idnits 2.17.1 draft-ietf-msdp-spec-02.txt: ** The Abstract section seems to be numbered Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** Missing expiration date. The document expiration date should appear on the first and last page. ** The document seems to lack a 1id_guidelines paragraph about Internet-Drafts being working documents. ** The document is more than 15 pages and seems to lack a Table of Contents. == No 'Intended status' indicated for this document; assuming Proposed Standard == The page length should not exceed 58 lines per page, but there was 25 longer pages, the longest (page 2) being 60 lines == It seems as if not all pages are separated by form feeds - found 0 form feeds but 26 pages Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an Introduction section. ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** The document seems to lack separate sections for Informative/Normative References. All references will be assumed normative when checking for downward references. ** There are 12 instances of too long lines in the document, the longest one being 10 characters in excess of 72. Miscellaneous warnings: ---------------------------------------------------------------------------- == Line 857 has weird spacing: '...cluding this ...' == The document seems to lack the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. (The document does seem to have the reference to RFC 2119 which the ID-Checklist requires). -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- Couldn't find a document date in the document -- date freshness check skipped. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'SA-Advertisement-Timer' is mentioned on line 193, but not defined == Missing Reference: 'SA-State-Timer' is mentioned on line 215, but not defined == Missing Reference: 'SA-Hold-Down-Timer' is mentioned on line 234, but not defined == Missing Reference: 'KeepAliver-Timer' is mentioned on line 248, but not defined == Missing Reference: 'MSDP-GRE-ProtocolType' is mentioned on line 876, but not defined == Outdated reference: A later version (-08) exists of draft-ietf-mboned-anycast-rp-04 ** Downref: Normative reference to an Informational draft: draft-ietf-mboned-anycast-rp (ref. 'ANYCASTRP') == Outdated reference: A later version (-06) exists of draft-ietf-malloc-masc-04 ** Downref: Normative reference to an Historic draft: draft-ietf-malloc-masc (ref. 'MASC') ** Obsolete normative reference: RFC 1825 (Obsoleted by RFC 2401) ** Downref: Normative reference to an Historic RFC: RFC 1828 ** Obsolete normative reference: RFC 2283 (Obsoleted by RFC 2858) ** Obsolete normative reference: RFC 2362 (Obsoleted by RFC 4601, RFC 5059) Summary: 15 errors (**), 0 flaws (~~), 12 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 Network Working Group Dino Farinacci 2 INTERNET DRAFT Procket Networks 3 Yakov Rekhter 4 David Meyer 5 Cisco Systems 6 Peter Lothberg 7 Sprint 8 Hank Kilmer 9 Jeremy Hall 10 UUnet 11 Category Standards Track 12 January, 2000 14 Multicast Source Discovery Protocol (MSDP) 15 17 1. Status of this Memo 19 This document is an Internet-Draft and is in full conformance with 20 all provisions of Section 10 of RFC 2026. 22 Internet Drafts are working documents of the Internet Engineering 23 Task Force (IETF), its areas, and its working groups. Note that other 24 groups may also distribute working documents as Internet-Drafts. 26 Internet-Drafts are draft documents valid for a maximum of six months 27 and may be updated, replaced, or obsoleted by other documents at any 28 time. It is inappropriate to use Internet-Drafts as reference 29 material or to cite them other than as "work in progress." 31 The list of current Internet-Drafts can be accessed at 32 http://www.ietf.org/ietf/1id-abstracts.txt. 34 The list of Internet-Draft Shadow Directories can be accessed at 35 http://www.ietf.org/shadow.html. 37 2. Abstract 39 The Multicast Source Discovery Protocol, MSDP, describes a mechanism 40 to connect multiple PIM-SM domains together. Each PIM-SM domain uses 41 its own independent RP(s) and does not have to depend on RPs in other 42 domains. 44 3. Copyright Notice 46 Copyright (C) The Internet Society (20000). All Rights Reserved. 48 4. Introduction 50 The Multicast Source Discovery Protocol, MSDP, describes a mechanism 51 to connect multiple PIM-SM domains together. Each PIM-SM domain uses 52 its own independent RP(s) and does not have to depend on RPs in other 53 domains. Advantages of this approach include: 55 o No Third-party resource dependencies on RP 57 PIM-SM domains can rely on their own RPs only. 59 o Receiver only Domains 61 Domains with only receivers get data without globally 62 advertising group membership. 64 o Global Source State 66 Global source state is not required, since a router need not 67 cache Source Active (SA) messages (see below). MSDP is a 68 periodic protocol. 70 The keywords MUST, MUST NOT, MAY, OPTIONAL, REQUIRED, RECOMMENDED, 71 SHALL, SHALL NOT, SHOULD, SHOULD NOT are to be interpreted as defined 72 in RFC 2119 [RFC2119]. 