ESTABLISHED state. 517 15.3. Peer-specific Events 519 The following peer-specific events can occur in the ESTABLISHED 520 state, they do not cause a state transition. Appropriate actions are 521 listed for each event. 523 *) KeepAlive timer expired: 524 -> Send KeepAlive TLV 525 -> Set KeepAlive timer to [KeepAlive-Period] 526 *) KeepAlive TLV received: 527 -> Set Hold Timer to [HoldTime-Period] 528 *) Source-Active TLV received: 529 -> Set Hold Timer to [HoldTime-Period] 530 -> Run Peer-RPF Forwarding algorithm (if caching, consider 531 SA-Hold-Down Timer and SA-State Timer) 532 -> Set KeepAlive timer to [KeepAlive-Period] for those peers the 533 Source-Active TLV is forwarded to 534 -> Send information to PIM-SM 535 -> If caching, store information 536 *) Source-Active Request TLV received: 537 -> Set Hold Timer to [HoldTime-Period] 538 -> If SA-Requests are accepted, send Source-Active Response TLV 539 and set KeepAlive timer to [KeepAlive-Period] 540 *) Source-Active Response TLV received: 541 -> Set Hold Timer to [HoldTime-Period] 542 -> If a corresponding SA-Request were previously sent, send 543 information to PIM-SM. If not, an error has occured (event 11 544 above) 545 -> If caching, store information 547 15.4. Peer-independent Events 549 There are also a number of events that affect more than one peering 550 session, but still require actions to be performed on a per-peer 551 basis. If the MSDP speaker does not cache SA messages, ignore all 552 events and actions pertaining to caching. 554 *) SA-Advertisement-Timer expired: 555 -> Start periodic transmission of Source-Active TLV(s) 556 -> Set KeepAlive timer to [KeepAlive-Period] each time a 557 Source-Active TLV is sent 558 *) MSDP learns of a new active internal source (e.g. PIM-SM 559 register received for a new source): 560 -> Send Source-Active TLV 561 -> Set KeepAlive timer to [KeepAlive-Period] 562 *) Source-Active Request triggered (event not specified here): 563 -> Send Source-Active Request TLV 564 -> Set KeepAlive timer to [KeepAlive-Period] 565 *) SA-State-Timer expired (one timer per cache entry): 566 -> Implementation specific, typically mark the cache entry for 567 deletion 569 16. Packet Formats 571 MSDP messages will be encoded in TLV format. If an implementation 572 receives a TLV that has length that is longer than expected, the TLV 573 SHOULD be accepted. Any additional data SHOULD be ignored. 575 16.1. MSDP TLV format: 577 0 1 2 3 578 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 579 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 580 | Type | Length | Value .... | 581 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 583 Type (8 bits) 584 Describes the format of the Value field. 586 Length (16 bits) 587 Length of Type, Length, and Value fields in octets. 588 minimum length required is 4 octets, except for 589 Keepalive messages. The maximum TLV length is 1400. 591 Value (variable length) 592 Format is based on the Type value. See below. The length of 593 the value field is Length field minus 3. All reserved fields 594 in the Value field MUST be transmitted as zeros and ignored on 595 receipt. 597 16.2. Defined TLVs 599 The following TLV Types are defined: 601 Code Type 602 =========================================================== 603 1 IPv4 Source-Active 604 2 IPv4 Source-Active Request 605 3 IPv4 Source-Active Response 606 4 KeepAlive 607 5 Notification 609 Each TLV is described below. 611 In addition, the following TLV Types are assigned but not described 612 in this memo: 614 Code Type 615 =========================================================== 616 6 MSDP traceroute in progress 617 7 MSDP traceroute reply 619 16.2.1. IPv4 Source-Active TLV 621 The maximum size SA message that can be sent is 9192 octets. The 9192 622 octet size does not include the TCP, IP, layer-2 headers. 624 0 1 2 3 625 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 626 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 627 | 1 | x + y | Entry Count | 628 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 629 | RP Address | 630 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 631 | Reserved | Sprefix Len | \ 632 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ \ 633 | Group Address | ) z 634 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ / 635 | Source Address | / 636 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 638 Type 639 IPv4 Source-Active TLV is type 1. 641 Length x 642 Is the length of the control information in the message. x is 643 8 octets (for the first two 32-bit quantities) plus 12 times 644 Entry Count octets. 646 Length y 647 If 0, then there is no data encapsulated. Otherwise an IPv4 648 packet follows and y is the length of the total length field 649 of the IPv4 header encapsulated. If there are multiple SA TLVs 650 in a message, and data is also included, y must be 0 in all SA 651 TLVs except the last one and the last SA TLV must reflect the 652 source and destination addresses in the IP header of the 653 encapsulated data. 655 Entry Count 656 Is the count of z entries (note above) which follow the RP 657 address field. This is so multiple (S,G)s from the same domain 658 can be encoded efficiently for the same RP address. 