idnits 2.17.1 draft-ietf-ospf-rfc2370bis-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** It looks like you're using RFC 3978 boilerplate. You should update this to the boilerplate described in the IETF Trust License Policy document (see https://trustee.ietf.org/license-info), which is required now. -- Found old boilerplate from RFC 3978, Section 5.1 on line 18. -- Found old boilerplate from RFC 3978, Section 5.5, updated by RFC 4748 on line 676. -- Found old boilerplate from RFC 3979, Section 5, paragraph 1 on line 687. -- Found old boilerplate from RFC 3979, Section 5, paragraph 2 on line 694. -- Found old boilerplate from RFC 3979, Section 5, paragraph 3 on line 700. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust Copyright Line does not match the current year -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (June 2007) is 6157 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Possible downref: Non-RFC (?) normative reference: ref. 'IANA' -- No information found for draft-ietf-ospf-mt- - is the name correct? -- No information found for draft-ietf-ospf-ospfv3-update- - is the name correct? -- Obsolete informational reference (is this intentional?): RFC 2370 (Obsoleted by RFC 5250) Summary: 1 error (**), 0 flaws (~~), 1 warning (==), 11 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 Internet Draft Lou Berger (LabN) 2 Obsoletes: 2370 Igor Bryskin (Adva) 3 Category: Standards Track Alex Zinin (Alcatel) 4 Expiration Date: December 2007 Original Author: 5 Rob Coltun (Acoustra Productions) 7 June 2007 9 The OSPF Opaque LSA Option 11 draft-ietf-ospf-rfc2370bis-01.txt 13 Status of this Memo 15 By submitting this Internet-Draft, each author represents that any 16 applicable patent or other IPR claims of which he or she is aware 17 have been or will be disclosed, and any of which he or she becomes 18 aware will be disclosed, in accordance with Section 6 of BCP 79. 20 Internet-Drafts are working documents of the Internet Engineering 21 Task Force (IETF), its areas, and its working groups. Note that 22 other groups may also distribute working documents as Internet- 23 Drafts. 25 Internet-Drafts are draft documents valid for a maximum of six months 26 and may be updated, replaced, or obsoleted by other documents at any 27 time. It is inappropriate to use Internet-Drafts as reference 28 material or to cite them other than as "work in progress." 30 The list of current Internet-Drafts can be accessed at 31 http://www.ietf.org/1id-abstracts.html 33 The list of Internet-Draft Shadow Directories can be accessed at 34 http://www.ietf.org/shadow.html 36 Abstract 38 This document defines enhancements to the OSPF protocol to support a 39 new class of link-state advertisements (LSA) called Opaque LSAs. 40 Opaque LSAs provide a generalized mechanism to allow for the future 41 extensibility of OSPF. Opaque LSAs consist of a standard LSA header 42 followed by application-specific information. The information field 43 may be used directly by OSPF or by other applications. Standard OSPF 44 link-state database flooding mechanisms are used to distribute Opaque 45 LSAs to all or some limited portion of the OSPF topology. 47 This document replaces RFC 2370 and adds to it a mechanism to enable 48 an OSPF router to validate AS-scope opaque LSAs originated outside of 49 the router's OSPF area. 51 Contents 53 1 Conventions used in this document ......................... 3 54 2 Introduction .............................................. 3 55 2.1 Organization Of This Document ............................. 3 56 2.2 Acknowledgments ........................................... 4 57 3 The Opaque LSA ............................................ 4 58 3.1 Flooding Opaque LSAs ...................................... 5 59 3.2 Modifications To The Neighbor State Machine ............... 6 60 4 Protocol Data Structures .................................. 7 61 4.1 Additions To The OSPF Neighbor Structure .................. 8 62 5 Inter-Area Considerations ................................. 8 63 6 Management Considerations ................................. 9 64 7 Backward Compatibility .................................... 9 65 8 Security Considerations ................................... 10 66 9 IANA Considerations ....................................... 11 67 10 References ................................................ 11 68 10.1 Normative References ...................................... 11 69 10.2 Informative References .................................... 12 70 11 Author's Addresses ........................................ 12 71 12 Appendix A: OSPF Data formats ............................. 13 72 12.1 The Options Field ......................................... 13 73 12.2 The Opaque LSA ............................................ 14 74 13 Full Copyright Statement .................................. 