idnits 2.17.1 draft-ietf-msdp-spec-19.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- == No 'Intended status' indicated for this document; assuming Proposed Standard Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** There are 7 instances of too long lines in the document, the longest one being 5 characters in excess of 72. ** The abstract seems to contain references ([RFC2362]), which it shouldn't. Please replace those with straight textual mentions of the documents in question. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not match the current year == Line 755 has weird spacing: '...ces and group...' == The document seems to lack the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. (The document does seem to have the reference to RFC 2119 which the ID-Checklist requires). == Using lowercase 'not' together with uppercase 'MUST', 'SHALL', 'SHOULD', or 'RECOMMENDED' is not an accepted usage according to RFC 2119. Please use uppercase 'NOT' together with RFC 2119 keywords (if that is what you mean). Found 'MUST not' in this paragraph: RPs which originate SA messages do so periodically as long as there is data being sent by the source. There is one SA-Advertisement-Timer covering the sources that an RP may advertise. [SA-Advertisement-Period] MUST be 60 seconds. An RP MUST not send more than one periodic SA message for a given (S,G) within an SA Advertisement interval. Originating periodic SA messages is required to keep announcements alive in caches. Finally, an originating RP SHOULD trigger the transmission of an SA message as soon as it receives data from an internal source for the first time. This initial SA message may be in addition to the periodic sa-message forwarded in that first 60 seconds for that (S,G). == Using lowercase 'not' together with uppercase 'MUST', 'SHALL', 'SHOULD', or 'RECOMMENDED' is not an accepted usage according to RFC 2119. Please use uppercase 'NOT' together with RFC 2119 keywords (if that is what you mean). Found 'SHOULD not' in this paragraph: If an MSDP message is received with a TLV format error, the session SHOULD be reset with that peer. MSDP messages with other errors, such as unrecognized type code, received from MSDP peers, SHOULD be silently discarded and the session SHOULD not be reset. -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (May 2003) is 7624 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'SG-State-Period' is mentioned on line 245, but not defined == Missing Reference: 'SA-Hold-Down-Period' is mentioned on line 246, but not defined == Missing Reference: 'HoldTime-Period' is mentioned on line 514, but not defined == Missing Reference: 'KeepAlive-Period' is mentioned on line 659, but not defined == Missing Reference: 'ConnectRetry-Period' is mentioned on line 486, but not defined -- Looks like a reference, but probably isn't: '8' on line 766 -- Looks like a reference, but probably isn't: '200' on line 766 -- Looks like a reference, but probably isn't: '201' on line 771 -- Looks like a reference, but probably isn't: '255' on line 771 == Unused Reference: 'RFC2119' is defined on line 808, but no explicit reference was found in the text ** Obsolete normative reference: RFC 1142 (Obsoleted by RFC 7142) ** Obsolete normative reference: RFC 2178 (Obsoleted by RFC 2328) ** Obsolete normative reference: RFC 2283 (Obsoleted by RFC 2858) ** Obsolete normative reference: RFC 2362 (Obsoleted by RFC 4601, RFC 5059) ** Obsolete normative reference: RFC 2385 (Obsoleted by RFC 5925) ** Obsolete normative reference: RFC 2434 (Obsoleted by RFC 5226) ** Downref: Normative reference to an Informational RFC: RFC 3446 Summary: 10 errors (**), 0 flaws (~~), 12 warnings (==), 6 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 INTERNET-DRAFT Bill Fenner (Editor) 3 draft-ietf-msdp-spec-19.txt David Meyer (Editor) 4 Category Experimental 5 Expires: November 2003 May 2003 7 Multicast Source Discovery Protocol (MSDP) 8 10 Status of this Document 12 This document is an Internet-Draft and is in full conformance with 13 all provisions of Section 10 of RFC2026. 15 Internet-Drafts are working documents of the Internet Engineering 16 Task Force (IETF), its areas, and its working groups. Note that 17 other groups may also distribute working documents as Internet- 18 Drafts. 20 Internet-Drafts are draft documents valid for a maximum of six months 21 and may be updated, replaced, or obsoleted by other documents at any 22 time. It is inappropriate to use Internet-Drafts as reference 23 material or to cite them other than as "work in progress." 25 The list of current Internet-Drafts can be accessed at 26 http://www.ietf.org/ietf/1id-abstracts.txt 28 The list of Internet-Draft Shadow Directories can be accessed at 29 http://www.ietf.org/shadow.html. 31 This document is a product of an individual. Comments are solicited 32 and should be addressed to the author(s). 34 Copyright Notice 36 Copyright (C) The Internet Society (2003). All Rights Reserved. 