idnits 2.17.1 draft-ietf-ospf-rfc2370bis-02.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** It looks like you're using RFC 3978 boilerplate. You should update this to the boilerplate described in the IETF Trust License Policy document (see https://trustee.ietf.org/license-info), which is required now. -- Found old boilerplate from RFC 3978, Section 5.1 on line 18. -- Found old boilerplate from RFC 3978, Section 5.5, updated by RFC 4748 on line 682. -- Found old boilerplate from RFC 3979, Section 5, paragraph 1 on line 693. -- Found old boilerplate from RFC 3979, Section 5, paragraph 2 on line 700. -- Found old boilerplate from RFC 3979, Section 5, paragraph 3 on line 706. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust Copyright Line does not match the current year -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (March 10, 2008) is 5862 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Possible downref: Non-RFC (?) normative reference: ref. 'IANA' -- No information found for draft-ietf-ospf-mt- - is the name correct? -- No information found for draft-ietf-ospf-ospfv3-update- - is the name correct? -- Obsolete informational reference (is this intentional?): RFC 2370 (Obsoleted by RFC 5250) Summary: 1 error (**), 0 flaws (~~), 1 warning (==), 11 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 Internet Draft Lou Berger (LabN) 2 Obsoletes: 2370 Igor Bryskin (Adva) 3 Category: Standards Track Alex Zinin (Alcatel) 4 Expiration Date: September 10, 2008 Original Author: 5 Rob Coltun (Acoustra Productions) 7 March 10, 2008 9 The OSPF Opaque LSA Option 11 draft-ietf-ospf-rfc2370bis-02.txt 13 Status of this Memo 15 By submitting this Internet-Draft, each author represents that any 16 applicable patent or other IPR claims of which he or she is aware 17 have been or will be disclosed, and any of which he or she becomes 18 aware will be disclosed, in accordance with Section 6 of BCP 79. 20 Internet-Drafts are working documents of the Internet Engineering 21 Task Force (IETF), its areas, and its working groups. Note that 22 other groups may also distribute working documents as Internet- 23 Drafts. 25 Internet-Drafts are draft documents valid for a maximum of six months 26 and may be updated, replaced, or obsoleted by other documents at any 27 time. It is inappropriate to use Internet-Drafts as reference 28 material or to cite them other than as "work in progress." 30 The list of current Internet-Drafts can be accessed at 31 http://www.ietf.org/1id-abstracts.html 33 The list of Internet-Draft Shadow Directories can be accessed at 34 http://www.ietf.org/shadow.html 36 This Internet-Draft will expire on September 10, 2008. 38 Copyright Notice 40 Copyright (C) The IETF Trust (2008). 42 Abstract 44 This document defines enhancements to the OSPF protocol to support a 45 new class of link-state advertisements (LSA) called Opaque LSAs. 46 Opaque LSAs provide a generalized mechanism to allow for the future 47 extensibility of OSPF. Opaque LSAs consist of a standard LSA header 48 followed by application-specific information. The information field 49 may be used directly by OSPF or by other applications. Standard OSPF 50 link-state database flooding mechanisms are used to distribute Opaque 51 LSAs to all or some limited portion of the OSPF topology. 53 This document replaces RFC 2370 and adds to it a mechanism to enable 54 an OSPF router to validate AS-scope opaque LSAs originated outside of 55 the router's OSPF area. 57 Table of Contents 59 1 Conventions used in this document ......................... 3 60 2 Introduction .............................................. 3 61 2.1 Organization Of This Document ............................. 3 62 2.2 Acknowledgments ........................................... 4 63 3 The Opaque LSA ............................................ 4 64 3.1 Flooding Opaque LSAs ...................................... 5 65 3.2 Modifications To The Neighbor State Machine ............... 6 66 4 Protocol Data Structures .................................. 7 67 4.1 Additions To The OSPF Neighbor Structure .................. 8 68 5 Inter-Area Considerations ................................. 8 69 6 Management Considerations ................................. 