16 75 14 Intellectual Property ..................................... 16 76 1. Conventions used in this document 78 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 79 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 80 document are to be interpreted as described in [RFC2119]. 82 2. Introduction 84 Over the last several years the OSPF routing protocol [OSPF] has been 85 widely deployed throughout the Internet. As a result of this 86 deployment and the evolution of networking technology, OSPF has been 87 extended to support many options; this evolution will obviously 88 continue. 90 This document defines enhancements to the OSPF protocol to support a 91 new class of link-state advertisements (LSA) called Opaque LSAs. 92 Opaque LSAs provide a generalized mechanism to allow for the future 93 extensibility of OSPF. The information contained in Opaque LSAs may 94 be used directly by OSPF or indirectly by some application wishing to 95 distribute information throughout the OSPF domain. The exact use of 96 Opaque LSAs is beyond the scope of this document. 98 Opaque LSAs consist of a standard LSA header followed by a 32-bit 99 aligned application-specific information field. Like any other LSA, 100 the Opaque LSA uses the link-state database distribution mechanism 101 for flooding this information throughout the topology. The link- 102 state type field of the Opaque LSA identifies the LSA's range of 103 topological distribution. This range is referred to as the Flooding 104 Scope. 106 It is envisioned that an implementation of the Opaque option provides 107 an application interface for 1) encapsulating application-specific 108 information in a specific Opaque type, 2) sending and receiving 109 application-specific information, and 3) if required, informing the 110 application of the change in validity of previously received 111 information when topological changes are detected. 113 2.1. Organization Of This Document 115 This document first defines the three types of Opaque LSAs followed 116 by a description of OSPF packet processing. The packet processing 117 sections include modifications to the flooding procedure and to the 118 neighbor state machine. Appendix A then gives the packet formats. 120 2.2. Acknowledgments 122 We would like to thank Acee Lindem for his detailed review and useful 123 feedback. The handling of AS-scope opaque LSAs described in this 124 document is taken from draft-bryskin-ospf-lsa- 125 type11-validation-00.txt. 127 3. The Opaque LSA 129 Opaque LSAs are types 9, 10, and 11 link-state advertisements. 130 Opaque LSAs consist of a standard LSA header followed by a 32-bit 131 aligned application-specific information field. Standard link-state 132 database flooding mechanisms are used for distribution of Opaque 133 LSAs. The range of topological distribution (i.e., the flooding 134 scope) of an Opaque LSA is identified by its link-state type. This 135 section documents the flooding of Opaque LSAs. 137 The flooding scope associated with each Opaque link-state type is 138 defined as follows. 140 o Link-state type-9 denotes a link-local scope. Type-9 Opaque 141 LSAs are not flooded beyond the local (sub)network. 143 o Link-state type-10 denotes an area-local scope. Type-10 Opaque 144 LSAs are not flooded beyond the borders of their associated area. 146 o Link-state type-11 denotes that the LSA is flooded throughout 147 the Autonomous System (AS). The flooding scope of type-11 148 LSAs are equivalent to the flooding scope of AS-external (type-5) 149 LSAs. Specifically, type-11 Opaque LSAs are 1) flooded 150 throughout all transit areas, 2) not flooded into stub areas or 151 NSSAs from the backbone and 3) not originated by routers into 152 their connected stub areas or NSSAs. As with type-5 LSAs, if a 153 type-11 Opaque LSA is received in a stub area or NSSA from a 154 neighboring router within the stub area or NSSA the LSA is 155 rejected. 157 The link-state ID of the Opaque LSA is divided into an Opaque type 158 field (the first 8 bits) and a type-specific ID (the remaining 24 159 bits). The packet format of the Opaque LSA is given in Appendix A. 160 Section 7 describes Opaque type allocation and assignment. 162 The responsibility for proper handling of the Opaque LSA's flooding 163 scope is placed on both the sender and receiver of the LSA. The 164 receiver must always store a valid received Opaque LSA in its link- 165 state database. The receiver must not accept Opaque LSAs that 166 violate the flooding scope (e.g., a type-11 (domain-wide) Opaque LSA 167 is not accepted in a stub area or NSSA). The flooding scope effects 168 both the synchronization of the link-state database and the flooding 169 procedure. 171 The following describes the modifications to these procedures that 172 are necessary to insure conformance to the Opaque LSA's Scoping 173 Rules. 