38 Abstract 40 The Multicast Source Discovery Protocol, MSDP, describes a mechanism 41 to connect multiple IP Version 4 Protocol Independent Multicast 42 Sparse-Mode (PIM-SM) [RFC2362] domains together. Each PIM-SM domain 43 uses its own independent Rendezvous Point (RP) and does not have to 44 depend on RPs in other domains. This document reflects existing MSDP 45 implementations. 47 Table of Contents 49 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 5 50 2. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 51 3. Procedure. . . . . . . . . . . . . . . . . . . . . . . . . . . 5 52 4. Caching. . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 53 5. Timers . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 54 5.1. SA-Advertisement-Timer. . . . . . . . . . . . . . . . . . . 7 55 5.2. SA-Advertisement-Timer Processing . . . . . . . . . . . . . 8 56 5.3. SA Cache Timeout (SA-State Timer) . . . . . . . . . . . . . 8 57 5.4. Peer Hold Timer . . . . . . . . . . . . . . . . . . . . . . 8 58 5.5. KeepAlive Timer . . . . . . . . . . . . . . . . . . . . . . 9 59 5.6. ConnectRetry Timer. . . . . . . . . . . . . . . . . . . . . 9 60 6. Intermediate MSDP Peers. . . . . . . . . . . . . . . . . . . . 9 61 7. SA Filtering and Policy. . . . . . . . . . . . . . . . . . . . 10 62 8. Encapsulated Data Packets. . . . . . . . . . . . . . . . . . . 10 63 9. Other Scenarios. . . . . . . . . . . . . . . . . . . . . . . . 10 64 10. MSDP Peer-RPF Forwarding. . . . . . . . . . . . . . . . . . . 11 65 10.1. Definitions. . . . . . . . . . . . . . . . . . . . . . . . 11 66 10.1.1. Multicast RPF Routing Information Base. . . . . . . . . 11 67 10.1.2. Peer-RPF Route. . . . . . . . . . . . . . . . . . . . . 11 68 10.1.3. Peer-RPF Forwarding Rules . . . . . . . . . . . . . . . 11 69 10.2. MSDP mesh-group semantics. . . . . . . . . . . . . . . . . 13 70 11. MSDP Connection State Machine . . . . . . . . . . . . . . . . 14 71 11.1. Events . . . . . . . . . . . . . . . . . . . . . . . . . . 15 72 11.2. Actions. . . . . . . . . . . . . . . . . . . . . . . . . . 16 73 11.3. Peer-specific Events . . . . . . . . . . . . . . . . . . . 16 74 11.4. Peer-independent Events. . . . . . . . . . . . . . . . . . 17 75 12. Packet Formats. . . . . . . . . . . . . . . . . . . . . . . . 17 76 12.1. MSDP TLV format. . . . . . . . . . . . . . . . . . . . . . 17 77 12.2. Defined TLVs . . . . . . . . . . . . . . . . . . . . . . . 18 78 12.2.1. IPv4 Source-Active TLV. . . . . . . . . . . . . . . . . 18 79 12.2.2. KeepAlive TLV . . . . . . . . . . . . . . . . . . . . . 20 80 13. MSDP Error Handling . . . . . . . . . . . . . . . . . . . . . 20 81 14. SA Data Encapsulation . . . . . . . . . . . . . . . . . . . . 21 82 15. Applicability Statement . . . . . . . . . . . . . . . . . . . 21 83 15.1. Between PIM Domains. . . . . . . . . . . . . . . . . . . . 21 84 15.2. Between Anycast-RPs. . . . . . . . . . . . . . . . . . . . 21 85 16. Intellectual Property . . . . . . . . . . . . . . . . . . . . 21 86 17. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 22 87 18. Security Considerations . . . . . . . . . . . . . . . . . . . 23 88 19. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 23 89 19.1. IANA Allocated TLV Range . . . . . . . . . . . . . . . . . 23 90 19.2. Experimental TLV Range . . . . . . . . . . . . . . . . . . 23 91 20. References. . . . . . . . . . . . . . . . . . . . . . . . . . 24 92 20.1. Normative References . . . . . . . . . . . . . . . . . . . 24 93 20.2. Informative References . . . . . . . . . . . . . . . . . . 24 95 21. Editor's Addresses. . . . . . . . . . . . . . . . . . . . . . 25 96 22. Full Copyright Statement. . . . . . . . . . . . . . . . . . . 25 98 1. Introduction 100 The Multicast Source Discovery Protocol, MSDP, describes a mechanism 101 to connect multiple PIM Sparse-Mode (PIM-SM) [RFC2362] domains 102 together. Each PIM-SM domain uses its own independent RP(s) and does 103 not have to depend on RPs in other domains. Advantages of this 104 approach include: 106 o No Third-party resource dependencies on a domain's RP 108 PIM-SM domains can rely on their own RPs only. 110 o Receiver only Domains 112 Domains with only receivers get data without globally 113 advertising group membership. 115 Note that MSDP may be used with protocols other than PIM-SM, but such 116 usage is not specified in this memo. 118 2. Overview 120 MSDP-speaking routers in a PIM-SM domain have a MSDP peering 121 relationship with MSDP peers in another domain. The peering 122 relationship is made up of a TCP connection in which control 123 information is exchanged. Each domain has one or more connections to 124 this virtual topology. 