9 70 7 Backward Compatibility .................................... 9 71 8 Security Considerations ................................... 10 72 9 IANA Considerations ....................................... 11 73 10 References ................................................ 11 74 10.1 Normative References ...................................... 11 75 10.2 Informative References .................................... 12 76 11 Author's Addresses ........................................ 12 77 12 Appendix A: OSPF Data formats ............................. 13 78 12.1 The Options Field ......................................... 13 79 12.2 The Opaque LSA ............................................ 14 80 13 Full Copyright Statement .................................. 16 81 14 Intellectual Property ..................................... 16 82 1. Conventions used in this document 84 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 85 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 86 document are to be interpreted as described in [RFC2119]. 88 2. Introduction 90 Over the last several years the OSPF routing protocol [OSPF] has been 91 widely deployed throughout the Internet. As a result of this 92 deployment and the evolution of networking technology, OSPF has been 93 extended to support many options; this evolution will obviously 94 continue. 96 This document defines enhancements to the OSPF protocol to support a 97 new class of link-state advertisements (LSA) called Opaque LSAs. 98 Opaque LSAs provide a generalized mechanism to allow for the future 99 extensibility of OSPF. The information contained in Opaque LSAs may 100 be used directly by OSPF or indirectly by some application wishing to 101 distribute information throughout the OSPF domain. The exact use of 102 Opaque LSAs is beyond the scope of this document. 104 Opaque LSAs consist of a standard LSA header followed by a 32-bit 105 aligned application-specific information field. Like any other LSA, 106 the Opaque LSA uses the link-state database distribution mechanism 107 for flooding this information throughout the topology. The link- 108 state type field of the Opaque LSA identifies the LSA's range of 109 topological distribution. This range is referred to as the Flooding 110 Scope. 112 It is envisioned that an implementation of the Opaque option provides 113 an application interface for 1) encapsulating application-specific 114 information in a specific Opaque type, 2) sending and receiving 115 application-specific information, and 3) if required, informing the 116 application of the change in validity of previously received 117 information when topological changes are detected. 119 2.1. Organization Of This Document 121 This document first defines the three types of Opaque LSAs followed 122 by a description of OSPF packet processing. The packet processing 123 sections include modifications to the flooding procedure and to the 124 neighbor state machine. Appendix A then gives the packet formats. 126 2.2. Acknowledgments 128 We would like to thank Acee Lindem for his detailed review and useful 129 feedback. The handling of AS-scope opaque LSAs described in this 130 document is taken from draft-bryskin-ospf-lsa- 131 type11-validation-00.txt. 133 3. The Opaque LSA 135 Opaque LSAs are types 9, 10, and 11 link-state advertisements. 136 Opaque LSAs consist of a standard LSA header followed by a 32-bit 137 aligned application-specific information field. Standard link-state 138 database flooding mechanisms are used for distribution of Opaque 139 LSAs. The range of topological distribution (i.e., the flooding 140 scope) of an Opaque LSA is identified by its link-state type. This 141 section documents the flooding of Opaque LSAs. 143 The flooding scope associated with each Opaque link-state type is 144 defined as follows. 146 o Link-state type-9 denotes a link-local scope. Type-9 Opaque 147 LSAs are not flooded beyond the local (sub)network. 