175 3.1. Flooding Opaque LSAs 177 The flooding of Opaque LSAs MUST follow the rules of Flooding Scope 178 as specified in this section. Section 13 of [OSPF] describes the 179 OSPF flooding procedure. Those procedures MUST be followed as 180 defined except where modified in this section. The following 181 describes the Opaque LSA's type-specific flooding restrictions. 183 o If the Opaque LSA is type-9 (the flooding scope is link-local) 184 and the interface that the LSA was received on is not the same 185 as the target interface (e.g., the interface associated with a 186 particular target neighbor), the Opaque LSA MUST be discarded 187 and not acknowledged. An implementation SHOULD keep track of 188 the IP interface associated with each Opaque LSA having a 189 link-local flooding scope. 191 o If the Opaque LSA is type-10 (the flooding scope is area-local) 192 and the area associated with Opaque LSA (as identified during 193 origination or from a received LSA's associated OSPF packet 194 header) is not the same as the area associated with the target 195 interface, the Opaque LSA MUST be discarded and not 196 acknowledged. An implementation SHOULD keep track of the OSPF 197 area associated with each Opaque LSA having an area-local 198 flooding scope. 200 o If the Opaque LSA is type-11 (the LSA is flooded throughout the 201 AS) and the target interface is associated with a stub area or 202 NSSA, the Opaque LSA MUST NOT be flooded out the interface. A 203 type-11 Opaque LSA that is received on an interface associated 204 with a stub area or NSSA MUST be discarded and not acknowledged 205 (the neighboring router has flooded the LSA in error). 207 When opaque-capable routers and non-opaque-capable OSPF routers are 208 mixed together in a routing domain, the Opaque LSAs are typically not 209 flooded to the non-opaque-capable routers. As a general design 210 principle, optional OSPF advertisements are only flooded to those 211 routers that understand them. 213 An opaque-capable router learns of its neighbor's opaque capability 214 at the beginning of the "Database Exchange Process" (see Section 10.6 215 of [OSPF], receiving Database Description packets from a neighbor in 216 state ExStart). A neighbor is opaque-capable if and only if it sets 217 the O-bit in the Options field of its Database Description packets; 218 the O-bit SHOULD NOT be set and SHOULD be ignored when received in 219 packets other than Database Description packets. Then, in the next 220 step of the Database Exchange process, Opaque LSAs are included in 221 the Database summary list that is sent to the neighbor (see Sections 222 3.2 below and 10.3 of [OSPF]) when the neighbor is opaque capable. 224 When flooding Opaque-LSAs to adjacent neighbors, an opaque-capable 225 router looks at the neighbor's opaque capability. Opaque LSAs are 226 only flooded to opaque-capable neighbors. To be more precise, in 227 Section 13.3 of [OSPF], Opaque LSAs MUST be placed on the link-state 228 retransmission lists of opaque-capable neighbors and MUST NOT be 229 placed on the link-state retransmission lists of non-opaque-capable 230 neighbors. However, when sending Link State Update packets as 231 multicasts, a non-opaque-capable neighbor may (inadvertently) receive 232 Opaque LSAs. The non-opaque-capable router will then simply discard 233 the LSA (see Section 13 of [OSPF], receiving LSAs having unknown LS 234 types). 236 Information contained in received opaque LSAs SHOULD only be used 237 when the router originating the LSA is reachable. As mentioned in 238 [OSPFv3], reachability validation MAY be done less frequently than 239 every SPF calculation. Additionally, routers processing received 240 opaque LSAs MAY choose to give priority to processing base OSPF LSA 241 types over opaque LSA types. 243 3.2. Modifications To The Neighbor State Machine 245 The state machine as it exists in section 10.3 of [OSPF] remains 246 unchanged except for the action associated with State: ExStart, 247 Event: NegotiationDone which is where the Database summary list is 248 built. To incorporate the Opaque LSA in OSPF this action is changed 249 to the following. 251 State(s): ExStart 253 Event: NegotiationDone 255 New state: Exchange 257 Action: The router MUST list the contents of its entire area 258 link-state database in the neighbor Database summary 259 list. The area link-state database consists of the 260 Router LSAs, Network LSAs, Summary LSAs, type-9 opaque 261 LSAs, and type-10 opaque LSAs contained in the area 262 structure, along with AS External and type-11 Opaque 263 LSAs contained in the global structure. AS External 264 and type-11 Opaque LSAs MUST be omitted from a 265 virtual neighbor's Database summary list. AS External 266 LSAs and type-11 Opaque LSAs MUST be omitted from the 267 Database summary list if the area has been configured 268 as a stub area or NSSA (see Section 3.6 of [OSPF]). 