126 The purpose of this topology is to allow domains to discover 127 multicast sources from other domains. If the multicast sources are of 128 interest to a domain which has receivers, the normal source-tree 129 building mechanism in PIM-SM will be used to deliver multicast data 130 over an inter-domain distribution tree. 132 3. Procedure 134 When an RP in a PIM-SM domain first learns of a new sender, e.g. via 135 PIM register messages, it constructs a "Source-Active" (SA) message 136 and sends it to its MSDP peers. All RPs, which intend to originate or 137 receive SA messages, must establish MSDP peering with other RPs, 138 either directly or via an intermediate MSDP peer. The SA message 139 contains the following fields: 141 o Source address of the data source. 143 o Group address the data source sends to. 145 o IP address of the RP. 147 Note that an RP that isn't a DR on a shared network SHOULD NOT 148 originate SA's for directly connected sources on that shared network; 149 it should only originate in response to receiving Register messages 150 from the DR. 152 Each MSDP peer receives and forwards the message away from the RP 153 address in a "peer-RPF flooding" fashion. The notion of peer-RPF 154 flooding is with respect to forwarding SA messages. The Multicast RPF 155 Routing Information Base (MRIB) is examined to determine which peer 156 towards the originating RP of the SA message is selected. Such a peer 157 is called an "RPF peer". See section 13 for the details of peer-RPF 158 forwarding. 160 If the MSDP peer receives the SA from a non-RPF peer towards the 161 originating RP, it will drop the message. Otherwise, it forwards the 162 message to all its MSDP peers (except the one from which it received 163 the SA message). 165 When an MSDP peer which is also an RP for its own domain receives a 166 new SA message, it determines if there are any group members within 167 the domain interested in any group described by an (Source, Group), 168 or (S,G) entry within the SA message. That is, the RP checks for a 169 (*,G) entry with a non-empty outgoing interface list; this implies 170 that some system in the domain is interested in the group. In this 171 case, the RP triggers a (S,G) join event towards the data source as 172 if a Join/Prune message was received addressed to the RP itself. This 173 sets up a branch of the source-tree to this domain. Subsequent data 174 packets arrive at the RP via this tree branch, and are forwarded down 175 the shared-tree inside the domain. If leaf routers choose to join the 176 source-tree they have the option to do so according to existing PIM- 177 SM conventions. Finally, if an RP in a domain receives a PIM Join 178 message for a new group G, the RP SHOULD trigger a (S,G) join event 179 for each active (S,G) for that group in its SA cache. 181 This procedure has been affectionately named flood-and-join because 182 if any RP is not interested in the group, they can ignore the SA 183 message. Otherwise, they join a distribution tree. 185 4. Caching 187 A MSDP speaker MUST cache SA messages. Caching allows pacing of MSDP 188 messages as well as reducing join latency for new receivers of a 189 group G at an originating RP which has existing MSDP (S,G) state. In 190 addition, caching greatly aids in diagnosis and debugging of various 191 problems. 193 An MSDP speaker must provide a mechanism to reduce the forwarding of 194 new SA's. The SA-cache is used to reduce storms and performs this by 195 not forwarding SA's unless they are in the cache or are new SA 196 packets that the MSDP speaker will cache for the first time. The SA- 197 cache also reduces storms by advertising from the cache at a period 198 of no more than twice per SA-Advertisement-Timer interval and not 199 less than 1 time per SA Advertisement period. 201 5. Timers 203 The main timers for MSDP are: SA-Advertisement-Timer, SA Cache Entry 204 timer, Peer Hold Timer, KeepAlive timer, and ConnectRetry timer. Each 205 is considered below. 207 5.1. SA-Advertisement-Timer 209 RPs which originate SA messages do so periodically as long as there 210 is data being sent by the source. There is one SA-Advertisement-Timer 211 covering the sources that an RP may advertise. [SA-Advertisement- 212 Period] MUST be 60 seconds. An RP MUST not send more than one 213 periodic SA message for a given (S,G) within an SA Advertisement 214 interval. Originating periodic SA messages is required to keep 215 announcements alive in caches. Finally, an originating RP SHOULD 216 trigger the transmission of an SA message as soon as it receives data 217 from an internal source for the first time. This initial SA message 218 may be in addition to the periodic sa-message forwarded in that first 219 60 seconds for that (S,G). 221 5.2. SA-Advertisement-Timer Processing 223 An RP MUST spread the generation of periodic SA messages (i.e. 224 messages advertising the active sources for which it is the RP) over 225 its reporting interval (i.e. SA-Advertisement-Period). An RP starts 226 the SA-Advertisement-Timer when the MSDP process is configured. When 227 the timer expires, an RP resets the timer to [SA-Advertisement- 228 Period] seconds, and begins the advertisement of its active sources. 