74 5. Overview 76 An RP (or other MSDP SA originator) in a PIM-SM [RFC2362] domain will 77 have a MSDP peering relationship with a MSDP speaker in another 78 domain. The peering relationship will be made up of a TCP connection 79 in which control information exchanged. Each domain will have one or 80 more connections to this virtual topology. 82 The purpose of this topology is to have domains discover multicast 83 sources from other domains. If the multicast sources are of interest 84 to a domain which has receivers, the normal source-tree building 85 mechanism in PIM-SM will be used to deliver multicast data over an 86 inter-domain distribution tree. 88 We envision this virtual topology will essentially be congruent to 89 the existing BGP topology used in the unicast-based Internet today. 90 That is, the TCP connections between MSDP speakers can be realized by 91 the underlying BGP routing system. 93 6. Procedure 95 A source in a PIM-SM domain originates traffic to a multicast group. 96 The PIM DR which is directly connected to the source sends the data 97 encapsulated in a PIM Register message to the RP in the domain. 99 The RP will construct a "Source-Active" (SA) message and send it to 100 its MSDP peers. The SA message contains the following fields: 102 o Source address of the data source. 103 o Group address the data source sends to. 104 o IP address of the RP. 106 Each MSDP peer receives and forwards the message away from the RP 107 address in a "peer-RPF flooding" fashion. The notion of peer-RPF 108 flooding is with respect to forwarding SA messages. The BGP routing 109 table is examined to determine which peer is the NEXT_HOP towards the 110 originating RP of the SA message. Such a peer is called an "RPF 111 peer". See section 10 below for the details of peer-RPF forwarding. 113 If the MSDP peer receives the SA from a non-RPF peer towards the 114 originating RP, it will drop the message. Otherwise, it forwards the 115 message to all its MSDP peers. 117 The flooding can be further constrained to children of the peer by 118 interrogating BGP reachability information. That is, if a BGP peer 119 advertises a route (back to you) and you are the next to last AS in 120 the AS_PATH, the peer is using you as the NEXT_HOP. This is known in 121 other circles as Split-Horizon with Poison Reverse. An implementation 122 SHOULD NOT forward SA messages (which were originated from the RP 123 address covered by a route) to peers which have not Poison Reversed 124 that route. 126 When an MSDP peer which is also an RP for its own domain receives a 127 new SA message, it determines if it has any group members interested 128 in the group which the SA message describes. That is, the RP checks 129 for a (*,G) entry with a non-empty outgoing interface list; this 130 implies that the domain is interested in the group. In this case, the 131 RP triggers a (S,G) join event towards the data source as if a 132 Join/Prune message was received addressed to the RP itself (See 133 [RFC2362] Section 3.2.2). This sets up a branch of the source-tree to 134 this domain. Subsequent data packets arrive at the RP which are 135 forwarded down the shared-tree inside the domain. If leaf routers 136 choose to join the source-tree they have the option to do so 137 according to existing PIM-SM conventions. Finally, if an RP in a 138 domain receives a PIM Join message for a new group G, and it is 139 caching SAs, then the RP should trigger a (S,G) join event for each 140 SA for that group in its cache. 142 This procedure has been affectionately named flood-and-join because 143 if any RP is not interested in the group, they can ignore the SA 144 message. Otherwise, they join a distribution tree. 146 7. Controlling State 148 While RPs which receive SA messages are not required to keep MSDP 149 (S,G) state, an RP SHOULD cache SA messages by default. The advantage 150 of caching is that newly formed MSDP peers can get MSDP (S,G) state 151 sooner and therefore reduce join latency for new joiners. In 152 addition, caching greatly aids in diagnosis and debugging of various 153 problems. 155 7.1. Timers 157 The main timers for MSDP are: SA-Advertisement-Timer, SA-Hold-Down- 158 Timer, SA Cache entry timers, and KeepAlive timer. 160 7.1.1. SA-Advertisement-Timer 162 RPs which originate SA messages do it periodically as long as there 163 is data being sent by the source. There is one SA-Advertisement-Timer 164 covering the sources that an RP may advertise. [SA-Advertisement- 165 Timer] MUST be 60 seconds. An RP will not send more than one SA 166 message for a given (S,G) within an SA Advertisement interval. 167 Originating periodic SA messages is important so that new receivers 168 who join after a source has been active can get data quickly via the 169 receiver's own RP when it is not caching SA state. 