BIER Z. Zhang Internet-Draft Juniper Networks Intended status: Standards Track 9 March 2023 Expires: 10 September 2023 BIER Penultimate Hop Popping draft-ietf-bier-php-10 Abstract Bit Index Explicit Replication (BIER) can be used as provider tunnel for Multicast Virtual Private Network (MVPN), Global Table Multicast or Ethernet Virtual Private Network (EVPN). It is possible that not all routers in the provider network support BIER and there are various methods to handle BIER-incapable transit routers. However those methods assume the MVPN/EVPN Provider Edges (PEs) are BIER- capable. This document specifies a method to allow BIER-incapable routers to act as MVPN/EVPN PEs with BIER as the transport, by having the upstream BIER Forwarding Router (BFR) that is connected directly or indirectly via a tunnel to a BIER-incapable PE remove the BIER header and send the payload to the PE. Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on 10 September 2023. Zhang Expires 10 September 2023 [Page 1] Internet-Draft bier-php March 2023 Copyright Notice Copyright (c) 2023 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/ license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 2. Specifications . . . . . . . . . . . . . . . . . . . . . . . 3 2.1. Signaling . . . . . . . . . . . . . . . . . . . . . . . . 4 2.2. BIRT/BIFT Calculation . . . . . . . . . . . . . . . . . . 5 3. Security Considerations . . . . . . . . . . . . . . . . . . . 5 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5 5. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 6 6. References . . . . . . . . . . . . . . . . . . . . . . . . . 6 6.1. Normative References . . . . . . . . . . . . . . . . . . 6 6.2. Informative References . . . . . . . . . . . . . . . . . 8 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 8 1. Introduction The BIER architecture includes three layers: the "routing underlay", the "BIER layer", and the "multicast flow overlay". The multicast flow overlay is responsible for the BIER Forwarding Egress Routers (BFERs) to signal to BIER Forwarding Ingress Routers (BFIRs) that they are interested in receiving certain multicast flows so that BFIRs can encode the correct bitstring for BIER forwarding by the BIER layer. MVPN [RFC6513] [RFC6514] and EVPN [RFC7432] are two similar overlays where BGP Auto-Discovery routes for MVPN/EVPN are exchanged among all PEs to signal which PEs need to receive multicast traffic for all or certain flows. Typically the same provider tunnel type is used for traffic to reach all receiving PEs. Consider an MVPN/EVPN deployment where enough provider routers are BIER-capable for BIER to become the preferred choice of provider tunnel [RFC8556] [I-D.ietf-bier-evpn]. However, some PEs cannot be upgraded to support BIER forwarding. While there are ways to allow Zhang Expires 10 September 2023 [Page 2] Internet-Draft bier-php March 2023 an ingress PE to send traffic to some PEs with one type of tunnel and send traffic to some other PEs with a different type of tunnel, the procedure becomes complicated and forwarding is not optimized. One way to solve this problem is to use Penultimate Hop Popping (PHP) so that the upstream BFR can pop the BIER header [RFC8296] and send the payload "natively" (note that the upstream BFR can be connected directly or indirectly via any type of tunnel to the PE). This is similar to Multi-Protocol Label Switching (MPLS) PHP though it is the BIER header that is popped. The transition of an existing MVPN/EVPN deployment with traditional provider tunnels to using BIER with some PEs not capable of receiving BIER packets can be incremental. All PEs are first upgraded to support BIER at least in the control plane, with those not capable of BIER forwarding requesting PHP. Then BIER-capable ingress PEs independently and incrementally switch to BIER transport. While the above text uses MVPN/EVPN as example, BIER PHP is applicable to any scenario where the multicast flow overlay edge router does not support BIER, as long as the edge router does not need to know the transmitting BFIR or participate in BIER OAM procedures. This works well if a BIER-incapable PE only needs to receive multicast traffic. If it needs to send multicast traffic as well, then it must Ingress Replicate to a BIER-capable helper PE, who will in turn relay the packet to other PEs. The helper PE is either a Virtual Hub as specified in [RFC7024] for MVPN and [I-D.ietf-bess-evpn-virtual-hub] for EVPN, or an AR-Replicator as specified in [I-D.ietf-bess-evpn-optimized-ir] for EVPN. 2. Specifications The BIER Penultimate Hop Popping is