229 Active sources are advertised in the following manner: An RP packs 230 its active sources into an SA message until the largest MSDP packet 231 that can be sent is built or there are no more sources, and then 232 sends the message. This process is repeated periodically within the 233 SA-Advertisement-Period in such a way that all of the RP's sources 234 are advertised. Note that since MSDP is a periodic protocol, an 235 implementation SHOULD send all cached SA messages when a connection 236 is established. Finally, the timer is deleted when the MSDP process 237 is de-configured. 239 5.3. SA Cache Timeout (SA-State Timer) 241 Each entry in an SA Cache has an associated SA-State Timer. A 242 (S,G)-SA-State-Timer is started when an (S,G)-SA message is initially 243 received by an MSDP peer. The timer is reset to [SG-State-Period] if 244 another (S,G)-SA message is received before the (S,G)-SA-State Timer 245 expires. [SG-State-Period] MUST NOT be less than [SA-Advertisement- 246 Period] + [SA-Hold-Down-Period]. 248 5.4. Peer Hold Timer 250 The Hold Timer is initialized to [HoldTime-Period] when the peer's 251 transport connection is established, and is reset to [HoldTime- 252 Period] when any MSDP message is received. Finally, the timer is 253 deleted when the peer's transport connection is closed. [HoldTime- 254 Period] MUST be at least three seconds. The recommended value for 255 [HoldTime-Period] is 75 seconds. 257 5.5. KeepAlive Timer 259 Once an MSDP transport connection is established, each side of the 260 connection sends a KeepAlive message and sets a KeepAlive timer. If 261 the KeepAlive timer expires, the local system sends a KeepAlive 262 message and restarts its KeepAlive timer. 264 The KeepAlive timer is set to [KeepAlive-Period] when the peer comes 265 up. The timer is reset to [KeepAlive-Period] each time an MSDP 266 message is sent to the peer, and reset when the timer expires. 268 Finally, the KeepAlive timer is deleted when the peer's transport 269 connection is closed. 271 [KeepAlive-Period] MUST be less than [HoldTime-Period], and MUST be 272 at least one second. The recommended value for [KeepAlive-Period] is 273 60 seconds. 275 5.6. ConnectRetry Timer 277 The ConnectRetry timer is used by the MSDP peer with the lower IP 278 address to transition from INACTIVE to CONNECTING states. There is 279 one timer per peer, and the [ConnectRetry-Period] SHOULD be set to 30 280 seconds. The timer is initialized to [ConnectRetry-Period] when an 281 MSDP speaker attempts to actively open a TCP connection to its peer 282 (see section 15, event E2, action A2 ). When the timer expires, the 283 peer retries the connection and the timer is reset to [ConnectRetry- 284 Period]. It is deleted if either the connection transitions into 285 ESTABLISHED state or the peer is de-configured. 287 6. Intermediate MSDP Peers 289 Intermediate MSDP speakers do not originate periodic SA messages on 290 behalf of sources in other domains. In general, an RP MUST only 291 originate an SA for a source which would register to it, and ONLY RPs 292 may originate SA messages. 294 7. SA Filtering and Policy 296 As the number of (S,G) pairs increases in the Internet, an RP may 297 want to filter which sources it describes in SA messages. Also, 298 filtering may be used as a matter of policy which at the same time 299 can reduce state. MSDP peers in transit domains should not filter SA 300 messages or the flood-and-join model can not guarantee that sources 301 will be known throughout the Internet (i.e., SA filtering by transit 302 domains may cause undesired lack of connectivity). In general, policy 303 should be expressed using MBGP [RFC2283]. This will cause MSDP 304 messages to flow in the desired direction and peer-RPF fail 305 otherwise. An exception occurs at an administrative scope [RFC2365] 306 boundary. In particular, a SA message for a (S,G) MUST NOT be sent to 307 peers which are on the other side of an administrative scope boundary 308 for G. 310 8. Encapsulated Data Packets 312 The RP MAY encapsulate multicast data from the source. An interested 313 RP may decapsulate the packet, which SHOULD be forwarded as if a PIM 314 register encapsulated packet was received. That is, if packets are 315 already arriving over the interface toward the source, then the 316 packet is dropped. Otherwise, if the outgoing interface list is non- 317 null, the packet is forwarded appropriately. Note that when doing 318 data encapsulation, an implementation MUST bound the time during 319 which packets are encapsulated. 321 This allows for small bursts to be received before the multicast tree 322 is built back toward the source's domain. For example, an 323 implementation SHOULD encapsulate at least the first packet to 324 provide service to bursty sources. 326 9. Other Scenarios 328 MSDP is not limited to deployment across different routing domains. 329 It can be used within a routing domain when it is desired to deploy 330 multiple RPs for the same group ranges such as with Anycast RP's. As 331 long as all RPs have a interconnected MSDP topology, each can learn 332 about active sources as well as RPs in other domains. 