171 7.1.1.1. SA-Advertisement-Timer Processing 173 When an RP is processing a PIM register message, it encapsulates the 174 data (if any) in an SA message and sends the SA message it to each of 175 its peers. The RP starts the SA Advertisement-Timer for the (S,G) at 176 this time. When the timer expires, and there is (S,G) state for a 177 source within the RP's domain, an (S,G)-SA message is sent to each 178 peer and the timer is reset to [SA-Advertisement-Timer] seconds. If 179 no (S,G) state exists, the timer is deleted. 181 The following table summarizes (S,G)-SA-Advertisement-Timer 182 processing: 184 Set to | When | Applies to 185 [SA-Advertisement-Timer] | created off Register packet | (S,G) 187 Reset to | When | Applies to 188 [SA-Advertisement-Timer] | Timer expires and (S,G) | (S,G) 189 | state exists and was | 190 | created by a register | 192 Deleted | When | Applies to 193 [SA-Advertisement-Timer] | Timer expires and (S,G) | (S,G) 194 | state has expired | 196 Note that a caching implementation may also wish to check the SA- 197 Cache on this timer event. 199 7.1.2. SA Cache Timeout (SA-State-Timer) 201 Each entry in an SA Cache has an associated SA-State-Timer. A 202 (S,G)-SA-State-Timer is is started when an (S,G)-SA message is 203 initially received by a caching MSDP speaker. The timer is reset to 204 [SA-State-Timer] if another (S,G)-SA message is received before the 205 (S,G)-SA-State-Timer expires. [SA-State-Timer] MUST NOT be less than 206 90 seconds. The following table summarizes SA-State-Timer 207 processing: 209 Set to | When | Applies to 210 [SA-State-Timer] | creating (S,G)-SA cache | (S,G)-SA Cache Entry 211 | entry (on receipt of a | 212 | (S,G)-SA message) | 214 Reset to | When | Applies to 215 [SA-State-Timer] | On receipt of (S,G)-SA | (S,G)-SA Cache Entry 216 | message | 218 Deleted | When | Applies to 219 (S,G) SA Cache | Timer expires | (S,G)-SA Cache Entry 220 entry | | 222 7.1.3. SA-Hold-Down-Timer 224 A caching MSDP speaker SHOULD NOT forward an SA message it has 225 received in the last SA-Hold-Down interval. [SA-Hold-Down-Timer] 226 SHOULD be set to 30 seconds. The following table summarizes SA-Hold- 227 Down-Timer processing: 229 Set to | When | Applies to 230 [SA-Hold-Down-Timer] | Upon receipt of | (S,G)-SA Cache Entry 231 | (S,G)-SA message | 233 Reset to | When | Applies to 234 [SA-Hold-Down-Timer] | When forwarding (S,G)-SA | (S,G)-SA Cache Entry 235 | message | 237 Deleted | When | Applies to 238 (S,G)-SA-Hold-Down-Timer] | (S,G)-SA entry is | (S,G)-SA Cache Entry 239 deleted 241 7.1.4. KeepAlive Timer 243 Set to | When | Applies to 244 [KeepAliver-Timer] | passive-connect peer comes | each peer 245 | up | 247 Reset to | When | Applies to 248 [KeepAliver-Timer] | Receipt of data from peer | each peer 250 Deleted | When | Applies to 251 KeepAliver-Timer | Timer expires | each peer 252 | or passive-connect peer | 253 | closes connection | 255 7.2. Intermediate MSDP Speakers 257 Intermediate RPs do not originate periodic SA messages on behalf of 258 sources in other domains. In general, an RP MUST only originate an SA 259 for its own sources. 261 7.3. SA Filtering and Policy 263 As the number of (S,G) pairs increases in the Internet, an RP may 264 want to filter which sources it describes in SA messages. Also, 265 filtering may be used as a matter of policy which at the same time 266 can reduce state. Only the RP co-located in the same domain as the 267 source can restrict SA messages. Note, however, that MSDP peers in 268 transit domains should not filter SA messages or the flood-and-join 269 model can not guarantee that sources will be known throughout the 270 Internet (i.e., SA filtering by transit domains can cause undesired 271 lack of connectivity). In general, policy should be expressed using 272 MBGP [RFC2283]. This will cause MSDP messages will flow in the 273 desired direction and peer-RPF fail otherwise. An exception occurs at 274 an administrative scope [RFC2365] boundary. In particular, a SA 275 message for a (S,G) MUST NOT be sent to peers which are on the other 276 side of an administrative scope boundary for G. 278 7.4. SA Requests 280 If an MSDP peer decides to cache SA state, it MAY accept SA-Requests 281 from other MSDP peers. When an MSDP peer receives an SA-Request for a 282 group range, it will respond to the peer with a set of SA entries, in 283 an SA-Response message, for all active sources sending to the group 284 range requested in the SA-Request message. The peer that sends the 285 request will not flood the responding SA-Response message to other 286 peers. See section 12 for discussion of error handling relating to SA 287 requests and responses. 289 8. Encapsulated Data Packets 291 For bursty sources, the RP may encapsulate multicast data from the 292 source. An interested RP may decapsulate the packet, which SHOULD be 293 forwarded as if a PIM register encapsulated packet was received. That 294 is, if packets are already arriving over the interface toward the 295 source, then the packet is dropped. Otherwise, if the outgoing 296 interface list is non-null, the packet is forwarded appropriately. 