intended only for the scenario where a multicast flow overlay router for a BIER domain does not support BIER forwarding, either entirely or just for some particular BitStringLengths (BSL). In the latter case, PHP is only for BIER packets with those BSL. The flow overlay router would be a BFER if it did support BIER forwarding, and PHP would not be done by its penultimate hop. The procedures in this section apply only if, by means outside the scope of this document, it is known that all potential penultimate hop BFRs support PHP (i.e., able to pop the BIER header when sending to a requesting flow overlay router) , and that the payload after BIER header is one of the following: Zhang Expires 10 September 2023 [Page 3] Internet-Draft bier-php March 2023 * MPLS packets with downstream-assigned label at top of stack (i.e., the Proto field in the BIER header is 1). For example, a label from a Domain-wide Common Block (DCB) is used as specified in [I-D.ietf-bess-mvpn-evpn-aggregation-label]. * IPv4/IPv6 multicast packets for which Reverse Path Forwarding check is disabled. 2.1. Signaling With IS-IS signaling, a sub-TLV in another sub-TLV is called sub-sub- TLV (and more sub-levels are possible like sub-sub-sub-TLV). With other signaling protocols, a sub-TLV in another sub-TLV is still called sub-TLV. For convenience, in this document we use sub-TLV even when it is sub-sub-TLV in IS-IS, as there is no ambiguity with the name itself (e.g. MPLS Encapsulation). A BIER-incapable router, if acting as a multicast flow overlay router for BIER, MUST signal its BIER information as specified in [RFC8401], [RFC8444], [I-D.ietf-bier-ospfv3-extensions], or [I-D.ietf-bier-idr-extensions] with a PHP sub-TLV included in the BIER sub-TLV (or TLV in case of BGP) attached to the BIER-incapable router's BFR-prefix to request BIER PHP from other BFRs. The type of the sub-TLV or sub-TLV is TBD, and the length is 0. With MPLS encapsulation, the BIER-incapable multicast flow overlay router MAY omit the BIER MPLS Encapsulation sub-LV, or MUST set the Label field in BIER MPLS Encapsulation sub-TLV to Implicit Null Label [RFC3032]. With MPLS encapsulation, if a BFER (that does support BIER but) does not support a certain BSL, it MAY advertise a corresponding BIER MPLS Encapsulation sub-TLV with the Label field to Implicit Null Label to request PHP for that BSL. It MUST NOT include the PHP sub-TLV in this case. With non-MPLS encapsulation [I-D.ietf-bier-lsr-non-mpls-extensions], the BIER-incapable multicast flow overlay router MAY omit the BIER non-MPLS Encapsulation sub-TLV, or MUST set the BIFT-id field in the BIER non-MPLS Encapsulation sub-TLV to 0. With non-MPLS encapsulation, if a BFER (that does support BIER but) does not support certain BSL, it MAY advertise a corresponding BIER non-MPLS Encapsulation sub-TLV but set the BIFT-id field to 0 to request PHP for that BSL. It MUST NOT include the PHP sub-TLV in this case. Zhang Expires 10 September 2023 [Page 4] Internet-Draft bier-php March 2023 2.2. BIRT/BIFT Calculation If a BFR follows section 6.9 of [RFC8279] to handle BIER-incapable routers, it MUST treat a router as BIER-incapable for a BSL if the label in the corresponding MPLS Encapsulation sub-TLV advertised by the router is Implicit Null, or if the BIFT-id in the corresponding non-MPLS Encapsulation sub-TLV is 0. It MUST treat the router as BIER-incapable for all BSLs if the router advertises a PHP sub-TLV. That way, the router will not used as a transit BFR for certain or for all BSLs. If the downstream neighbor (either resulting in IGP calculation or carried in the BIER Nexthop sub-TLV in case of BGP) for a BFR-prefix is the one advertising the prefix with a PHP sub-TLV or with an Implicit Null Label in its BIER MPLS Encapsulation sub-TLV, or with BIFT-id 0 in its BIER non-MPLS Encapsulation sub-TLV, then when the corresponding BIRT or BIFT entry is created/updated, the forwarding behavior MUST be that the BIER header is removed and the payload be sent to the downstream router without the BIER header, either directly or over any type of tunnel. 3. Security Considerations This specification does not introduce additional security concerns beyond those already discussed in BIER architecture and OSPF/IS-IS/ BGP extensions for BIER signaling. 