270 Type-9 Opaque LSAs MUST be omitted from the Database 271 summary list if the interface associated with the 272 neighbor is not the interface associated with the Opaque 273 LSA (as noted upon reception). 275 Any advertisement whose age is equal to MaxAge MUST be 276 omitted from the Database summary list. It MUST instead 277 be added to the neighbor's link-state retransmission 278 list. A summary of the Database summary list will be 279 sent to the neighbor in Database Description packets. 280 Only one Database Description Packet is allowed to be 281 outstanding at any one time. For more detail on the 282 sending and receiving of Database Description packets, 283 see Sections 10.6 and 10.8 of [OSPF]. 285 4. Protocol Data Structures 287 The Opaque option is described herein in terms of its operation on 288 various protocol data structures. These data structures are included 289 for explanatory uses only. They are not intended to constrain an 290 implementation. In addition to the data structures listed below, this 291 specification references the various data structures (e.g., OSPF 292 neighbors) defined in [OSPF]. 294 In an OSPF router, the following item is added to the list of global 295 OSPF data structures described in Section 5 of [OSPF]: 297 o Opaque capability. Indicates whether the router is running the 298 Opaque option (i.e., capable of storing Opaque LSAs). Such a 299 router will continue to inter-operate with non-opaque-capable 300 OSPF routers. 302 4.1. Additions To The OSPF Neighbor Structure 304 The OSPF neighbor structure is defined in Section 10 of [OSPF]. In 305 an opaque-capable router, the following items are added to the OSPF 306 neighbor structure: 308 o Neighbor Options. This field was already defined in the OSPF 309 specification. However, in opaque-capable routers there is a new 310 option which indicates the neighbor's Opaque capability. This new 311 option is learned in the Database Exchange process through 312 reception of the neighbor's Database Description packets and 313 determines whether Opaque LSAs are flooded to the neighbor. For a 314 more detailed explanation of the flooding of the Opaque LSA see 315 section 3 of this document. 317 5. Inter-Area Considerations 319 As defined above, link-state type-11 opaque LSAs are flooded 320 throughout the Autonomous System (AS). One issue related to such AS 321 scoped Opaque LSAs is that there must be a way for OSPF routers in 322 remote areas to check availability of the LSA originator. 323 Specifically, if an OSPF router originates a type-11 LSA and, after 324 that, goes out of service, OSPF routers located outside of the 325 originator's OSPF area have no way of detecting this fact and may use 326 the stale information for a considerable period of time (up to 60 327 minutes). This could prove to be suboptimal for some applications and 328 may result in others not functioning. 330 Type-9 opaque LSAs and type-10 opaque LSAs do not have this problem 331 as a receiving router can detect if the advertising router is 332 reachable within the LSA's respective flooding scope. In the case of 333 type-9 LSAs, the originating router must be an OSPF neighbor in 334 Exchange state or greater. In the case of type-10 Opaque LSAs, the 335 intra-area SPF calculation will determine the advertising router's 336 reachability. 338 There is a parallel issue in OSPF for the AS scoped AS-external-LSAs 339 (type-5 LSAs). OSPF addresses this by using AS border information 340 advertised in ASBR-summary-LSAs (type-4 LSAs), see [OSPF] Section 341 16.4. This same mechanism is reused by this document for type-11 342 opaque LSAs. 344 To enable OSPF routers in remote areas to check availability of the 345 originator of link-state type-11 opaque LSAs, the originators 346 advertise themselves as ASBRs. This will enable routers to track the 347 reachability of the LSA originator either directly via the SPF 348 calculation (for routers in the same area) or indirectly via type-4 349 LSAs originated by ABRs (for routers in other areas). It is important 350 to note that per [OSPF] this solution does not apply to OSPF stub 351 areas or NSSAs as AS scoped opaque LSAs are not flooded into these 352 area types. 354 The procedures related to inter-area opaque LSAs are as follows: 356 (1) An OSPF router that is configured to originate AS-scope opaque 357 LSAs will advertise itself as an ASBR and MUST follow the 358 requirements related to setting of the Options field E-bit in 359 OSPF LSA headers as specified in [OSPF]. 