idnits 2.17.1 draft-ietf-bfd-seamless-ip-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (January 2, 2015) is 3401 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-11) exists of draft-ietf-bfd-seamless-base-03 Summary: 0 errors (**), 0 flaws (~~), 2 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Internet Engineering Task Force N. Akiya 3 Internet-Draft C. Pignataro 4 Intended status: Standards Track D. Ward 5 Expires: July 6, 2015 Cisco Systems 6 January 2, 2015 8 Seamless Bidirectional Forwarding Detection (S-BFD) for 9 IPv4, IPv6 and MPLS 10 draft-ietf-bfd-seamless-ip-01 12 Abstract 14 This document defines procedures to use Seamless Bidirectional 15 Forwarding Detection (S-BFD) for IPv4, IPv6 and MPLS environments. 17 Requirements Language 19 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 20 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 21 document are to be interpreted as described in RFC 2119 [RFC2119]. 23 Status of This Memo 25 This Internet-Draft is submitted in full conformance with the 26 provisions of BCP 78 and BCP 79. 28 Internet-Drafts are working documents of the Internet Engineering 29 Task Force (IETF). Note that other groups may also distribute 30 working documents as Internet-Drafts. The list of current Internet- 31 Drafts is at http://datatracker.ietf.org/drafts/current/. 33 Internet-Drafts are draft documents valid for a maximum of six months 34 and may be updated, replaced, or obsoleted by other documents at any 35 time. It is inappropriate to use Internet-Drafts as reference 36 material or to cite them other than as "work in progress." 38 This Internet-Draft will expire on July 6, 2015. 40 Copyright Notice 42 Copyright (c) 2015 IETF Trust and the persons identified as the 43 document authors. All rights reserved. 45 This document is subject to BCP 78 and the IETF Trust's Legal 46 Provisions Relating to IETF Documents 47 (http://trustee.ietf.org/license-info) in effect on the date of 48 publication of this document. Please review these documents 49 carefully, as they describe your rights and restrictions with respect 50 to this document. Code Components extracted from this document must 51 include Simplified BSD License text as described in Section 4.e of 52 the Trust Legal Provisions and are provided without warranty as 53 described in the Simplified BSD License. 55 Table of Contents 57 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 58 2. S-BFD UDP Port . . . . . . . . . . . . . . . . . . . . . . . 2 59 3. S-BFD Echo UDP Port . . . . . . . . . . . . . . . . . . . . . 3 60 4. S-BFD Control Packet Demultiplexing . . . . . . . . . . . . . 3 61 5. Initiator Procedures . . . . . . . . . . . . . . . . . . . . 3 62 5.1. Details of S-BFD Control Packet Sent by SBFDInitiator . . 3 63 5.2. Target vs. Remote Entity (S-BFD Discriminator) . . . . . 4 64 6. Responder Procedures . . . . . . . . . . . . . . . . . . . . 4 65 6.1. Details of S-BFD Control Packet Sent by SBFDReflector . . 5 66 7. Security Considerations . . . . . . . . . . . . . . . . . . . 5 67 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5 68 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 6 69 10. Contributing Authors . . . . . . . . . . . . . . . . . . . . 6 70 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 6 71 11.1. Normative References . . . . . . . . . . . . . . . . . . 6 72 11.2. Informative References . . . . . . . . . . . . . . . . . 7 73 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 7 75 1. Introduction 77 Seamless Bidirectional Forwarding Detection (S-BFD), 78 [I-D.ietf-bfd-seamless-base], defines a generalized mechanism to 79 allow network nodes to seamlessly perform continuity checks to remote 80 entities. This document defines necessary procedures to use S-BFD on 81 IPv4, IPv6 and MPLS environments. 83 The reader is expected to be familiar with the IP, MPLS BFD and S-BFD 84 terminologies and protocol constructs. 