4. IANA Considerations This document requests a new sub-sub-TLV type value from the "Sub- sub-TLVs for BIER Info Sub-TLV" registry within the "IS-IS TLV Codepoints" registry: Type Name ---- ---- TBD BIER PHP Request This document requests a new sub-TLV type value from the OSPFv2 Extended Prefix TLV Sub-TLV registry: Type Name ---- ---- TBD BIER PHP Request This document requests a new sub-TLV type value from the OSPFv3 Extended LSA Sub-TLVs registry: Zhang Expires 10 September 2023 [Page 5] Internet-Draft bier-php March 2023 Type Name ---- ---- TBD BIER PHP Request This document requests a new sub-TLV type value from the BGP BIER TLV sub-TLV Types registry requested in [I-D.ietf-bier-idr-extensions]: Type Name ---- ---- TBD BIER PHP Request 5. Acknowledgements The author wants to thank Eric Rosen and Antonie Przygienda for their review, comments and suggestions. The author also wants to thank Senthil Dhanaraj for his suggestion of requesting PHP if a BFER does not support certain BSL. 6. References 6.1. Normative References [I-D.ietf-bess-mvpn-evpn-aggregation-label] Zhang, Z. J., Rosen, E. C., Lin, W., Li, Z., and I. Wijnands, "MVPN/EVPN Tunnel Aggregation with Common Labels", Work in Progress, Internet-Draft, draft-ietf- bess-mvpn-evpn-aggregation-label-09, 12 December 2022, . [I-D.ietf-bier-evpn] Zhang, Z. J., Przygienda, T., Sajassi, A., and J. Rabadan, "EVPN BUM Using BIER", Work in Progress, Internet-Draft, draft-ietf-bier-evpn-08, 4 January 2023, . [I-D.ietf-bier-idr-extensions] Xu, X., Chen, M., Patel, K., Wijnands, I., Przygienda, T., and Z. J. Zhang, "BGP Extensions for BIER", Work in Progress, Internet-Draft, draft-ietf-bier-idr-extensions- 09, 15 February 2023, . [I-D.ietf-bier-lsr-non-mpls-extensions] Dhanaraj, S., Yan, G., Wijnands, I., Psenak, P., Zhang, Z. J., and J. Xie, "LSR Extensions for BIER non-MPLS Zhang Expires 10 September 2023 [Page 6] Internet-Draft bier-php March 2023 Encapsulation", Work in Progress, Internet-Draft, draft- ietf-bier-lsr-non-mpls-extensions-01, 19 September 2022, . [I-D.ietf-bier-ospfv3-extensions] Psenak, P., Nainar, N. K., and I. Wijnands, "OSPFv3 Extensions for BIER", Work in Progress, Internet-Draft, draft-ietf-bier-ospfv3-extensions-07, 1 December 2022, . [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . [RFC3032] Rosen, E., Tappan, D., Fedorkow, G., Rekhter, Y., Farinacci, D., Li, T., and A. Conta, "MPLS Label Stack Encoding", RFC 3032, DOI 10.17487/RFC3032, January 2001, . [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017, . [RFC8279] Wijnands, IJ., Ed., Rosen, E., Ed., Dolganow, A., Przygienda, T., and S. Aldrin, "Multicast Using Bit Index Explicit Replication (BIER)", RFC 8279, DOI 10.17487/RFC8279, November 2017, . [RFC8296] Wijnands, IJ., Ed., Rosen, E., Ed., Dolganow, A., Tantsura, J., Aldrin, S., and I. Meilik, "Encapsulation for Bit Index Explicit Replication (BIER) in MPLS and Non- MPLS Networks", RFC 8296, DOI 10.17487/RFC8296, January 2018, . [RFC8401] Ginsberg, L., Ed., Przygienda, T., Aldrin, S., and Z. Zhang, "Bit Index Explicit Replication (BIER) Support via IS-IS", RFC 8401, DOI 10.17487/RFC8401, June 2018, . [RFC8444] Psenak, P., Ed., Kumar, N., Wijnands, IJ., Dolganow, A., Przygienda, T., Zhang, J., and S. Aldrin, "OSPFv2 Extensions for Bit Index Explicit Replication (BIER)", RFC 8444, DOI 10.17487/RFC8444, November 2018, . Zhang Expires 10 September 2023 [Page 7] Internet-Draft bier-php March 2023 [RFC8556] Rosen, E., Ed., Sivakumar, M., Przygienda, T., Aldrin, S., and A. Dolganow, "Multicast VPN Using Bit Index Explicit Replication (BIER)", RFC 8556, DOI 10.17487/RFC8556, April 2019, . 6.2. Informative References [I-D.ietf-bess-evpn-optimized-ir] Rabadan, J., Sathappan, S., Lin, W., Katiyar, M., and A. Sajassi, "Optimized Ingress Replication Solution for Ethernet VPN (EVPN)", Work in Progress, Internet-Draft, draft-ietf-bess-evpn-optimized-ir-12, 25 January 2022, . [I-D.ietf-bess-evpn-virtual-hub] Patel, K., Sajassi, A., Drake, J., Zhang, Z. J., and W. Henderickx, "Virtual Hub-and-Spoke in BGP EVPNs", Work in Progress, Internet-Draft, draft-ietf-bess-evpn-virtual- hub-00, 26 January 2020, . [RFC6513] Rosen, E., Ed. and R. Aggarwal, Ed., "Multicast in MPLS/ BGP IP VPNs", RFC 6513, DOI 10.17487/RFC6513, February 2012, . [RFC6514] Aggarwal, R., Rosen, E., Morin, T., and Y. Rekhter, "BGP Encodings and Procedures for Multicast in MPLS/BGP IP VPNs", RFC 6514, DOI 10.17487/RFC6514, February 2012, . [RFC7024] Jeng, H., Uttaro, J., Jalil, L., Decraene, B., Rekhter, Y., and R. Aggarwal, "Virtual Hub-and-Spoke in BGP/MPLS VPNs", RFC 7024, DOI 10.17487/RFC7024, October 2013, . [RFC7432] Sajassi, A., Ed., Aggarwal, R., Bitar, N., Isaac, A., Uttaro, J., Drake, J., and W. Henderickx, "BGP MPLS-Based Ethernet VPN", RFC 7432, DOI 10.17487/RFC7432, February 2015, . Author's Address Zhaohui Zhang Juniper Networks Email: zzhang@juniper.net Zhang Expires 10 September 2023 [Page 8]