361 (2) When processing a received type-11 Opaque LSA, the router MUST 362 lookup the routing table entries (potentially one per attached 363 area) for the AS boundary router (ASBR) that originated the LSA. 364 If no entries exist for router ASBR (i.e., the ASBR is 365 unreachable), the router MUST do nothing with this LSA. It also 366 MUST discontinue using all Opaque LSAs injected into the network 367 by the same originator whenever it is detected that the 368 originator is unreachable. 370 6. Management Considerations 372 The updated OSPF MIB, [RFC4750], provides explicit support for opaque 373 LSAs and SHOULD be used to support implementations of this document. 374 See Section 12.3 of [RFC4750] for details. In addition to that 375 section, implementations supporting [RFC4750] will also include 376 opaque LSAs in all appropriate generic LSA objects, e.g., 377 ospfOriginateNewLsas, and ospfLsdbTable. 379 7. Backward Compatibility 381 The solution proposed in this document introduces no interoperability 382 issues. In the case that a non-opaque-capable neighbor receives 383 Opaque LSAs, per [OSPF], the non-opaque-capable router will simply 384 discard the LSA. 386 Note that OSPF routers that implement [RFC2370] will continue using 387 stale type-11 LSAs even when the LSA originator implements the Inter- 388 area procedures described in Section 6 of this document. 390 8. Security Considerations 392 There are two types of issues that need be addressed when looking at 393 protecting routing protocols from misconfigurations and malicious 394 attacks. The first is authentication and certification of routing 395 protocol information. The second is denial of service attacks 396 resulting from repetitive origination of the same router 397 advertisement or origination a large number of distinct 398 advertisements resulting in database overflow. Note that both of 399 these concerns exist independently of a router's support for the 400 Opaque option. 402 To address the authentication concerns, OSPF protocol exchanges are 403 authenticated. OSPF supports multiple types of authentication; the 404 type of authentication in use can be configured on a per network 405 segment basis. One of OSPF's authentication types, namely the 406 Cryptographic authentication option, is believed to be secure against 407 passive attacks and provide significant protection against active 408 attacks. When using the Cryptographic authentication option, each 409 router appends a "message digest" to its transmitted OSPF packets. 410 Receivers then use the shared secret key and received digest to 411 verify that each received OSPF packet is authentic. 413 The quality of the security provided by the Cryptographic 414 authentication option depends completely on the strength of the 415 message digest algorithm (MD5 is currently the only message digest 416 algorithm specified), the strength of the key being used, and the 417 correct implementation of the security mechanism in all communicating 418 OSPF implementations. It also requires that all parties maintain the 419 secrecy of the shared secret key. None of the standard OSPF 420 authentication types provide confidentiality. Nor do they protect 421 against traffic analysis. For more information on the standard OSPF 422 security mechanisms, see Sections 8.1, 8.2, and Appendix D of [OSPF]. 424 Repetitive origination of advertisements are addressed by OSPF by 425 mandating a limit on the frequency that new instances of any 426 particular LSA can be originated and accepted during the flooding 427 procedure. The frequency at which new LSA instances may be 428 originated is set equal to once every MinLSInterval seconds, whose 429 value is 5 seconds (see Section 12.4 of [OSPF]). The frequency at 430 which new LSA instances are accepted during flooding is once every 431 MinLSArrival seconds, whose value is set to 1 (see Section 13, 432 Appendix B and G.5 of [OSPF]). 434 Proper operation of the OSPF protocol requires that all OSPF routers 435 maintain an identical copy of the OSPF link-state database. However, 436 when the size of the link-state database becomes very large, some 437 routers may be unable to keep the entire database due to resource 438 shortages; we term this "database overflow". When database overflow 439 is anticipated, the routers with limited resources can be 440 accommodated by configuring OSPF stub areas and NSSAs. [OVERFLOW] 441 details a way of gracefully handling unanticipated database 442 overflows. 444 In the case of type-11 Opaque LSAs, this document reuses an ASBR 445 tracking mechanism that is already employed in basic OSPF for type-5 446 LSAs. Therefore, applying it to type-11 Opaque LSAs does not create 447 any threats that are not already known for type-5 LSAs. 449 9. IANA Considerations 451 There are no changes to the IANA number assignment requirements from 452 [RFC2370]. 454 Opaque types are maintained by the IANA. Extensions to OSPF which 455 require a new Opaque type must be reviewed by the OSPF working group. 