660 RP Address 661 The address of the RP in the domain the source has become 662 active in. 664 Reserved 665 The Reserved field MUST be transmitted as zeros and MUST be 666 ignored by a receiver. 668 Sprefix Len 669 The route prefix length associated with source address. 670 This field MUST be transmitted as 32 (/32). An Invalid 671 Sprefix Len Notification SHOULD be sent upon receipt 672 of any other value. 674 Group Address 675 The group address the active source has sent data to. 677 Source Address 678 The IP address of the active source. 680 Multiple SA TLVs MAY appear in the same message and can be batched 681 for efficiency at the expense of data latency. This would typically 682 occur on intermediate forwarding of SA messages. 684 16.2.2. IPv4 Source-Active Request TLV 686 The Source-Active Request is used to request SA-state from a MSDP 687 peer. If an RP in a domain receives a PIM Join message for a group, 688 creates (*,G) state and wants to know all active sources for group G, 689 it may send an SA-Request message for the group. 691 0 1 2 3 692 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 693 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 694 | 2 | 8 | Reserved | 695 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 696 | Group Address | 697 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 699 Type 700 IPv4 Source-Active Request TLV is type 2. 702 Reserved 703 Must be transmitted as zero and ignored on receipt. 705 Group Address 706 The group address the MSDP peer is requesting. 708 16.2.3. IPv4 Source-Active Response TLV 710 The Source-Active Response is sent in response to a Source-Active 711 Request message. The Source-Active Response message has the same 712 format as a Source-Active message but does not allow encapsulation of 713 multicast data. 715 0 1 2 3 716 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 717 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 718 | 3 | x | .... | 719 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 721 Type 722 IPv4 Source-Active Response TLV is type 3. 724 Length x 725 Is the length of the control information in the message. x is 8 726 octets (for the first two 32-bit quantities) plus 12 times Entry 727 Count octets. 729 16.2.4. KeepAlive TLV 731 A KeepAlive TLV is sent to an MSDP peer if and only if there were no 732 MSDP messages sent to the peer within [KeepAlive-Period] seconds. 733 This message is necessary to keep the MSDP connection alive. 735 0 1 2 3 736 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 737 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 738 | 4 | 3 | 739 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 741 The length of the message is 3 octets which encompasses the one octet 742 Type field and the two octet Length field. 744 16.2.5. Notification TLV 746 A Notification message is sent when an error condition is detected, 747 and has the following form: 749 0 1 2 3 750 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 751 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 752 | 5 | x + 5 |O| Error Code | 753 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 754 | Error subcode | ... | 755 +-+-+-+-+-+-+-+-+ | 756 | Data | 757 | ... | 758 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 760 Type 761 The Notification TLV is type 5. 763 Length 764 Length is a two octet field with value x + 5, where x is 765 the length of the notification data field. 767 O-bit 768 Open-bit. If clear, the connection will be closed. 770 Error code 771 This 7-bit unsigned integer indicates the type of Notification. 772 The following Error Codes have been defined: 774 Error Code Symbolic Name Reference 776 1 Message Header Error Section 17.1 777 2 SA-Request Error Section 17.2 778 3 SA-Message/SA-Response Error Section 17.3 779 4 Hold Timer Expired Section 17.4 780 5 Finite State Machine Error Section 17.5 781 6 Notification Section 17.6 782 7 Cease Section 17.7 784 Error subcode: 785 This one-octet unsigned integer provides more specific information 786 about the reported error. Each Error Code may have one or more Error 787 Subcodes associated with it. If no appropriate Error Subcode is 788 defined, then a zero (Unspecific) value is used for the Error Subcode 789 field, and the O-bit must be cleared (i.e. the connection will be 790 closed). The used notation in the error description below is: MC = 791 Must Close connection = O-bit clear; CC = Can Close connection = 792 O-bit MAY be cleared. 