334 10. MSDP Peer-RPF Forwarding 336 The MSDP Peer-RPF Forwarding rules are used for forwarding SA 337 messages throughout an MSDP enabled internet. Unlike the RPF check 338 used when forwarding data packets, which generally compares the 339 packet's source address against the interface upon which the packet 340 was received, the Peer-RPF check compares the RP address carried in 341 the SA message against the MSDP peer from which the message was 342 received. 344 10.1. Definitions 346 The following definitions are used in the description of the Peer-RPF 347 Forwarding Rules: 349 10.1.1. Multicast RPF Routing Information Base 351 The Multicast RPF Routing Information Base (MRIB) is the multicast 352 topology table. It is typically derived from the unicast routing 353 table or from other routing protocols such as multi-protocol BGP 354 [RFC2283]. 356 10.1.2. Peer-RPF Route 358 The Peer-RPF route is the route that the MRIB chooses for a given 359 address. The Peer-RPF route for a SA's originating RP is used to 360 select the peer from which the SA is accepted. 362 10.1.3. Peer-RPF Forwarding Rules 364 An SA message originated by R and received by X from N is accepted if 365 N is the peer-RPF neighbor for X, and is discarded otherwise. 367 MPP(R,N) MP(N,X) 368 R ---------....-------> N ------------------> X 369 SA(S,G,R) SA(S,G,R) 371 MP(N,X) is an MSDP peering between N and X. MPP(R,N) is an MSDP 372 peering path (zero or more MSDP peers) between R and N, e.g. MPP(R,N) 373 = MP(R, A) + MP(A, B) + MP(B, N). SA(S,G,R) is an SA message for 374 source S on group G originated by an RP R. 376 The peer-RPF neighbor N is chosen deterministically, using the first 377 of the following rules that matches. In particular, N is the RPF 378 neighbor of X with respect to R if 379 (i). N == R (X has an MSDP peering with R). 381 (ii). N is the eBGP NEXT_HOP of the Peer-RPF route for R. 383 (iii). The Peer-RPF route for R is learned through a 384 distance-vector or path-vector routing protocol 385 (e.g. BGP, RIP, DVMRP) and N is the neighbor that 386 advertised the Peer-RPF route for R (e.g. N is the iBGP 387 advertiser of the route for R), or N is the IGP next hop 388 for R if the route for R is learned via a link-state 389 protocol (e.g. OSPF [RFC2178] or IS-IS [RFC1142]). 391 (iv). N resides in the closest AS in the best path towards 392 R. If multiple MSDP peers reside in the closest AS, the 393 peer with the highest IP address is the rpf-peer. 395 (v). N is configured as the static RPF-peer for R. 397 MSDP peers, which are NOT in state ESTABLISHED (i.e., down peers), 398 are not eligible for peer RPF consideration. 400 10.2. MSDP mesh-group semantics 402 An MSDP mesh-group is a operational mechanism for reducing SA 403 flooding, typically in an intra-domain setting. In particular, when 404 some subset of a domain's MSDP speakers are fully meshed, they can be 405 configured into a mesh-group. 407 Note that mesh-groups assume that a member doesn't have to forward an 408 SA to other members of the mesh-group because the originator will 409 forward to all members. To be able for the originator to forward to 410 all members (and to have each member also be a potential originator), 411 the mesh-group must be a full mesh of MSDP peering among all members. 413 The semantics of the mesh-group are as follows: 415 (i). If a member R of a mesh-group M receives a SA message 416 from an MSDP peer that is also a member of mesh-group M, 417 R accepts the SA message and forwards it to all of its 418 peers that are not part of mesh-group M. R MUST NOT 419 forward the SA message to other members of mesh-group M. 421 (ii). If a member R of a mesh-group M receives an SA message 422 from an MSDP peer that is not a member of mesh-group M, 423 and the SA message passes the peer-RPF check, then R 424 forwards the SA message to all members of mesh-group M 425 and to any other msdp peers. 427 11. MSDP Connection State Machine 429 MSDP uses TCP as its transport protocol. In a peering relationship, 430 one MSDP peer listens for new TCP connections on the well-known port 431 639. The other side makes an active connect to this port. The peer 432 with the higher IP address will listen. This connection establishment 433 algorithm avoids call collision. Therefore, there is no need for a 434 call collision procedure. It should be noted, however, that the 435 disadvantage of this approach is that the startup time depends 436 completely upon the active side and its connect retry timer; the 437 passive side cannot cause the connection to be established. 