456 In the event that the OSPF working group has disbanded the review 457 shall be performed by a recommended Designated Expert. 459 Following the policies outlined in [IANA], Opaque type values in the 460 range of 0-127 are allocated through an IETF Consensus action and 461 Opaque type values in the range of 128-255 are reserved for private 462 and experimental use. 464 10. References 466 10.1. Normative References 468 [DEMD] Moy, J., "Extending OSPF to Support Demand Circuits", RFC 469 1793, April 1995. 471 [IANA] Narten, T., and H. Alvestrand, "Guidelines for Writing an IANA 472 Considerations Section in RFCs", BCP 26, October 1998. 474 [OSPF] Moy, J., "OSPF Version 2", STD 54, RFC 2328, April 1998. 476 [RFC2119] Bradner, S., "Key words for use in RFCs to indicate 477 requirements levels", RFC 2119, March 1997. 479 [RFC4750] Joyal, D., et. al., "OSPF Version 2 Management Information 480 Base", RFC 4750, November 2006. 482 10.2. Informative References 484 [MOSPF] Moy, J., "Multicast Extensions to OSPF", RFC 1584, March 485 1994. 487 [NSSA] Murphy P., "The OSPF Not-So-Stubby Area (NSSA) Option", 488 RFC 3101, January 2003. 490 [OSPF-MT] Psenak, P., et al., "Multi-Topology (MT) Routing in OSPF", 491 draft-ietf-ospf-mt-, January 2007. 493 [OSPFv3] Coltun, R., et al. "OSPF for IPv6", 494 draft-ietf-ospf-ospfv3-update-, May 2007. 496 [OVERFLOW] Moy, J., "OSPF Database Overflow", RFC 1765, March 1995. 498 [RFC2370] Coltun, R., "The OSPF Opaque LSA Option", RFC 2370, 499 July 1998. 501 [RFC4576] Rosen, E., et. al., "Using a Link State Advertisement 502 (LSA) Options Bit to Prevent Looping in BGP/MPLS IP 503 Virtual Private Networks (VPNs)", RFC 4576, June 2006. 505 11. Author's Addresses 507 Lou Berger 508 LabN Consulting, L.L.C. 509 Email: lberger@labn.net 511 Igor Bryskin 512 ADVA Optical Networking Inc 513 7926 Jones Branch Drive 514 Suite 615 515 McLean, VA - 22102 516 Email: ibryskin@advaoptical.com 518 Alex Zinin 519 Alcatel 520 Email: zinin@psg.com 522 Original Author: 523 Rob Coltun 524 Acoustra Productions 526 12. Appendix A: OSPF Data formats 528 This appendix describes the format of the Options Field followed by 529 the packet format of the Opaque LSA. 531 12.1. The Options Field 533 The OSPF Options field is present in OSPF Hello packets, Database 534 Description packets and all link-state advertisements. The Options 535 field enables OSPF routers to support (or not support) optional 536 capabilities, and to communicate their capability level to other OSPF 537 routers. Through this mechanism routers of differing capabilities can 538 be mixed within an OSPF routing domain. 540 When used in Hello packets, the Options field allows a router to 541 reject a neighbor because of a capability mismatch. Alternatively, 542 when capabilities are exchanged in Database Description packets a 543 router can choose not to flood certain link-state advertisements to a 544 neighbor because of its reduced functionality. Lastly, listing 545 capabilities in link-state advertisements allows routers to forward 546 traffic around reduced functionality routers by excluding them from 547 parts of the routing table calculation. 549 All eight bits of the OSPF Options field have been assigned, although 550 only the O-bit is described completely by this document. Each bit is 551 described briefly below. Routers SHOULD reset (i.e., clear) 552 unrecognized bits in the Options field when sending Hello packets or 553 Database Description packets and when originating link-state 554 advertisements. Conversely, routers encountering unrecognized Option 555 bits in received Hello Packets, Database Description packets or link- 556 state advertisements SHOULD ignore the capability and process the 557 packet/advertisement normally. 559 +--------------------------------------+ 560 | DN | O | DC | EA | N/P | MC | E | MT | 561 +--------------------------------------+ 563 The Options Field 565 MT-bit 566 This bit describes the router's multi-topology link-excluding 567 capability, as described in [OSPF-MT]. 569 E-bit 570 This bit describes the way AS-external-LSAs are flooded, as 571 described in Sections 3.6, 9.5, 10.8 and 12.1.2 of [OSPF]. 573 MC-bit 574 This bit describes whether IP multicast datagrams are forwarded 575 according to the specifications in [MOSPF]. 577 N/P-bit 578 This bit describes the handling of Type-7 LSAs, as specified in 579 [NSSA]. 581 DC-bit 582 This bit describes the router's handling of demand circuits, as 583 specified in [DEMD]. 585 EA-bit 586 This bit describes the router's willingness to receive and 587 forward External-Attributes-LSAs. While defined, the 588 documents specifying this bit have all expired. The use 589 of this bit may be deprecated in the future. 