86 2. S-BFD UDP Port 88 A new UDP port is defined for the use of the S-BFD on IPv4, IPv6 and 89 MPLS environments: 7784. SBFDReflector session MUST listen for 90 incoming S-BFD control packets on the port 7784. SBFDInitiator 91 sessions MUST transmit S-BFD control packets with destination port 92 7784. The source port of the S-BFD control packets transmitted by 93 SBFDInitiator sessions can be of any but MUST NOT be 7784. The same 94 UDP source port number MUST be used for all S-BFD control packets 95 associated with a particular SBFDInitiator session. The source port 96 number MAY be unique among all SBFDInitiator sessions on the system. 98 3. S-BFD Echo UDP Port 100 The BFD Echo port defined by [RFC5881], port 3785, is used for the 101 S-BFD Echo function on IPv4, IPv6 and MPLS environments. 102 SBFDInitiator sessions MUST transmit S-BFD echo packets with 103 destination port 3785. This document defines only the UDP port value 104 for the S-BFD Echo function. The source port and the procedures for 105 the S-BFD Echo function are outside the scope of this document. 107 4. S-BFD Control Packet Demultiplexing 109 Received BFD control packet MUST be demultiplexed with the 110 destination UDP port field. If the port is 7784, then the packet 111 MUST be looked up to locate a corresponding SBFDReflector session 112 based on the value from the "your discriminator" field in the table 113 describing S-BFD discriminators. If the port is not 7784, then the 114 packet MUST be looked up to locate a corresponding SBFDInitiator 115 session or classical BFD session based on the value from the "your 116 discriminator" field in the table describing BFD discriminators. If 117 the located session is an SBFDInitiator, then the destination IP 118 address of the packet SHOULD be validated to be for self. 120 5. Initiator Procedures 122 S-BFD control packets are transmitted with IP header, UDP header and 123 BFD control header ([RFC5880]). When S-BFD control packets are 124 explicitly label switched (i.e. not IP routed which happen to go over 125 an LSP, but explicitly sent on a specific LSP), the former is 126 prepended with a label stack. Note that this document does not make 127 a distinction between a single-hop S-BFD scenario and a multi-hop 128 S-BFD scenario, both scenarios are supported. 130 Necessary values in the BFD control headers are described in 131 [I-D.ietf-bfd-seamless-base]. Section 5.1 describes necessary values 132 in the MPLS header, IP header and UDP header when an SBFDInitiator on 133 the initiator is sending S-BFD control packets. 135 5.1. Details of S-BFD Control Packet Sent by SBFDInitiator 137 o Specifications common to both IP routed S-BFD control packets and 138 explicitly label switched S-BFD control packets: 140 * Source IP address field of the IP header MUST be set to a local 141 IP address that is expected to be routable by the target (i.e. 142 not IPv6 link-local address when the target is multiple hops 143 away). 145 * UDP destination port MUST be set to a well-known UDP 146 destination port assigned for S-BFD: 7784. 148 * UDP source port MUST be set to a value that is not 7784. 150 o Specifications for IP routed S-BFD control packets: 152 * Destination IP address field of the IP header MUST set to an IP 153 address of the target. 155 * TTL field of the IP header SHOULD be set to 255. 157 o Specifications for explicitly label switched S-BFD control 158 packets: 160 * S-BFD control packets MUST have the label stack that is 161 expected to reach the target. 163 * TTL field of the top most label SHOULD be 255. 165 * The destination IP address MUST be chosen from the 127/8 range 166 for IPv4 and from the 0:0:0:0:0:FFFF:7F00/104 range for IPv6. 168 * TTL field of the IP header MUST be set to 1. 170 5.2. Target vs. Remote Entity (S-BFD Discriminator) 172 Typically, an S-BFD control packet will have "your discriminator" 173 field corresponding to an S-BFD discriminator of the remote entity 174 located on the target network node defined by the destination IP 175 address or the label stack. It is, however, possible for an 176 SBFDInitiator to carefully set "your discriminator" and TTL fields to 177 perform a continuity test towards a target but to a transit network 178 node. 180 Section 5.1 intentionally uses the word "target", instead of "remote 181 entity", to accommodate this possible S-BFD usage through TTL expiry. 