297 Note that when doing data encapsulation, an implementation MUST bound 298 the time during which the source which are encapsulated. 300 This allows for small bursts to be received before the multicast tree 301 is built back toward the source's domain. For example, an 302 implementation SHOULD encapsulate at least the first packet to 303 provide service to bursty sources. 305 9. Other Scenarios 307 MSDP is not limited to deployment across different routing domains. 308 It can be used within a routing domain when it is desired to deploy 309 multiple RPs for different group ranges. As long as all RPs have a 310 interconnected MSDP topology, each can learn about active sources as 311 well as RPs in other domains. Another example is the Anycast RP 312 mechanism [ANYCASTRP]. 314 10. MSDP Peer-RPF Forwarding 316 The MSDP Peer-RPF Forwarding rules are used for forwarding SA 317 messages throughout an MSDP enabled internet. Unlike the RPF check 318 used when forwarding data packets, the Peer-RPF check is against the 319 RP address carried in the SA message. 321 10.1. Peer-RPF Forwarding Rules 323 An SA message originated by an MSDP originator R and received by a 324 MSDP router from MSDP peer N is accepted if N is the appropriate RPF 325 neighbor for originator R, and discarded otherwise. 327 The RPF neighbor is chosen using the first of the following rules 328 that matches: 330 (i). R is the RPF neighbor if we have an MSDP peering with R. 332 (ii). The external MBGP neighbor towards which we are 333 poison-reversing the MBGP route towards R is the RPF neighbor 334 if we have an MSDP peering with it. 336 (iii). If we have any MSDP peerings with neighbors in the first 337 AS along the AS_PATH (the AS from which we learned this 338 route), but no external MBGP peerings with them, 339 pick one via a deterministic rule. 341 (vi). The internal MBGP advertiser of the router towards R is 342 the RPF neighbor if we have an MSDP peering with it. 344 (v). If none of the above match, and we have an MSDP 345 default-peer configured, the MSDP default-peer is 346 the RPF neighbor. 348 10.2. MSDP default-peer semantics 350 A MSDP default-peer is much like a default route. It is intended to 351 be used in those cases where a stub network isn't running BGP or 352 MBGP. A MSDP speaker configured with a default-peer accepts all SA 353 messages from the default-peer. Note that a router running BGP or 354 MBGP SHOULD NOT allow configuration of default peers, since this 355 allows the possibility for SA looping to occur. 357 11. MSDP Connection Establishment 359 MSDP messages will be encapsulated in a TCP connection using well- 360 known port 639. One side of the MSDP peering relationship will listen 361 on the well-known port and the other side will do an active connect 362 on the well-known port. The side with the higher peer IP address will 363 do the listen. This connection establishment algorithm avoids call 364 collision. Therefore, there is no need for a call collision 365 procedure. It should be noted, however, that the disadvantage of this 366 approach is that it may result in longer startup times at the passive 367 end. 369 An MSDP speaker starts in the INACTIVE state. MSDP speakers establish 370 peering sessions according to the following state machine: 372 De-configured or 373 disabled 374 +-------------------------------------------+ 375 | | 376 | | 377 Enable | 378 +-----|--------->+----------+ | 379 | | +->| INACTIVE |----------------+ | 380 | | | +----------+ | | 381 Deconf'ed | | | /|\ /|\ | Higher Address 382 or | | | | | | | 383 disabled | | | | | \|/ | 384 | | | | | | +-------------+ 385 | | | | | +---------------| CONNECTING | 386 | | | | | Timeout or +-------------+ 387 | | | | | Local Address Change | 388 \|/ \|/ | | | | 389 +----------+ | | | | 390 | DISABLED | | | +---------------------+ | TCP Established 391 +----------+ | | | | 392 /|\ /|\ | | Connection Timeout, | | 393 | | | | Local Address change, | | 394 | | | | Authorization Failure | | 395 | | | | | | 396 | | | | | \|/ 397 | | | | +-------------+ 398 | | Local | | | ESTABLISHED | 399 | | Address | | Lower Address +-------------+ 400 | | Change | \|/ /|\ | 401 | | | +--------+ | | 402 | | +--| LISTEN |--------------------+ | 403 | | +--------+ TCP Accept | 404 | | | | 405 | | | | 406 | +---------------+ | 407 | De-configured or | 408 | disabled | 409 | | 410 +------------------------------------------------------+ 411 De-configured or 412 disabled 414 12. Packet Formats 416 MSDP messages will be encoded in TLV format. If an implementation 417 receives a TLV that has length that is longer than expected, the TLV 418 SHOULD be accepted. Any additional data SHOULD be ignored. 420 12.1. MSDP TLV format: 422 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 423 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 424 | Type | Length | Value .... | 425 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 427 Type (8 bits) 428 Describes the format of the Value field. 