794 Message Header Error subcodes: 796 0 - Unspecific (MC) 797 2 - Bad Message Length (MC) 798 3 - Bad Message Type (CC) 800 SA-Request Error subcodes (the O-bit is always clear): 802 0 - Unspecific (MC) 803 1 - Invalid Group (MC) 805 SA-Message/SA-Response Error subcodes 807 0 - Unspecific (MC) 808 1 - Invalid Entry Count (CC) 809 2 - Invalid RP Address (MC) 810 3 - Invalid Group Address (MC) 811 4 - Invalid Source Address (MC) 812 5 - Invalid Sprefix Length (MC) 813 6 - Looping SA (Self is RP) (MC) 814 7 - Unknown Encapsulation (MC) 815 8 - Administrative Scope Boundary Violated (MC) 817 Hold Timer Expired subcodes (the O-bit is always clear): 819 0 - Unspecific (MC) 821 Finite State Machine Error subcodes (the O-bit is always clear): 823 0 - Unspecific (MC) 824 1 - Unexpected Message Type FSM Error (MC) 826 Notification subcodes (the O-bit is always clear): 828 0 - Unspecific (MC) 830 Cease subcodes (the O-bit is always clear): 832 0 - Unspecific (MC) 834 17. MSDP Error Handling 836 This section describes actions to be taken when errors are detected 837 while processing MSDP messages. MSDP Error Handling is similar to 838 that of BGP [RFC1771]. 840 When any of the conditions described here are detected, a 841 Notification message with the indicated Error Code, Error Subcode, 842 and Data fields is sent. In addition, the MSDP connection MAY be 843 closed. If no Error Subcode is specified, then a zero (Unspecific) 844 must be used. 846 The phrase "the MSDP connection is closed" means that the transport 847 protocol connection has been closed and that all resources for that 848 MSDP connection have been deallocated. 850 17.1. Message Header Error Handling 852 All errors detected while processing the Message Header are indicated 853 by sending the Notification message with Error Code Message Header 854 Error. The Error Subcode describes the specific nature of the error. 855 The Data field contains the erroneous Message (including the message 856 header). 858 If the Length field of the message header is less than 4 or greater 859 than 1400, or the length of a KeepAlive message is not equal to 3, 860 then the Error Subcode is set to Bad Message Length. 862 If the Type field of the message header is not recognized, then the 863 Error Subcode is set to Bad Message Type. 865 17.2. SA-Request Error Handling 867 The SA-Request Error code is used to signal the receipt of a SA 868 request at a MSDP peer when an invalid group address requested. 870 When a MSDP peer receives a request for an invalid group, it returns 871 the following notification: 873 0 1 2 3 874 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 875 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 876 | 5 | 12 |O| 2 | 877 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 878 | 2 | Reserved | 879 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 880 | Group Address | 881 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 883 17.3. SA-Message/SA-Response Error Handling 885 The SA-Message/SA-Response Error code is used to signal the receipt 886 of a erroneous SA Message at an MSDP peer, or the receipt of an SA- 887 Response Message by a peer that did not issue a SA-Request. It has 888 the following form: 890 17.3.1. Invalid Entry Count (IEC) 892 0 1 2 3 893 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 894 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 895 | 5 | 6 |O| 3 | 896 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 897 | 1 | Entry Count | 898 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 900 17.3.2. Invalid RP Address 902 0 1 2 3 903 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 904 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 905 | 5 | 12 |O| 3 | 906 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 907 | 2 | Reserved | 908 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 909 | RP Address | 910 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 912 17.3.3. Invalid Group Address 914 0 1 2 3 915 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 916 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 917 | 5 | 12 |O| 3 | 918 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 919 | 3 | Reserved | 920 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 921 | Group Address | 922 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 924 17.3.4. Invalid Source Address 926 0 1 2 3 927 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 928 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 929 | 5 | 12 |O| 3 | 930 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 931 | 4 | Reserved | 932 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 933 | Source Address | 934 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 936 17.3.5. Invalid Sprefix Length (ISL) 938 0 1 2 3 939 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 940 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 941 | 5 | 6 |O| 3 | 942 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 943 | 5 | Sprefix Len | 944 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 946 17.3.6. Looping SAs (Self is RP in received SA) 948 0 1 2 3 949 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 950 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 951 | 5 | x + 5 |O| 3 | 952 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 953 | 6 | SA Message .... 954 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 956 Length x 957 x is the length of the looping SA message contained in the data 958 field of the Notification message. 960 17.3.7. Unknown Encapsulation 962 This notification is sent on receipt of SA data that is encapsulated 963 in an unknown encapsulation type. See section 18 for known 964 encapsulations. 