591 O-bit 592 This bit describes the router's willingness to receive and 593 forward Opaque-LSAs as specified in this document. 595 DN-bit 596 This bit is used to prevent looping in BGP/MPLS IP VPNs, 597 as specified in [RFC4576]. 599 12.2. The Opaque LSA 601 Opaque LSAs are Type 9, 10, and 11 link-state advertisements. These 602 advertisements MAY be used directly by OSPF or indirectly by some 603 application wishing to distribute information throughout the OSPF 604 domain. The function of the Opaque LSA option is to provide for 605 future OSPF extensibility. 607 Opaque LSAs contain some number of octets (of application-specific 608 data) padded to 32-bit alignment. Like any other LSA, the Opaque LSA 609 uses the link-state database distribution mechanism for flooding this 610 information throughout the topology. However, the Opaque LSA has a 611 flooding scope associated with it so that the scope of flooding may 612 be link-local (type-9), area-local (type-10) or the entire OSPF 613 routing domain (type-11). Section 3 of this document describes the 614 flooding procedures for the Opaque LSA. 616 0 1 2 3 617 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 618 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 619 | LS age | Options | 9, 10, or 11 | 620 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 621 | Opaque Type | Opaque ID | 622 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 623 | Advertising Router | 624 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 625 | LS Sequence Number | 626 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 627 | LS checksum | Length | 628 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 629 | | 630 + + 631 | Opaque Information | 632 + + 633 | ... | 635 Link-State Type 637 The link-state type of the Opaque LSA identifies the LSA's range of 638 topological distribution. This range is referred to as the Flooding 639 Scope. The following explains the flooding scope of each of the 640 link-state types. 642 o A value of 9 denotes a link-local scope. Opaque LSAs with a 643 link-local scope MUST NOT be flooded beyond the local 644 (sub)network. 646 o A value of 10 denotes an area-local scope. Opaque LSAs with a 647 area-local scope MUST NOT be flooded beyond their area of 648 origin. 650 o A value of 11 denotes that the LSA is flooded throughout the 651 Autonomous System (e.g., has the same scope as type-5 LSAs). 652 Opaque LSAs with AS-wide scope MUST NOT be flooded into stub 653 areas or NSSAs. 655 Syntax Of The Opaque LSA's Link-State ID 657 The link-state ID of the Opaque LSA is divided into an Opaque Type 658 field (the first 8 bits) and an Opaque ID (the remaining 24 bits). 659 See section 7 of this document for a description of Opaque type 660 allocation and assignment. 662 13. Full Copyright Statement 664 Copyright (C) The IETF Trust (2007). 666 This document is subject to the rights, licenses and restrictions 667 contained in BCP 78, and except as set forth therein, the authors 668 retain all their rights. 670 This document and the information contained herein are provided on an 671 "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS 672 OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND 673 THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS 674 OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF 675 THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED 676 WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 678 14. Intellectual Property 680 The IETF takes no position regarding the validity or scope of any 681 Intellectual Property Rights or other rights that might be claimed to 682 pertain to the implementation or use of the technology described in 683 this document or the extent to which any license under such rights 684 might or might not be available; nor does it represent that it has 685 made any independent effort to identify any such rights. Information 686 on the procedures with respect to rights in RFC documents can be 687 found in BCP 78 and BCP 79. 689 Copies of IPR disclosures made to the IETF Secretariat and any 690 assurances of licenses to be made available, or the result of an 691 attempt made to obtain a general license or permission for the use of 692 such proprietary rights by implementers or users of this 693 specification can be obtained from the IETF on-line IPR repository at 694 http://www.ietf.org/ipr. 696 The IETF invites any interested party to bring to its attention any 697 copyrights, patents or patent applications, or other proprietary 698 rights that may cover technology that may be required to implement 699 this standard. Please address the information to the IETF at ietf- 700 ipr@ietf.org. 702 Acknowledgement 704 Funding for the RFC Editor function is provided by the IETF 705 Administrative Support Activity (IASA). 707 Generated on: Mon Jun 4 13:52:53 EDT 2007