430 Length (16 bits) 431 Length of Type, Length, and Value fields in octets. The 432 minimum length required is 3 octets. 434 Value (variable length) 435 Format is based on the Type value. See below. The length of 436 the value field is Length field minus 3. 438 12.2. Defined TLVs 440 The following TLV Types are defined: 442 Code Type 443 =========================================================== 444 1 IPv4 Source-Active 445 2 IPv4 Source-Active Request 446 3 IPv4 Source-Active Response 447 4 KeepAlive 448 5 Notification 450 Each TLV is described below. 452 12.2.1. IPv4 Source-Active TLV 454 The maximum size SA message that can be sent is 1400 octets. If an 455 MSDP peer needs to originate a message with information greater than 456 1400 octets, it sends successive 1400-octet messages. The 1400 octet 457 size does not include the TCP, IP, layer-2 headers. 459 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 460 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 461 | 1 | x + y | Entry Count | 462 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 463 | RP Address | 464 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 465 | Reserved | Sprefix Len | \ 466 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ \ 467 | Group Address | ) z 468 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ / 469 | Source Address | / 470 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 472 Type 473 IPv4 Source-Active TLV is type 1. 475 Length x 476 Is the length of the control information in the message. x is 477 8 octets (for the first two 32-bit quantities) plus 12 times 478 Entry Count octets. 480 Length y 481 If 0, then there is no data encapsulated. Otherwise an IPv4 482 packet follows and y is the length of the total length field 483 of the IPv4 header encapsulated. If there are multiple SA TLVs 484 in a message, and data is also included, y must be 0 in all SA 485 TLVs except the last one. And the last SA TLV must reflect the 486 source and destination addresses in the IP header of the 487 encapsulated data. 489 Entry Count 490 Is the count of z entries (note above) which follow the RP 491 address field. This is so multiple (S,G)s from the same domain 492 can be encoded efficiently for the same RP address. 494 RP Address 495 The address of the RP in the domain the source has become 496 active in. 498 Reserved 499 The Reserved field MUST be transmitted as zeros and ignored 500 by a receiver. 502 Sprefix Len 503 The route prefix length associated with source address. 505 Group Address 506 The group address the active source has sent data to. 508 Source Address 509 The IP address of the active source. 511 Multiple SA TLVs MAY appear in the same message and can be batched 512 for efficiency at the expense of data latency. This would typically 513 occur on intermediate forwarding of SA messages. 515 12.2.2. IPv4 Source-Active Request TLV 517 The Source-Active Request is used to request SA-state from a caching 518 MSDP peer. If an RP in a domain receives a PIM Join message for a 519 group, creates (*,G) state and wants to know all active sources for 520 group G, and it has been configured to peer with an SA-state caching 521 peer, it may send an SA-Request message for the group. 523 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 524 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 525 | 2 | 8 | Reserved | 526 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 527 | Group Address | 528 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 530 Type 531 IPv4 Source-Active Request TLV is type 2. 533 Reserved 534 The Reserved field MUST be transmitted as zeros and ignored 535 by a receiver. 537 Group Address 538 The group address the MSDP peer is requesting. 540 12.2.3. IPv4 Source-Active Response TLV 542 The Source-Active Response is sent in response to a Source-Active 543 Request message. The Source-Active Response message has the same 544 format as a Source-Active message but does not allow encapsulation of 545 multicast data. 547 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 548 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 549 | 3 | x | .... | 550 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 552 Type 553 IPv4 Source-Active Response TLV is type 3. 555 Length x 556 Is the length of the control information in the message. x is 8 557 octets (for the first two 32-bit quantities) plus 12 times Entry 558 Count octets. 560 12.2.4. KeepAlive TLV 562 A KeepAlive TLV is sent to an MSDP peer if and only if there were no 563 MSDP messages sent to the peer after a period of time. This message 564 is necessary for the active connect side of the MSDP connection. The 565 passive connect side of the connection knows that the connection will 566 be reestablished when a TCP SYN packet is sent from the active 567 connect side. However, the active connect side will not know when the 568 passive connect side goes down. Therefore, the KeepAlive timeout will 569 be used to reset the TCP connection. 