439 An MSDP peer starts in the DISABLED state. MSDP peers establish 440 peering sessions according to the following state machine: 442 --------------->+----------+ 443 / | DISABLED |<---------- 444 | ------>+----------+ \ 445 | / |E1->A1 | 446 | | | | 447 | | V |E7->A7 448 | | +----------+ E3->A3 +--------+ 449 | | | INACTIVE |------->| LISTEN | 450 | | +----------+ +--------+ 451 | | E2->A2| ^ |E5->A5 452 | | | | | 453 | |E7->A6 V |E6 | 454 | \ +------------+ | 455 | ------| CONNECTING | | 456 | +------------+ | 457 E7->A8 | |E4->A4 | 458 E8->A8 | | | 459 E9->A8 | V | 460 \ +-------------+ / 461 --------------| ESTABLISHED |<--------- 462 +-------------+ 463 | ^ 464 | | 465 E10->A9 \______/ 467 11.1. Events 469 E1) Enable MSDP peering with P 470 E2) Own IP address < P's IP address 471 E3) Own IP address > P's IP address 472 E4) TCP established (active side) 473 E5) TCP established (passive side) 474 E6) ConnectRetry timer expired 475 E7) Disable MSDP peering with P (e.g. when one's own address is 476 changed) 477 E8) Hold Timer expired 478 E9) MSDP TLV format error detected 479 E10) Any other error detected 481 11.2. Actions 483 A1) Allocate resources for peering with P Compare one's own and 484 peer's IP addresses 485 A2) TCP active OPEN Set ConnectRetry timer to 486 [ConnectRetry-Period] 487 A3) TCP passive OPEN (listen) 488 A4) Delete ConnectRetry timer Send KeepAlive TLV 489 Set KeepAlive timer to [KeepAlive-Period] 490 Set Hold Timer to [HoldTime-Period] 491 A5) Send KeepAlive TLV 492 Set KeepAlive timer to [KeepAlive-Period] 493 Set Hold Timer to [HoldTime-Period] 494 A6) Abort TCP active OPEN attempt 495 Release resources allocated for peering with P 496 A7) Abort TCP passive OPEN attempt 497 Release resources allocated for peering with P 498 A8) Close the TCP connection 499 Release resources allocated for peering with P 500 A9) Drop the packet 502 11.3. Peer-specific Events 504 The following peer-specific events can occur in the ESTABLISHED 505 state, they do not cause a state transition. Appropriate actions are 506 listed for each event. 508 *) KeepAlive timer expired: 509 -> Send KeepAlive TLV 510 -> Set KeepAlive timer to [KeepAlive-Period] 511 *) KeepAlive TLV received: 512 -> Set Hold Timer to [HoldTime-Period] 513 *) Source-Active TLV received: 514 -> Set Hold Timer to [HoldTime-Period] 515 -> Run Peer-RPF Forwarding algorithm 516 -> Set KeepAlive timer to [KeepAlive-Period] for those peers 517 the Source-Active TLV is forwarded to 518 -> Send information to PIM-SM 519 -> Store information in cache 521 11.4. Peer-independent Events 523 There are also a number of events that affect more than one peering 524 session, but still require actions to be performed on a per-peer 525 basis. 527 *) SA-Advertisement-Timer expired: 528 -> Start periodic transmission of Source-Active TLV(s) 529 -> Set KeepAlive timer to [KeepAlive-Period] each time a 530 Source-Active TLV is sent 531 *) MSDP learns of a new active internal source (e.g. PIM-SM 532 register received for a new source): 533 -> Send Source-Active TLV 534 -> Set KeepAlive timer to [KeepAlive-Period] 535 *) SG-State-Timer expired (one timer per cache entry): 536 -> Implementation specific, typically mark the cache entry 537 for deletion 539 12. Packet Formats 541 MSDP messages are encoded in TLV format. If an implementation 542 receives a TLV that has length that is longer than expected, the TLV 543 SHOULD be accepted. Any additional data SHOULD be ignored and the 544 MSDP session should not be reset. 546 12.1. MSDP TLV format 548 0 1 2 3 549 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 550 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 551 | Type | Length | Value .... | 552 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 554 Type (8 bits) 555 Describes the format of the Value field. 557 Length (16 bits) 558 Length of Type, Length, and Value fields in octets. 559 Minimum length required is 4 octets, except for 560 Keepalive messages. The maximum TLV length is 9192. 562 Value (variable length) 563 Format is based on the Type value. See below. The length of 564 the value field is Length field minus 3. All reserved fields 565 in the Value field MUST be transmitted as zeros and ignored on 566 receipt. 568 12.2. Defined TLVs 570 The following TLV Types are defined: 572 Code Type 573 =================================================== 574 1 IPv4 Source-Active 575 2 IPv4 Source-Active Request 576 3 IPv4 Source-Active Response 577 4 KeepAlive 578 5 Reserved (Previously: Notification) 580 Each TLV is described below. 582 In addition, the following TLV Types are assigned but not described 583 in this memo: 585 Code Type 586 ==================================================== 587 6 MSDP traceroute in progress 588 7 MSDP traceroute reply 590 12.2.1. IPv4 Source-Active TLV 592 The maximum size SA message that can be sent is 9192 octets. The 9192 593 octet size does not include the TCP, IP, layer-2 headers. 595 0 1 2 3 596 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 597 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 598 | 1 | x + y | Entry Count | 599 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 600 | RP Address | 601 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 602 | Reserved | Sprefix Len | \ 603 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ \ 604 | Group Address | ) z 605 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ / 606 | Source Address | / 607 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 609 Type 610 IPv4 Source-Active TLV is type 1. 