966 0 1 2 3 967 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 968 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 969 | 5 | x + 5 |O| 3 | 970 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 971 | 7 | SA Message .... 972 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 974 Length x 975 x is the length of the SA message (which contained data which 976 was encapsulated in some unknown way) that is contained in the 977 data field of the Notification message. 979 17.3.8. Administrative Scope Boundary Violated 981 This notification is used when an SA message is received for a group 982 G from a peer which is across an administrative scope boundary for G. 984 0 1 2 3 985 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 986 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 987 | 5 | 12 |O| 3 | 988 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 989 | 8 | Reserved | 990 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 991 | Group Address | 992 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 994 17.4. Hold Time Expired 996 If a system has not received any MSDP message within the period 997 specified in the Hold Timer, the notification message with Hold Timer 998 Expired Error Code and no additional data MUST be sent and the MSDP 999 connection closed. 1001 17.5. Finite State Machine Error Handling 1003 Any error detected by the MSDP Finite State Machine (e.g., receipt of 1004 an unexpected event) is indicated by sending the Notification message 1005 with Error Code Finite State Machine Error. 1007 17.6. Notification Message Error Handling 1009 If a node sends a Notification message, and there is an error in that 1010 message, and the O-bit of that message is not clear, a Notification 1011 with O-bit clear, Error Code of Notification Error, and subcode 1012 Unspecific must be sent. In addition, the Data field must include 1013 the Notification message that triggered the error. However, if the 1014 erroneous Notification message had the O-bit clear, then any error, 1015 such as an unrecognized Error Code or Error Subcode, should be 1016 noticed, logged locally, and brought to the attention of the 1017 administrator of the remote node. 1019 17.7. Cease 1021 In absence of any fatal errors (that are indicated in this section), 1022 an MSDP node may choose at any given time to close its MSDP 1023 connection by sending the Notification message with Error Code Cease. 1024 However, the Cease Notification message MUST NOT be used when a fatal 1025 error indicated by this section does exist. 1027 18. SA Data Encapsulation 1029 This section describes UDP, GRE, and TCP encapsulation of data 1030 packets to be included with SA messages. Encapsulation type is a 1031 configuration option. 1033 18.1. UDP Data Encapsulation 1035 Data packets MAY be encapsulated in UDP. In this case, the UDP 1036 pseudo-header has the following form: 1038 0 1 2 3 1039 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1040 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1041 | Source Port | Destination Port | 1042 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1043 | Length | Checksum | 1044 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1045 | Origin RP Address | 1046 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1048 The Source port, Destination Port, Length, and Checksum are used 1049 according to RFC 768. Source and Destination ports are known via 1050 an implementation-specific method (e.g. per-peer configuration). 1052 Checksum 1053 The checksum is computed according to RFC 768 [RFC768]. 1055 Originating RP Address 1056 The Originating RP Address is the address of the RP sending 1057 the encapsulated data. 1059 18.2. GRE Encapsulation 1061 MSDP SA-data MAY be encapsulated in GRE using protocol type [MSDP- 1062 GRE-ProtocolType]. The GRE header and payload packet have the 1063 following form: 1065 0 1 2 3 1066 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1067 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1068 |C| Reserved0 | Ver | [MSDP-GRE-ProtocolType] |\ 1069 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ GRE Header 1070 | Checksum (optional) | Reserved1 |/ 1071 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1072 | Originating RP IPv4 Address |\ 1073 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Payload 1074 | (S,G) Data Packet .... / 1075 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1077 18.2.1. Encapsulation and Path MTU Discovery [RFC1191] 1079 Existing implementations of GRE, when using IPv4 as the Delivery 1080 Header, do not implement Path MTU discovery and do not set the Don't 1081 Fragment bit in the Delivery Header. This can cause large packets to 1082 become fragmented within the tunnel and reassembled at the tunnel 1083 exit (independent of whether the payload packet is using PMTU). If a 1084 tunnel entry point were to use Path MTU discovery, however, that 1085 tunnel entry point would also need to relay ICMP unreachable error 1086 messages (in particular the "fragmentation needed and DF set" code) 1087 back to the originator of the packet, which is not required by the 1088 GRE specification [RFC2784]. Failure to properly relay Path MTU 1089 information to an originator can result in the following behavior: 1090 the originator sets the don't fragment bit, the packet gets dropped 1091 within the tunnel, but since the originator doesn't receive proper 1092 feedback, it retransmits with the same PMTU, causing subsequently 1093 transmitted packets to be dropped. 