571 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 572 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 573 | 4 | 4 | Reserved | 574 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 576 The length of the message is 4 octets which encompasses the 1-octet 577 Type field and the 2-octet Length field, plus the Reserved field. The 578 Reserved field MUST be transmitted as zeros and ignored by a 579 receiver. 581 12.2.5. Notification TLV 583 A Notification message is sent when an error condition is detected, 584 and has the following form: 586 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 587 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 588 | 5 | x + 5 |O| Error Code | 589 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 590 | Error subcode | ... | 591 +-+-+-+-+-+-+-+-+ | 592 | Data | 593 | ... | 594 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 596 Type 597 The Notification TLV is type 7. 599 Length 600 Length is a two octet field with value x + 5, where x is 601 the length of the notification data field. 603 O-bit 604 Open-bit. If reset, the connection will be closed [MASC]. 606 Error code 607 This 7-bit unsigned integer indicates the type of Notification. 608 The following Error Codes have been defined: 610 Error Code Symbolic Name Reference 612 1 Message Header Error Section 12.3 614 2 Finite State Machine Error Section 12.4 616 3 Notification Message Error Section 12.5 618 4 SA-Request Error Section 12.6 620 5 SA-Response Error Section 12.7 622 6 SA-Message Error Section 12.8 624 Error subcode: 625 This one-octet unsigned integer provides more specific information 626 about the reported error. Each Error Code may have one or more Error 627 Subcodes associated with it. If no appropriate Error Subcode is 628 defined, then a zero (Unspecific) value is used for the Error Subcode 629 field, and the O-bit must be reset (i.e. the connection will be 630 closed). The used notation in the error description below is: MC = 631 Must Close connection = O-bit reset; CC = Can Close connection = 632 O-bit might be reset [MASC]. 634 Message Header Error subcodes: 636 0 - Unspecific (MC) 637 1 - Bad Message Length (MC) 638 2 - Bad Message Type (MC) 640 Finite State Machine Error subcodes: 642 0 - Unspecific (MC) 643 1 - Unexpected Message Type FSM Error (MC) 645 Notification subcodes (the O-bit is always reset): 647 0 - Unspecific (CC) 649 SA-Request Error subcodes: 651 0 - Not caching (MC) 652 0 - Invalid Group Address prefix (CC) 654 SA-Reponse Error subcodes: 656 0 - Didn't send Request (MC) 658 SA-Message Error subcodes 660 0 - Invalid Entry Count (CC) 661 1 - Invalid RP Address (CC) 662 2 - Invalid Group Address (CC) 663 3 - Invalid Source Address (CC) 664 4 - Invalid Sprefix Length (CC) 665 5 - Looping SA (Self is RP) (CC) 666 6 - Unknown Encapsulation (MC) 668 12.3. Message Header Error Handling 670 All errors detected while processing the Message Header are indicated 671 by sending the Notification message with Error Code Message Header 672 Error. The Error Subcode describes the specific nature of the error. 673 The Data field contains the erroneous Message (including the message 674 header). 676 If the Length field of the message header is less than 4 or greater 677 than 1400, or the length of a Keepalive message is not equal to 4, 678 then the Error Subcode is set to Bad Message Length. 680 If the Type field of the message header is not recognized, then the 681 Error Subcode is set to Bad Message Type. 683 12.4. Finite State Machine Error Handling 685 Any error detected by the MSDP Finite State Machine (e.g., receipt of 686 an unexpected event) is indicated by sending the Notification message 687 with Error Code Finite State Machine Error. 689 12.5. Notification Message Error Handling 691 If a node sends a Notification message, and there is an error in that 692 message, and the O-bit of that message is not reset, a Notification 693 with O-bit reset, Error Code of Notification Error, and subcode 694 Unspecific must be sent. In addition, the Data field must include 695 the Notification message that triggered the error. However, if the 696 erroneous Notification message had the O-bit reset, then any error, 697 such as an unrecognized Error Code or Error Subcode, should be 698 noticed, logged locally, and brought to the attention of the 699 administrator of the remote node. 701 12.6. SA-Request Error Handling 703 The SA-Request Error code is used to signal the receipt of a SA 704 request at a non-caching MSDP speaker, or at a caching MSDP speaker 705 when an invalid group address requested. 