612 Length x 613 Is the length of the control information in the message. x is 614 8 octets (for the first two 32-bit quantities) plus 12 times 615 Entry Count octets. 617 Length y 618 If 0, then there is no data encapsulated. Otherwise an IPv4 619 packet follows and y is the value of the total length field 620 in the header of the encapsulated IP packet. If there are 621 multiple (S,G) entries in an SA message, only the last entry 622 may have encapsulated data and it must reflect the source and 623 destination addresses in the header of the encapsulated IP 624 packet. 626 Entry Count 627 Is the count of z entries (note above) which follow the RP 628 address field. This is so multiple (S,G)s from the same domain 629 can be encoded efficiently for the same RP address. An 630 SA message containing encapsulated data typically has an 631 entry count of 1 (i.e. only contains a single entry, for 632 the (S,G) representing the encapsulated packet). 634 RP Address 635 The address of the RP in the domain the source has become 636 active in. 638 Reserved 639 The Reserved field MUST be transmitted as zeros and MUST be 640 ignored by a receiver. 642 Sprefix Len 643 The route prefix length associated with source address. 644 This field MUST be transmitted as 32 (/32). 646 Group Address 647 The group address the active source has sent data to. 649 Source Address 650 The IP address of the active source. 652 Multiple (S,G) entries MAY appear in the same SA and can be batched 653 for efficiency at the expense of data latency. This would typically 654 occur on intermediate forwarding of SA messages. 656 12.2.2. KeepAlive TLV 658 A KeepAlive TLV is sent to an MSDP peer if and only if there were no 659 MSDP messages sent to the peer within [KeepAlive-Period] seconds. 660 This message is necessary to keep the MSDP connection alive. 662 0 1 2 3 663 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 664 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 665 | 4 | 3 | 666 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 668 The length of the message is 3 octets which encompasses the one octet 669 Type field and the two octet Length field. 671 13. MSDP Error Handling 673 If an MSDP message is received with a TLV format error, the session 674 SHOULD be reset with that peer. MSDP messages with other errors, such 675 as unrecognized type code, received from MSDP peers, SHOULD be 676 silently discarded and the session SHOULD not be reset. 678 14. SA Data Encapsulation 680 As discussed earlier, TCP encapsulation of data in SA messages MAY be 681 supported for backwards compatibility with legacy MSDP peers. 683 15. Applicability Statement 685 MSDP is used primarily in two deployment scenarios: 687 15.1. Between PIM Domains 689 MSDP can be used between PIM domains to convey information about 690 active sources available in other domains. MSDP peering used in such 691 cases is generally one to one peering, and utilizes the deterministic 692 peer-RPF rules described in this spec (i.e., does not use mesh- 693 groups). Peerings can be aggregated on a single MSDP peer, typically 694 from one to hundreds of peerings, similar in scale, although not 695 necessarily consistent, with BGP peerings. 697 15.2. Between Anycast-RPs 699 MSDP is also used between Anycast-RPs [RFC3446] within a PIM domain 700 to synchronize information about the active sources being served by 701 each Anycast-RP peer (by virtue of IGP reachability). MSDP peering 702 used in this scenario is typically based on MSDP mesh groups, where 703 anywhere from two to tens of peers can comprise a given mesh group, 704 although more than ten is not typical. One or more of these mesh- 705 group peers may then also have additional one-to-one peering with 706 msdp peers outside that PIM domain as described in scenario A, for 707 discovery of external sources. MSDP for anycast-RP without external 708 MSDP peering is a valid deployment option and common. 710 16. Intellectual Property 712 The IETF takes no position regarding the validity or scope of any 713 intellectual property or other rights that might be claimed to 714 pertain to the implementation or use of the technology described in 715 this document or the extent to which any license under such rights 716 might or might not be available; neither does it represent that it 717 has made any effort to identify any such rights. Information on the 718 IETF's procedures with respect to rights in standards-track and 719 standards-related documentation can be found in BCP-11. Copies of 720 claims of rights made available for publication and any assurances of 721 licenses to be made available, or the result of an attempt made to 722 obtain a general license or permission for the use of such 723 proprietary rights by implementors or users of this specification can 724 be obtained from the IETF Secretariat. 