149 o Link-state type-10 denotes an area-local scope. Type-10 Opaque 150 LSAs are not flooded beyond the borders of their associated area. 152 o Link-state type-11 denotes that the LSA is flooded throughout 153 the Autonomous System (AS). The flooding scope of type-11 154 LSAs are equivalent to the flooding scope of AS-external (type-5) 155 LSAs. Specifically, type-11 Opaque LSAs are 1) flooded 156 throughout all transit areas, 2) not flooded into stub areas or 157 NSSAs from the backbone and 3) not originated by routers into 158 their connected stub areas or NSSAs. As with type-5 LSAs, if a 159 type-11 Opaque LSA is received in a stub area or NSSA from a 160 neighboring router within the stub area or NSSA the LSA is 161 rejected. 163 The link-state ID of the Opaque LSA is divided into an Opaque type 164 field (the first 8 bits) and a type-specific ID (the remaining 24 165 bits). The packet format of the Opaque LSA is given in Appendix A. 166 Section 7 describes Opaque type allocation and assignment. 168 The responsibility for proper handling of the Opaque LSA's flooding 169 scope is placed on both the sender and receiver of the LSA. The 170 receiver must always store a valid received Opaque LSA in its link- 171 state database. The receiver must not accept Opaque LSAs that 172 violate the flooding scope (e.g., a type-11 (domain-wide) Opaque LSA 173 is not accepted in a stub area or NSSA). The flooding scope effects 174 both the synchronization of the link-state database and the flooding 175 procedure. 177 The following describes the modifications to these procedures that 178 are necessary to insure conformance to the Opaque LSA's Scoping 179 Rules. 181 3.1. Flooding Opaque LSAs 183 The flooding of Opaque LSAs MUST follow the rules of Flooding Scope 184 as specified in this section. Section 13 of [OSPF] describes the 185 OSPF flooding procedure. Those procedures MUST be followed as 186 defined except where modified in this section. The following 187 describes the Opaque LSA's type-specific flooding restrictions. 189 o If the Opaque LSA is type-9 (the flooding scope is link-local) 190 and the interface that the LSA was received on is not the same 191 as the target interface (e.g., the interface associated with a 192 particular target neighbor), the Opaque LSA MUST be discarded 193 and not acknowledged. An implementation SHOULD keep track of 194 the IP interface associated with each Opaque LSA having a 195 link-local flooding scope. 197 o If the Opaque LSA is type-10 (the flooding scope is area-local) 198 and the area associated with Opaque LSA (as identified during 199 origination or from a received LSA's associated OSPF packet 200 header) is not the same as the area associated with the target 201 interface, the Opaque LSA MUST be discarded and not 202 acknowledged. An implementation SHOULD keep track of the OSPF 203 area associated with each Opaque LSA having an area-local 204 flooding scope. 206 o If the Opaque LSA is type-11 (the LSA is flooded throughout the 207 AS) and the target interface is associated with a stub area or 208 NSSA, the Opaque LSA MUST NOT be flooded out the interface. A 209 type-11 Opaque LSA that is received on an interface associated 210 with a stub area or NSSA MUST be discarded and not acknowledged 211 (the neighboring router has flooded the LSA in error). 213 When opaque-capable routers and non-opaque-capable OSPF routers are 214 mixed together in a routing domain, the Opaque LSAs are typically not 215 flooded to the non-opaque-capable routers. As a general design 216 principle, optional OSPF advertisements are only flooded to those 217 routers that understand them. 219 An opaque-capable router learns of its neighbor's opaque capability 220 at the beginning of the "Database Exchange Process" (see Section 10.6 221 of [OSPF], receiving Database Description packets from a neighbor in 222 state ExStart). A neighbor is opaque-capable if and only if it sets 223 the O-bit in the Options field of its Database Description packets; 224 the O-bit SHOULD NOT be set and SHOULD be ignored when received in 225 packets other than Database Description packets. Then, in the next 226 step of the Database Exchange process, Opaque LSAs are included in 227 the Database summary list that is sent to the neighbor (see Sections 228 3.2 below and 10.3 of [OSPF]) when the neighbor is opaque capable. 