707 When a non-caching MSDP speaker receives an SA-Request, it returns 708 the following notification and closes the connection: 710 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 711 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 712 | 7 | 16 |O| 4 | 713 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 714 | 0x0 | Reserved | 715 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 716 | Group Address | 717 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 718 | Source Address | 719 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 721 If a caching MSDP speaker receives a request for an invalid group, it 722 returns the following notification and closes the connection: 724 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 725 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 726 | 7 | 12 |O| 4 | 727 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 728 | 0x1 | Reserved | 729 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 730 | Invalid Group Address | 731 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 733 12.7. SA-Response Error Handling 735 The SA-Response Error code is used to signal the receipt of a SA 736 Response at MSDP speaker which did not issue a SA-Request to the 737 peer. It has the following form: 739 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 740 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 741 | 7 | 8 |O| 5 | 742 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 743 | 0x0 | Reserved | 744 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 746 12.8. SA-Message Error Handling 748 The SA-Message Error code is used to signal the receipt of an SA 749 message that contains invalid data. 751 12.8.1. Invalid Entry Count 753 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 754 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 755 | 7 | 12 |O| 6 | 756 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 757 | 0x0 | Reserved | 758 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 759 | Invalid Entry Count | 760 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 762 12.8.2. Invalid RP Address 764 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 765 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 766 | 7 | 12 |O| 6 | 767 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 768 | 0x1 | Reserved | 769 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 770 | Invalid RP Address | 771 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 773 12.8.3. Invalid Group Address 775 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 776 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 777 | 7 | 12 |O| 6 | 778 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 779 | 0x2 | Reserved | 780 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 781 | Invalid Group Address | 782 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 784 12.8.4. Invalid Source Address 786 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 787 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 788 | 7 | 12 |O| 6 | 789 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 790 | 0x3 | Reserved | 791 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 792 | Invalid Source Address | 793 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 795 12.9. Invalid Sprefix Length 797 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 798 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 799 | 7 | 12 |O| 6 | 800 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 801 | 0x4 | Reserved | 802 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 803 | Invalid Sprefix Length | 804 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 806 12.10. Looping SAs (Self is RP in received SA) 808 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 809 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 810 | 7 | 8 |O| 6 | 811 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 812 | 0x5 | Reserved | 813 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 815 12.11. Unknown Encapsulation 817 This notification is sent on receipt of SA data that is encapsulated 818 in an unknown encapsulation type. See section 12.12 for known 819 encapsulations. 821 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 822 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 823 | 7 | 8 |O| 6 | 824 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 825 | 0x6 | Reserved | 826 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 828 12.12. SA Data Encapsulation 830 This section describes UDP and GRE encapsulation of SA data. 831 Encapsulation type is a configuration option. 833 12.12.1. UDP Data Encapsulation 835 MSDP SA-data MAY be encapsulated in UDP. In this case, the UDP 836 psuedo-header has the following form: 838 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 839 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 840 | Source Port | Destination Port | 841 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 842 | Length | Checksum | 843 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 844 | Origin RP Address | 845 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 847 Source Port 848 Port to be used by the remote end, and is known via 849 configuration. 851 Destination Port 852 The Destination Port is set to the remote endpoint's Source port, 853 and is known via configuration. 855 Length 856 Length is the length in octets of this user datagram 857 including this header and the data. The minimum value 858 of the length is twelve. 