726 The IETF invites any interested party to bring to its attention any 727 copyrights, patents or patent applications, or other proprietary 728 rights which may cover technology that may be required to practice 729 this standard. Please address the information to the IETF Executive 730 Director. 732 17. Acknowledgments 734 The editors would like to thank the original authors, Dino Farinacci, 735 Yakov Rehkter, Peter Lothberg, Hank Kilmer, and Jermey Hall for their 736 original contribution to the MSDP specification. In addition, Bill 737 Nickless, John Meylor, Liming Wei, Manoj Leelanivas, Mark Turner, 738 John Zwiebel, Cristina Radulescu-Banu, Brian Edwards, Selina 739 Priestley, IJsbrand Wijnands, Tom Pusateri, Kristofer Warell, Henning 740 Eriksson, Thomas Eriksson, Dave Thaler, and Ravi Shekhar provided 741 useful and productive design feedback and comments. Mike McBride, 742 Leonard Giuliano, Swapna Yelamanchi, Toerless Eckert, John Meylor and 743 Ishan Wu contributed to the final version of the draft. 745 18. Security Considerations 747 An MSDP implementation MUST implement Keyed MD5 [RFC2385] to secure 748 control messages, and MUST be capable of interoperating with peers 749 that do not support it. However, if one side of the connection is 750 configured with Keyed MD5 and the other side is not, the connection 751 SHOULD NOT be established. 753 In addition, to mitigate state explosion during denial of service and 754 other attacks, SA filters and limits SHOULD be used with MSDP to 755 limit the sources and groups that will be passed between RPs. 757 19. IANA Considerations 759 This document creates a new namespace called "MSDP TLV Values" that 760 the IANA should manage. The intial seven MSDP TLV values are 761 specified in Section 12.2. The following two sections describe the 762 rules for allocating new MSDP TLV values. 764 19.1. IANA Allocated TLV Range 766 MSDP TLV values in the range [8,200] (inclusive) are to be allocated 767 using an IESG Approval or Standards Action process [RFC2434]. 769 19.2. Experimental TLV Range 771 TLV values in the range [201,255] (inclusive) are allocated for 772 experimental use. 774 20. References 776 20.1. Normative References 778 [RFC1142] Oran, D. "OSI IS-IS Intra-domain Routing 779 Protocol", RFC 1142, February 1990. 781 [RFC2178] Moy, J., "OSPF Version 2", RFC 2178, April, 1998. 783 [RFC2283] Bates, T., Chandra, R., Katz, D., and 784 Y. Rekhter., "Multiprotocol Extensions for 785 BGP-4", RFC 2283, February 1998. 787 [RFC2362] Estrin D., et al., "Protocol Independent 788 Multicast - Sparse Mode (PIM-SM): Protocol 789 Specification", RFC 2362, June 1998. 791 [RFC2365] Meyer, D. "Administratively Scoped IP Multicast", 792 RFC 2365, July, 1998. 794 [RFC2385] Heffernan. A, "Protection of BGP Sessions via the 795 TCP MD5 Signature Option", August, 1998. 797 [RFC2434] Narten, T., and H. Alvestrand, "Guidelines for 798 Writing an IANA Considerations Section in 799 RFCs", RFC2434/BCP0026, October, 1998. 801 [RFC3446] Kim, D., et al., "Anycast Rendezvous Point (RP) 802 Mechanism using Protocol Independent Multicast 803 (PIM) and Multicast Source Discovery Protocol 804 (MSDP)", RFC 3446, January, 2003. 806 20.2. Informative References 808 [RFC2119] S. Bradner, "Key words for use in RFCs to 809 Indicate Requirement Levels", RFC 2119, March, 810 1997. 812 21. Editor's Addresses 814 Bill Fenner 815 AT&T Labs -- Research 816 75 Willow Road 817 Menlo Park, CA 94025 818 Email: fenner@research.att.com 820 David Meyer 821 Email: dmm@maoz.com 823 22. Full Copyright Statement 825 Copyright (C) The Internet Society (2003). All Rights Reserved. 827 This document and translations of it may be copied and furnished to 828 others, and derivative works that comment on or otherwise explain it 829 or assist in its implementation may be prepared, copied, published 830 and distributed, in whole or in part, without restriction of any 831 kind, provided that the above copyright notice and this paragraph are 832 included on all such copies and derivative works. However, this 833 document itself may not be modified in any way, such as by removing 834 the copyright notice or references to the Internet Society or other 835 Internet organizations, except as needed for the purpose of 836 developing Internet standards in which case the procedures for 837 copyrights defined in the Internet Standards process must be 838 followed, or as required to translate it into languages other than 839 English. 841 The limited permissions granted above are perpetual and will not be 842 revoked by the Internet Society or its successors or assigns. 844 This document and the information contained herein is provided on an 845 "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING 846 TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING 847 BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION 848 HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF 849 MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.