230 When flooding Opaque-LSAs to adjacent neighbors, an opaque-capable 231 router looks at the neighbor's opaque capability. Opaque LSAs are 232 only flooded to opaque-capable neighbors. To be more precise, in 233 Section 13.3 of [OSPF], Opaque LSAs MUST be placed on the link-state 234 retransmission lists of opaque-capable neighbors and MUST NOT be 235 placed on the link-state retransmission lists of non-opaque-capable 236 neighbors. However, when sending Link State Update packets as 237 multicasts, a non-opaque-capable neighbor may (inadvertently) receive 238 Opaque LSAs. The non-opaque-capable router will then simply discard 239 the LSA (see Section 13 of [OSPF], receiving LSAs having unknown LS 240 types). 242 Information contained in received opaque LSAs SHOULD only be used 243 when the router originating the LSA is reachable. As mentioned in 244 [OSPFv3], reachability validation MAY be done less frequently than 245 every SPF calculation. Additionally, routers processing received 246 opaque LSAs MAY choose to give priority to processing base OSPF LSA 247 types over opaque LSA types. 249 3.2. Modifications To The Neighbor State Machine 251 The state machine as it exists in section 10.3 of [OSPF] remains 252 unchanged except for the action associated with State: ExStart, 253 Event: NegotiationDone which is where the Database summary list is 254 built. To incorporate the Opaque LSA in OSPF this action is changed 255 to the following. 257 State(s): ExStart 259 Event: NegotiationDone 261 New state: Exchange 263 Action: The router MUST list the contents of its entire area 264 link-state database in the neighbor Database summary 265 list. The area link-state database consists of the 266 Router LSAs, Network LSAs, Summary LSAs, type-9 opaque 267 LSAs, and type-10 opaque LSAs contained in the area 268 structure, along with AS External and type-11 Opaque 269 LSAs contained in the global structure. AS External 270 and type-11 Opaque LSAs MUST be omitted from a 271 virtual neighbor's Database summary list. AS External 272 LSAs and type-11 Opaque LSAs MUST be omitted from the 273 Database summary list if the area has been configured 274 as a stub area or NSSA (see Section 3.6 of [OSPF]). 276 Type-9 Opaque LSAs MUST be omitted from the Database 277 summary list if the interface associated with the 278 neighbor is not the interface associated with the Opaque 279 LSA (as noted upon reception). 281 Any advertisement whose age is equal to MaxAge MUST be 282 omitted from the Database summary list. It MUST instead 283 be added to the neighbor's link-state retransmission 284 list. A summary of the Database summary list will be 285 sent to the neighbor in Database Description packets. 286 Only one Database Description Packet is allowed to be 287 outstanding at any one time. For more detail on the 288 sending and receiving of Database Description packets, 289 see Sections 10.6 and 10.8 of [OSPF]. 291 4. Protocol Data Structures 293 The Opaque option is described herein in terms of its operation on 294 various protocol data structures. These data structures are included 295 for explanatory uses only. They are not intended to constrain an 296 implementation. In addition to the data structures listed below, this 297 specification references the various data structures (e.g., OSPF 298 neighbors) defined in [OSPF]. 300 In an OSPF router, the following item is added to the list of global 301 OSPF data structures described in Section 5 of [OSPF]: 303 o Opaque capability. Indicates whether the router is running the 304 Opaque option (i.e., capable of storing Opaque LSAs). Such a 305 router will continue to inter-operate with non-opaque-capable 306 OSPF routers. 308 4.1. Additions To The OSPF Neighbor Structure 310 The OSPF neighbor structure is defined in Section 10 of [OSPF]. In 311 an opaque-capable router, the following items are added to the OSPF 312 neighbor structure: 314 o Neighbor Options. This field was already defined in the OSPF 315 specification. However, in opaque-capable routers there is a new 316 option which indicates the neighbor's Opaque capability. This new 317 option is learned in the Database Exchange process through 318 reception of the neighbor's Database Description packets and 319 determines whether Opaque LSAs are flooded to the neighbor. For a 320 more detailed explanation of the flooding of the Opaque LSA see 321 section 3 of this document. 