860 Checksum 861 The checksum is computed according to RFC 768 [RFC768]. 863 Originating RP Address 864 The Originating RP Address is the address of the RP sending 865 the encapsulated data. 867 12.12.2. GRE Encapsulation 869 MSDP SA-data MAY be encapsulated in GRE using protocol type [MSDP- 870 GRE-ProtocolType]. 872 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 873 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 874 | Delivery Headers ..... | 875 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 876 |C| Reserved0 | Ver | [MSDP-GRE-ProtocolType] |\ 877 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ GRE Header 878 | Checksum (optional) | Reserved1 |/ 879 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 880 | Originating RP IPv4 Address |\ 881 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Payload 882 | (S,G) Data Packet .... / 883 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 885 12.12.2.1. GRE Encapsulation and PMTU Discovery [RFC1191] 887 Existing implementations of GRE, when using IPv4 as the Delivery 888 Header, do not implement Path MTU discovery and do not set the Don't 889 Fragment bit in the Delivery Header. This can cause large packets to 890 become fragmented within the tunnel and reassembled at the tunnel 891 exit (independent of whether the payload packet is using PMTU). If a 892 tunnel entry point were to use Path MTU discovery, however, that 893 tunnel entry point would also need to relay ICMP unreachable error 894 messages (in particular the "fragmentation needed and DF set" code) 895 back to the originator of the packet, which is not required by the 896 GRE specification [GRE]. Failure to properly relay Path MTU 897 information to an originator can result in the following behavior: 898 the originator sets the don't fragment bit, the packet gets dropped 899 within the tunnel, but since the originator doesn't receive proper 900 feedback, it retransmits with the same PMTU, causing subsequently 901 transmitted packets to be dropped. 903 13. Security Considerations 905 An MSDP implementation MAY use IPsec [RFC1825] or keyed MD5 [RFC1828] 906 to secure control messages. When encapsulating SA data in GRE, 907 security should be relatively similar to security in a normal IPv4 908 network, as routing using GRE follows the same routing that IPv4 uses 909 natively. Route filtering will remain unchanged. However packet 910 filtering at a firewall requires either that a firewall look inside 911 the GRE packet or that the filtering is done on the GRE tunnel 912 endpoints. In those environments in which this is considered to be a 913 security issue it may be desirable to terminate the tunnel at the 914 firewall. 916 14. Acknowledgments 918 The authors would like to thank Dave Thaler, Bill Nickless, John 919 Meylor, Liming Wei, Manoj Leelanivas, Mark Turner, John Zwiebel, and 920 Cristina Radulescu-Banu for their design feedback and comments. Bill 921 Fenner also made many contributions, including clarification of the 922 Peer-RPF rules. 924 15. Author's Address: 926 Dino Farinacci 927 Procket Networks 928 3850 No. First St., Ste. C 929 San Jose, CA 95134 930 Email: dino@procket.com 932 Yakov Rehkter 933 Cisco Systems, Inc. 934 170 Tasman Drive 935 San Jose, CA, 95134 936 Email: yakov@cisco.com 938 Peter Lothberg 939 Sprint 940 VARESA0104 941 12502 Sunrise Valley Drive 942 Reston VA, 20196 943 Email: roll@sprint.net 945 Hank Kilmer 946 Email: hank@rem.com 948 Jeremy Hall 949 UUnet Technologies 950 3060 Williams Drive 951 Fairfax, VA 22031 952 Email: jhall@uu.net 954 David Meyer 955 Cisco Systems, Inc. 956 170 Tasman Drive 957 San Jose, CA, 95134 958 Email: dmm@cisco.com 960 16. REFERENCES 962 [ANYCASTRP] Meyer, et. al, "Anycast RP mechanism using PIM and 963 MSDP", draft-ietf-mboned-anycast-rp-04.txt, November, 964 1999. Work in Progress. 966 [GRE] Farinacci, D., et al., "Generic Routing Encapsulation 967 (GRE)", draft-meyer-gre-update-02.txt, January, 968 2000. Work in Progress. 970 [MASC] Estrin, D., et al., "The Multicast Address-Set Claim 971 (MASC) Protocol", draft-ietf-malloc-masc-04.txt, 972 October, 1999. Work in Progress. 974 [RFC768] Postel, J. "User Datagram Protocol", RFC 768, August, 975 1980. 977 [RFC1191] Mogul, J., and S. Deering, "Path MTU Discovery", 978 RFC 1191, November 1990. 980 [RFC1825] Atkinson, R., "Security Architecture for the Internet 981 Protocol", RFC 1825, August, 1995. 983 [RFC1828] P. Metzger and W. Simpson, "IP Authentication using 984 Keyed MD5", RFC 1828, August, 1995. 986 [RFC2119] S. Bradner, "Key words for use in RFCs to Indicate 987 Requirement Levels", RFC 2119, March, 1997. 989 [RFC2283] Bates, T., Chandra, R., Katz, D., and Y. Rekhter., 990 "Multiprotocol Extensions for BGP-4", RFC 2283, 991 February 1998. 993 [RFC2362] Estrin D., et al., "Protocol Independent Multicast - 994 Sparse Mode (PIM-SM): Protocol Specification", RFC 995 2362, June 1998. 997 [RFC2365] Meyer, D. "Administratively Scoped IP Multicast", RFC 998 2365, July, 1998.