| < draft-ietf-bier-ospf-bier-extensions-12.txt | draft-ietf-bier-ospf-bier-extensions-13.txt > | |||
|---|---|---|---|---|
| OSPF P. Psenak, Ed. | OSPF P. Psenak, Ed. | |||
| Internet-Draft N. Kumar | Internet-Draft N. Kumar | |||
| Intended status: Standards Track IJ. Wijnands | Intended status: Standards Track IJ. Wijnands | |||
| Expires: August 18, 2018 Cisco | Expires: August 24, 2018 Cisco | |||
| A. Dolganow | A. Dolganow | |||
| Nokia | Nokia | |||
| T. Przygienda | T. Przygienda | |||
| J. Zhang | J. Zhang | |||
| Juniper Networks, Inc. | Juniper Networks, Inc. | |||
| S. Aldrin | S. Aldrin | |||
| Google, Inc. | Google, Inc. | |||
| February 14, 2018 | February 20, 2018 | |||
| OSPF Extensions for BIER | OSPF Extensions for BIER | |||
| draft-ietf-bier-ospf-bier-extensions-12.txt | draft-ietf-bier-ospf-bier-extensions-13.txt | |||
| Abstract | Abstract | |||
| Bit Index Explicit Replication (BIER) is an architecture that | Bit Index Explicit Replication (BIER) is an architecture that | |||
| provides multicast forwarding through a "BIER domain" without | provides multicast forwarding through a "BIER domain" without | |||
| requiring intermediate routers to maintain multicast related per-flow | requiring intermediate routers to maintain multicast related per-flow | |||
| state. Neither does BIER require an explicit tree-building protocol | state. Neither does BIER require an explicit tree-building protocol | |||
| for its operation. A multicast data packet enters a BIER domain at a | for its operation. A multicast data packet enters a BIER domain at a | |||
| "Bit-Forwarding Ingress Router" (BFIR), and leaves the BIER domain at | "Bit-Forwarding Ingress Router" (BFIR), and leaves the BIER domain at | |||
| one or more "Bit-Forwarding Egress Routers" (BFERs). The BFIR router | one or more "Bit-Forwarding Egress Routers" (BFERs). The BFIR router | |||
| skipping to change at page 2, line 7 ¶ | skipping to change at page 2, line 7 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on August 18, 2018. | This Internet-Draft will expire on August 24, 2018. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2018 IETF Trust and the persons identified as the | Copyright (c) 2018 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (https://trustee.ietf.org/license-info) in effect on the date of | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 7, line 10 ¶ | skipping to change at page 7, line 10 ¶ | |||
| received from R1 in Area 1 and includes it in the Extended Prefix | received from R1 in Area 1 and includes it in the Extended Prefix | |||
| Opaque LSA it generates for 192.0.2.1/32 in Area 0. ABR R3 | Opaque LSA it generates for 192.0.2.1/32 in Area 0. ABR R3 | |||
| calculates the reachability for prefix 192.0.2.1/32 inside Area 0 | calculates the reachability for prefix 192.0.2.1/32 inside Area 0 | |||
| and propagates it to Area 2. When doing so, it copies the entire | and propagates it to Area 2. When doing so, it copies the entire | |||
| BIER Sub-TLV (including all its Sub-TLVs) it received from R2 in | BIER Sub-TLV (including all its Sub-TLVs) it received from R2 in | |||
| Area 0 and includes it in the Extended Prefix Opaque LSA it | Area 0 and includes it in the Extended Prefix Opaque LSA it | |||
| generates for 192.0.2.1/32 in Area 2. | generates for 192.0.2.1/32 in Area 2. | |||
| 3. Security Considerations | 3. Security Considerations | |||
| Implementations must assure that malformed TLV and Sub-TLV | This document introduces new sub-TLVs for existing OSPF Extended | |||
| permutations do not result in errors which cause hard OSPF failures. | Prefix TLV. It does not introduce any new security risks to OSPF. | |||
| Existing security extensions as described in [RFC2328] and [RFC7684] | ||||
| apply. | ||||
| It is assumed that both BIER and OSPF layer is under a single | ||||
| administrative domain. There can be deployments where potential | ||||
| attackers have access to one or more networks in the OSPF routing | ||||
| domain. In these deployments, stronger authentication mechanisms | ||||
| such as those specified in [RFC7474] SHOULD be used. | ||||
| Implementations MUST assure that malformed TLV and Sub-TLV defined in | ||||
| this document are detected and do not provide a vulnerability for | ||||
| attackers to crash the OSPF router or routing process. Reception of | ||||
| malformed TLV or Sub-TLV SHOULD be counted and/or logged for further | ||||
| analysis. Logging of malformed TLVs and Sub-TLVs SHOULD be rate- | ||||
| limited to prevent a Denial of Service (DoS) attack (distributed or | ||||
| otherwise) from overloading the OSPF control plane. | ||||
| 4. IANA Considerations | 4. IANA Considerations | |||
| The document requests three new allocations from the OSPF Extended | The document requests three new allocations from the OSPF Extended | |||
| Prefix sub-TLV registry as defined in [RFC7684]. | Prefix sub-TLV registry as defined in [RFC7684]. | |||
| BIER Sub-TLV: 9 | BIER Sub-TLV: 9 | |||
| BIER MPLS Encapsulation Sub-TLV: 10 | BIER MPLS Encapsulation Sub-TLV: 10 | |||
| End of changes. 5 change blocks. | ||||
| 6 lines changed or deleted | 22 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||