323 5. Inter-Area Considerations 325 As defined above, link-state type-11 opaque LSAs are flooded 326 throughout the Autonomous System (AS). One issue related to such AS 327 scoped Opaque LSAs is that there must be a way for OSPF routers in 328 remote areas to check availability of the LSA originator. 329 Specifically, if an OSPF router originates a type-11 LSA and, after 330 that, goes out of service, OSPF routers located outside of the 331 originator's OSPF area have no way of detecting this fact and may use 332 the stale information for a considerable period of time (up to 60 333 minutes). This could prove to be suboptimal for some applications and 334 may result in others not functioning. 336 Type-9 opaque LSAs and type-10 opaque LSAs do not have this problem 337 as a receiving router can detect if the advertising router is 338 reachable within the LSA's respective flooding scope. In the case of 339 type-9 LSAs, the originating router must be an OSPF neighbor in 340 Exchange state or greater. In the case of type-10 Opaque LSAs, the 341 intra-area SPF calculation will determine the advertising router's 342 reachability. 344 There is a parallel issue in OSPF for the AS scoped AS-external-LSAs 345 (type-5 LSAs). OSPF addresses this by using AS border information 346 advertised in ASBR-summary-LSAs (type-4 LSAs), see [OSPF] Section 347 16.4. This same mechanism is reused by this document for type-11 348 opaque LSAs. 350 To enable OSPF routers in remote areas to check availability of the 351 originator of link-state type-11 opaque LSAs, the originators 352 advertise themselves as ASBRs. This will enable routers to track the 353 reachability of the LSA originator either directly via the SPF 354 calculation (for routers in the same area) or indirectly via type-4 355 LSAs originated by ABRs (for routers in other areas). It is important 356 to note that per [OSPF] this solution does not apply to OSPF stub 357 areas or NSSAs as AS scoped opaque LSAs are not flooded into these 358 area types. 360 The procedures related to inter-area opaque LSAs are as follows: 362 (1) An OSPF router that is configured to originate AS-scope opaque 363 LSAs will advertise itself as an ASBR and MUST follow the 364 requirements related to setting of the Options field E-bit in 365 OSPF LSA headers as specified in [OSPF]. 367 (2) When processing a received type-11 Opaque LSA, the router MUST 368 lookup the routing table entries (potentially one per attached 369 area) for the AS boundary router (ASBR) that originated the LSA. 370 If no entries exist for router ASBR (i.e., the ASBR is 371 unreachable), the router MUST do nothing with this LSA. It also 372 MUST discontinue using all Opaque LSAs injected into the network 373 by the same originator whenever it is detected that the 374 originator is unreachable. 376 6. Management Considerations 378 The updated OSPF MIB, [RFC4750], provides explicit support for opaque 379 LSAs and SHOULD be used to support implementations of this document. 380 See Section 12.3 of [RFC4750] for details. In addition to that 381 section, implementations supporting [RFC4750] will also include 382 opaque LSAs in all appropriate generic LSA objects, e.g., 383 ospfOriginateNewLsas, and ospfLsdbTable. 385 7. Backward Compatibility 387 The solution proposed in this document introduces no interoperability 388 issues. In the case that a non-opaque-capable neighbor receives 389 Opaque LSAs, per [OSPF], the non-opaque-capable router will simply 390 discard the LSA. 392 Note that OSPF routers that implement [RFC2370] will continue using 393 stale type-11 LSAs even when the LSA originator implements the Inter- 394 area procedures described in Section 6 of this document. 396 8. Security Considerations 398 There are two types of issues that need be addressed when looking at 399 protecting routing protocols from misconfigurations and malicious 400 attacks. The first is authentication and certification of routing 401 protocol information. The second is denial of service attacks 402 resulting from repetitive origination of the same router 403 advertisement or origination a large number of distinct 404 advertisements resulting in database overflow. Note that both of 405 these concerns exist independently of a router's support for the 406 Opaque option. 