182 This also requires S-BFD control packets not be dropped by the 183 responder node due to TTL expiry. Thus implementations on the 184 responder MUST allow received S-BFD control packets taking TTL expiry 185 exception path to reach corresponding reflector BFD session. 187 6. Responder Procedures 189 S-BFD control packets are IP routed back to the initiator, and will 190 have IP header, UDP header and BFD control header. If an 191 SBFDReflector receives an S-BFD control packet with UDP source port 192 as 7784, the packet MUST be discarded. Necessary values in the BFD 193 control header are described in [I-D.ietf-bfd-seamless-base]. 194 Section 6.1 describes necessary values in the IP header and UDP 195 header when an SBFDReflector on the responder is sending S-BFD 196 control packets. 198 6.1. Details of S-BFD Control Packet Sent by SBFDReflector 200 o Destination IP address field of the IP header MUST be copied from 201 source IP address field of received S-BFD control packet. 203 o Source IP address field of the IP header MUST be set to a local IP 204 address that is expected to be visible by the initiator (i.e. not 205 IPv6 link-local address when the initiator is multiple hops away). 207 o TTL field of the IP header SHOULD be set to 255. 209 o UDP destination port MUST be copied from received UDP source port. 211 o UDP source port MUST be copied from received UDP destination port. 213 7. Security Considerations 215 Security considerations for S-BFD are discussed in 216 [I-D.ietf-bfd-seamless-base]. Additionally, implementing the 217 following measures will strengthen security aspects of the mechanism 218 described by this document: 220 o Implementations MUST provide filtering capability based on source 221 IP addresses of received S-BFD control packets: [RFC2827]. 223 o Implementations MUST NOT act on received S-BFD control packets 224 containing Martian addresses as source IP addresses. 226 o Implementations MUST ensure that response S-BFD control packets 227 generated to the initiator by the SBFDReflector have a reachable 228 target (ex: destination IP address). 230 8. IANA Considerations 232 A new value 7784 was allocated from the "Service Name and Transport 233 Protocol Port Number Registry". The allocated registry entry is: 235 Service Name (REQUIRED) 236 s-bfd 237 Transport Protocol(s) (REQUIRED) 238 udp 239 Assignee (REQUIRED) 240 IESG 241 Contact (REQUIRED) 242 BFD Chairs 243 Description (REQUIRED) 244 Seamless Bidirectional Forwarding Detection (S-BFD) 245 Reference (REQUIRED) 246 draft-akiya-bfd-seamless-ip 247 Port Number (OPTIONAL) 248 7784 250 9. Acknowledgements 252 The authors would like to thank the BFD WG members for helping to 253 shape the contents of this document. In particular, significant 254 contributions were made by following people: Marc Binderberger, 255 Jeffrey Haas, Santosh Pallagatti, Greg Mirsky, Sam Aldrin, Vengada 256 Prasad Govindan, Mallik Mudigonda and Srihari Raghavan. 258 10. Contributing Authors 260 Tarek Saad 261 Cisco Systems 262 Email: tsaad@cisco.com 264 Siva Sivabalan 265 Cisco Systems 266 Email: msiva@cisco.com 268 Nagendra Kumar 269 Cisco Systems 270 Email: naikumar@cisco.com 272 11. References 274 11.1. Normative References 276 [I-D.ietf-bfd-seamless-base] 277 Akiya, N., Pignataro, C., Ward, D., Bhatia, M., and J. 278 Networks, "Seamless Bidirectional Forwarding Detection 279 (S-BFD)", draft-ietf-bfd-seamless-base-03 (work in 280 progress), August 2014. 282 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 283 Requirement Levels", BCP 14, RFC 2119, March 1997. 285 [RFC5880] Katz, D. and D. Ward, "Bidirectional Forwarding Detection 286 (BFD)", RFC 5880, June 2010. 288 [RFC5881] Katz, D. and D. Ward, "Bidirectional Forwarding Detection 289 (BFD) for IPv4 and IPv6 (Single Hop)", RFC 5881, June 290 2010. 292 11.2. Informative References 294 [RFC2827] Ferguson, P. and D. Senie, "Network Ingress Filtering: 295 Defeating Denial of Service Attacks which employ IP Source 296 Address Spoofing", BCP 38, RFC 2827, May 2000. 298 Authors' Addresses 300 Nobo Akiya 301 Cisco Systems 303 Email: nobo@cisco.com 305 Carlos Pignataro 306 Cisco Systems 308 Email: cpignata@cisco.com 310 Dave Ward 311 Cisco Systems 313 Email: wardd@cisco.com