1095 18.3. TCP Data Encapsulation 1097 As discussed earlier, encapsulation of data in SA messages MAY be 1098 supported for backwards compatibility with legacy MSDP peers. 1100 19. IANA Considerations 1102 The IANA should assign 0x0009 from the IANA SNAP Protocol IDs [IANA] 1103 to MSDP-GRE-ProtocolType. 1105 20. Security Considerations 1107 An MSDP implementation MUST use IPsec [RFC2401] to secure control 1108 messages. In particular, the TCP connection between MSDP peers MUST 1109 be secured using IPsec. When encapsulating data packets in GRE, 1110 security should be relatively similar to security in a normal IPv4 1111 network, as routing using GRE follows the same routing that IPv4 uses 1112 natively. Route filtering will remain unchanged. However packet 1113 filtering at a firewall requires either that a firewall look inside 1114 the GRE packet or that the filtering is done on the GRE tunnel 1115 endpoints. In those environments in which this is considered to be a 1116 security issue it may be desirable to terminate the tunnel at the 1117 firewall. 1119 21. Acknowledgments 1121 The editors would like to thank the original authors, Dino Farinacci, 1122 Yakov Rehkter, Peter Lothberg, Hank Kilmer, and Jermey Hall for their 1123 orginal contribution to the MSDP specification. In addition, Bill 1124 Nickless, John Meylor, Liming Wei, Manoj Leelanivas, Mark Turner, 1125 John Zwiebel, Cristina Radulescu-Banu, Brian Edwards, Selina 1126 Priestley and IJsbrand Wijnands provided useful and productive design 1127 feedback and comments. In addition to many other contributions, Tom 1128 Pusateri, Kristofer Warell, Henning Eriksson, and Thomas Eriksson 1129 helped to clarify the connection state machine, Dave Thaler helped to 1130 clarify the Notification message types. Ravi Shekhar helped clarify 1131 the semantics of mesh-groups, and countless others helped to clarify 1132 the Peer-RPF rules. 1134 22. Editors' Address: 1136 David Meyer 1137 Sprint 1138 12502 Sunrise Valley Drive 1139 Reston VA, 20191 1140 Email: dmm@sprint.net 1142 Bill Fenner 1143 AT&T Labs -- Research 1144 75 Willow Road 1145 Menlo Park, CA 94025 1146 Email: fenner@research.att.com 1148 23. REFERENCES 1150 [IANA] http://www.iana.org 1152 [RFC768] Postel, J. "User Datagram Protocol", RFC 768, August, 1153 1980. 1155 [RFC1191] Mogul, J., and S. Deering, "Path MTU Discovery", 1156 RFC 1191, November 1990. 1158 [RFC1771] Rekhter, Y., and T. Li, "A Border Gateway Protocol 4 1159 (BGP-4)", RFC 1771, March 1995. 1161 [RFC2119] S. Bradner, "Key words for use in RFCs to Indicate 1162 Requirement Levels", RFC 2119, March, 1997. 1164 [RFC2283] Bates, T., Chandra, R., Katz, D., and Y. Rekhter., 1165 "Multiprotocol Extensions for BGP-4", RFC 2283, 1166 February 1998. 1168 [RFC2362] Estrin D., et al., "Protocol Independent Multicast - 1169 Sparse Mode (PIM-SM): Protocol Specification", RFC 1170 2362, June 1998. 1172 [RFC2365] Meyer, D. "Administratively Scoped IP Multicast", RFC 1173 2365, July, 1998. 1175 [RFC2401] Kent, S. and R. Atkinson, "Security Architecture for 1176 the Internet Protocol", RFC 2401, November 1998. 1178 [RFC2784] Farinacci, D., et al., "Generic Routing Encapsulation 1179 (GRE)", RFC 2784, March 2000. 1181 24. Full Copyright Statement 1183 Copyright (C) The Internet Society (2001). All Rights Reserved. 1185 This document and translations of it may be copied and furnished to 1186 others, and derivative works that comment on or otherwise explain it 1187 or assist in its implementation may be prepared, copied, published 1188 and distributed, in whole or in part, without restriction of any 1189 kind, provided that the above copyright notice and this paragraph are 1190 included on all such copies and derivative works. However, this 1191 document itself may not be modified in any way, such as by removing 1192 the copyright notice or references to the Internet Society or other 1193 Internet organizations, except as needed for the purpose of 1194 developing Internet standards in which case the procedures for 1195 copyrights defined in the Internet Standards process must be 1196 followed, or as required to translate it into languages other than 1197 English. 1199 The limited permissions granted above are perpetual and will not be 1200 revoked by the Internet Society or its successors or assigns. 1202 This document and the information contained herein is provided on an 1203 "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING 1204 TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING 1205 BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION 1206 HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF 1207 MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.