408 To address the authentication concerns, OSPF protocol exchanges are 409 authenticated. OSPF supports multiple types of authentication; the 410 type of authentication in use can be configured on a per network 411 segment basis. One of OSPF's authentication types, namely the 412 Cryptographic authentication option, is believed to be secure against 413 passive attacks and provide significant protection against active 414 attacks. When using the Cryptographic authentication option, each 415 router appends a "message digest" to its transmitted OSPF packets. 416 Receivers then use the shared secret key and received digest to 417 verify that each received OSPF packet is authentic. 419 The quality of the security provided by the Cryptographic 420 authentication option depends completely on the strength of the 421 message digest algorithm (MD5 is currently the only message digest 422 algorithm specified), the strength of the key being used, and the 423 correct implementation of the security mechanism in all communicating 424 OSPF implementations. It also requires that all parties maintain the 425 secrecy of the shared secret key. None of the standard OSPF 426 authentication types provide confidentiality. Nor do they protect 427 against traffic analysis. For more information on the standard OSPF 428 security mechanisms, see Sections 8.1, 8.2, and Appendix D of [OSPF]. 430 Repetitive origination of advertisements are addressed by OSPF by 431 mandating a limit on the frequency that new instances of any 432 particular LSA can be originated and accepted during the flooding 433 procedure. The frequency at which new LSA instances may be 434 originated is set equal to once every MinLSInterval seconds, whose 435 value is 5 seconds (see Section 12.4 of [OSPF]). The frequency at 436 which new LSA instances are accepted during flooding is once every 437 MinLSArrival seconds, whose value is set to 1 (see Section 13, 438 Appendix B and G.5 of [OSPF]). 440 Proper operation of the OSPF protocol requires that all OSPF routers 441 maintain an identical copy of the OSPF link-state database. However, 442 when the size of the link-state database becomes very large, some 443 routers may be unable to keep the entire database due to resource 444 shortages; we term this "database overflow". When database overflow 445 is anticipated, the routers with limited resources can be 446 accommodated by configuring OSPF stub areas and NSSAs. [OVERFLOW] 447 details a way of gracefully handling unanticipated database 448 overflows. 450 In the case of type-11 Opaque LSAs, this document reuses an ASBR 451 tracking mechanism that is already employed in basic OSPF for type-5 452 LSAs. Therefore, applying it to type-11 Opaque LSAs does not create 453 any threats that are not already known for type-5 LSAs. 455 9. IANA Considerations 457 There are no changes to the IANA number assignment requirements from 458 [RFC2370]. 460 Opaque types are maintained by the IANA. Extensions to OSPF which 461 require a new Opaque type must be reviewed by the OSPF working group. 462 In the event that the OSPF working group has disbanded the review 463 shall be performed by a recommended Designated Expert. 465 Following the policies outlined in [IANA], Opaque type values in the 466 range of 0-127 are allocated through an IETF Consensus action and 467 Opaque type values in the range of 128-255 are reserved for private 468 and experimental use. 470 10. References 472 10.1. Normative References 474 [DEMD] Moy, J., "Extending OSPF to Support Demand Circuits", RFC 475 1793, April 1995. 477 [IANA] Narten, T., and H. Alvestrand, "Guidelines for Writing an IANA 478 Considerations Section in RFCs", BCP 26, October 1998. 480 [OSPF] Moy, J., "OSPF Version 2", STD 54, RFC 2328, April 1998. 482 [RFC2119] Bradner, S., "Key words for use in RFCs to indicate 483 requirements levels", RFC 2119, March 1997. 485 [RFC4750] Joyal, D., et. al., "OSPF Version 2 Management Information 486 Base", RFC 4750, November 2006. 488 10.2. Informative References 490 [MOSPF] Moy, J., "Multicast Extensions to OSPF", RFC 1584, March 491 1994. 493 [NSSA] Murphy P., "The OSPF Not-So-Stubby Area (NSSA) Option", 494 RFC 3101, January 2003. 496 [OSPF-MT] Psenak, P., et al., "Multi-Topology (MT) Routing in OSPF", 497 draft-ietf-ospf-mt-, January 2007. 499 [OSPFv3] Coltun, R., et al. "OSPF for IPv6", 500 draft-ietf-ospf-ospfv3-update-, May 2007. 502 [OVERFLOW] Moy, J., "OSPF Database Overflow", RFC 1765, March 1995. 504 [RFC2370] Coltun, R., "The OSPF Opaque LSA Option", RFC 2370, 505 July 1998. 507 [RFC4576] Rosen, E., et. al., "Using a Link State Advertisement 508 (LSA) Options Bit to Prevent Looping in BGP/MPLS IP 509 Virtual Private Networks (VPNs)", RFC 4576, June 2006. 511 11. Author's Addresses 513 Lou Berger 514 LabN Consulting, L.L.C. 515 Email: lberger@labn.net 517 Igor Bryskin 518 ADVA Optical Networking Inc 519 7926 Jones Branch Drive 520 Suite 615 521 McLean, VA - 22102 522 Email: ibryskin@advaoptical.com 524 Alex Zinin 525 Alcatel 526 Email: zinin@psg.com 528 Original Author: 529 Rob Coltun 530 Acoustra Productions 532 12. Appendix A: OSPF Data formats 534 This appendix describes the format of the Options Field followed by 535 the packet format of the Opaque LSA. 537 12.1. The Options Field 539 The OSPF Options field is present in OSPF Hello packets, Database 540 Description packets and all link-state advertisements. The Options 541 field enables OSPF routers to support (or not support) optional 542 capabilities, and to communicate their capability level to other OSPF 543 routers. Through this mechanism routers of differing capabilities can 544 be mixed within an OSPF routing domain. 546 When used in Hello packets, the Options field allows a router to 547 reject a neighbor because of a capability mismatch. Alternatively, 548 when capabilities are exchanged in Database Description packets a 549 router can choose not to flood certain link-state advertisements to a 550 neighbor because of its reduced functionality. Lastly, listing 551 capabilities in link-state advertisements allows routers to forward 552 traffic around reduced functionality routers by excluding them from 553 parts of the routing table calculation. 555 All eight bits of the OSPF Options field have been assigned, although 556 only the O-bit is described completely by this document. Each bit is 557 described briefly below. Routers SHOULD reset (i.e., clear) 558 unrecognized bits in the Options field when sending Hello packets or 559 Database Description packets and when originating link-state 560 advertisements. Conversely, routers encountering unrecognized Option 561 bits in received Hello Packets, Database Description packets or link- 562 state advertisements SHOULD ignore the capability and process the 563 packet/advertisement normally. 565 +--------------------------------------+ 566 | DN | O | DC | EA | N/P | MC | E | MT | 567 +--------------------------------------+ 569 The Options Field 571 MT-bit 572 This bit describes the router's multi-topology link-excluding 573 capability, as described in [OSPF-MT]. 575 E-bit 576 This bit describes the way AS-external-LSAs are flooded, as 577 described in Sections 3.6, 9.5, 10.8 and 12.1.2 of [OSPF]. 579 MC-bit 580 This bit describes whether IP multicast datagrams are forwarded 581 according to the specifications in [MOSPF]. 583 N/P-bit 584 This bit describes the handling of Type-7 LSAs, as specified in 585 [NSSA]. 587 DC-bit 588 This bit describes the router's handling of demand circuits, as 589 specified in [DEMD]. 591 EA-bit 592 This bit describes the router's willingness to receive and 593 forward External-Attributes-LSAs. While defined, the 594 documents specifying this bit have all expired. The use 595 of this bit may be deprecated in the future. 597 O-bit 598 This bit describes the router's willingness to receive and 599 forward Opaque-LSAs as specified in this document. 601 DN-bit 602 This bit is used to prevent looping in BGP/MPLS IP VPNs, 603 as specified in [RFC4576]. 605 12.2. The Opaque LSA 607 Opaque LSAs are Type 9, 10, and 11 link-state advertisements. These 608 advertisements MAY be used directly by OSPF or indirectly by some 609 application wishing to distribute information throughout the OSPF 610 domain. The function of the Opaque LSA option is to provide for 611 future OSPF extensibility. 613 Opaque LSAs contain some number of octets (of application-specific 614 data) padded to 32-bit alignment. Like any other LSA, the Opaque LSA 615 uses the link-state database distribution mechanism for flooding this 616 information throughout the topology. However, the Opaque LSA has a 617 flooding scope associated with it so that the scope of flooding may 618 be link-local (type-9), area-local (type-10) or the entire OSPF 619 routing domain (type-11). Section 3 of this document describes the 620 flooding procedures for the Opaque LSA. 622 0 1 2 3 623 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 624 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 625 | LS age | Options | 9, 10, or 11 | 626 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 627 | Opaque Type | Opaque ID | 628 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 629 | Advertising Router | 630 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 631 | LS Sequence Number | 632 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 633 | LS checksum | Length | 634 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 635 | | 636 + + 637 | Opaque Information | 638 + + 639 | ... | 641 Link-State Type 643 The link-state type of the Opaque LSA identifies the LSA's range of 644 topological distribution. This range is referred to as the Flooding 645 Scope. The following explains the flooding scope of each of the 646 link-state types. 648 o A value of 9 denotes a link-local scope. Opaque LSAs with a 649 link-local scope MUST NOT be flooded beyond the local 650 (sub)network. 652 o A value of 10 denotes an area-local scope. Opaque LSAs with a 653 area-local scope MUST NOT be flooded beyond their area of 654 origin. 656 o A value of 11 denotes that the LSA is flooded throughout the 657 Autonomous System (e.g., has the same scope as type-5 LSAs). 658 Opaque LSAs with AS-wide scope MUST NOT be flooded into stub 659 areas or NSSAs. 661 Syntax Of The Opaque LSA's Link-State ID 663 The link-state ID of the Opaque LSA is divided into an Opaque Type 664 field (the first 8 bits) and an Opaque ID (the remaining 24 bits). 665 See section 7 of this document for a description of Opaque type 666 allocation and assignment. 668 13. Full Copyright Statement 670 Copyright (C) The IETF Trust (2008). 672 This document is subject to the rights, licenses and restrictions 673 contained in BCP 78, and except as set forth therein, the authors 674 retain all their rights. 676 This document and the information contained herein are provided on an 677 "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS 678 OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND 679 THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS 680 OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF 681 THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED 682 WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 684 14. Intellectual Property 686 The IETF takes no position regarding the validity or scope of any 687 Intellectual Property Rights or other rights that might be claimed 688 to pertain to the implementation or use of the technology 689 described in this document or the extent to which any license 690 under such rights might or might not be available; nor does it 691 represent that it has made any independent effort to identify any 692 such rights. Information on the procedures with respect to rights 693 in RFC documents can be found in BCP 78 and BCP 79. 695 Copies of IPR disclosures made to the IETF Secretariat and any 696 assurances of licenses to be made available, or the result of an 697 attempt made to obtain a general license or permission for the use 698 of such proprietary rights by implementers or users of this 699 specification can be obtained from the IETF on-line IPR repository 700 at http://www.ietf.org/ipr. 702 The IETF invites any interested party to bring to its attention 703 any copyrights, patents or patent applications, or other 704 proprietary rights that may cover technology that may be required 705 to implement this standard. Please address the information to the 706 IETF at ietf-ipr@ietf.org. 708 Acknowledgement 710 Funding for the RFC Editor function is provided by the IETF 711 Administrative Support Activity (IASA). 713 Generated on: Mon Mar 10 10:35:48 EDT 2008