idnits 2.17.1 draft-ietf-pim-null-register-packing-11.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (7 November 2021) is 900 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Looks like a reference, but probably isn't: '1' on line 213 == Missing Reference: 'N' is mentioned on line 219, but not defined ** Obsolete normative reference: RFC 8736 (Obsoleted by RFC 9436) Summary: 1 error (**), 0 flaws (~~), 2 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group V. Kamath 3 Internet-Draft VMware 4 Intended status: Standards Track R. Chokkanathapuram Sundaram 5 Expires: 11 May 2022 Cisco Systems, Inc. 6 R. Banthia 7 Apstra 8 A. Gopal 9 Cisco Systems, Inc. 10 7 November 2021 12 PIM Null-Register packing 13 draft-ietf-pim-null-register-packing-11 15 Abstract 17 In PIM-SM networks PIM Null-Register messages are sent by the 18 Designated Router (DR) to the Rendezvous Point (RP) to signal the 19 presence of Multicast sources in the network. There are periodic PIM 20 Null-Registers sent from the DR to the RP to keep the state alive at 21 the RP as long as the source is active. The PIM Null-Register 22 message carries information about a single Multicast source and 23 group. 25 This document defines a standard to send multiple Multicast source 26 and group information in a single PIM Packed Null-Register message. 27 We will refer to the new packed formats as the PIM Packed Null- 28 Register format and PIM Packed Register-Stop format throughout the 29 document. This document also discusses interoperability between the 30 PIM routers which do not understand the PIM Packed Null-Register 31 format and routers which do understand it. 33 Status of This Memo 35 This Internet-Draft is submitted in full conformance with the 36 provisions of BCP 78 and BCP 79. 38 Internet-Drafts are working documents of the Internet Engineering 39 Task Force (IETF). Note that other groups may also distribute 40 working documents as Internet-Drafts. The list of current Internet- 41 Drafts is at https://datatracker.ietf.org/drafts/current/. 43 Internet-Drafts are draft documents valid for a maximum of six months 44 and may be updated, replaced, or obsoleted by other documents at any 45 time. It is inappropriate to use Internet-Drafts as reference 46 material or to cite them other than as "work in progress." 48 This Internet-Draft will expire on 11 May 2022. 50 Copyright Notice 52 Copyright (c) 2021 IETF Trust and the persons identified as the 53 document authors. All rights reserved. 55 This document is subject to BCP 78 and the IETF Trust's Legal 56 Provisions Relating to IETF Documents (https://trustee.ietf.org/ 57 license-info) in effect on the date of publication of this document. 58 Please review these documents carefully, as they describe your rights 59 and restrictions with respect to this document. Code Components 60 extracted from this document must include Simplified BSD License text 61 as described in Section 4.e of the Trust Legal Provisions and are 62 provided without warranty as described in the Simplified BSD License. 64 Table of Contents 66 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 67 1.1. Conventions used in this document . . . . . . . . . . . . 3 68 1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 69 2. Packed Null-Register Capability . . . . . . . . . . . . . . . 3 70 3. PIM Packed Null-Register message format . . . . . . . . . . . 4 71 4. PIM Packed Register-Stop message format . . . . . . . . . . . 5 72 5. Protocol operation . . . . . . . . . . . . . . . . . . . . . 6 73 6. Operational Considerations . . . . . . . . . . . . . . . . . 7 74 7. PIM Anycast RP Considerations . . . . . . . . . . . . . . . . 7 75 8. PIM RP router version downgrade . . . . . . . . . . . . . . . 7 76 9. Fragmentation Considerations . . . . . . . . . . . . . . . . 7 77 10. Security Considerations . . . . . . . . . . . . . . . . . . . 8 78 11. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8 79 12. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 8 80 13. References . . . . . . . . . . . . . . . . . . . . . . . . . 8 81 13.1. Normative References . . . . . . . . . . . . . . . . . . 8 82 13.2. Informative References . . . . . . . . . . . . . . . . . 9 83 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 9 85 1. Introduction 87 PIM Null-Registers are sent by the DR periodically for Multicast 88 streams to keep the states active on the RP, as long as the multicast 89 source is alive. As the number of multicast sources increases, the 90 number of PIM Null-Register messages that are sent also increases. 91 This results in more PIM packet processing at the RP and the DR. 93 The control plane policing (COPP), monitors the packets that are 94 processed by the control plane. The high rate at which Null- 95 Registers are received at the RP can lead to COPP drops of Multicast 96 PIM Null-Register messages. This draft proposes a method to 97 efficiently pack multiple PIM Null-Registers [RFC7761] (Section 4.4) 98 and Register-Stops [RFC7761](Section 3.2) into a single message as 99 these packets anyway do not contain encapsulated data. 101 The draft also discusses interoperability with PIM routers that do 102 not understand the new packet format. 104 1.1. Conventions used in this document 106 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 107 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 108 "OPTIONAL" in this document are to be interpreted as described in BCP 109 14 [RFC2119] [RFC8174] when, and only when, they appear in all 110 capitals, as shown here. 112 1.2. Terminology 114 RP: Rendezvous Point 116 DR: Designated Router 118 2. Packed Null-Register Capability 120 A router (DR) can decide to pack multiple Null-Register messages 121 based on the capability received from the RP as part of the PIM 122 Register-Stop. This ensures compatibility with routers that do not 123 support processing of the new format. The capability information can 124 be indicated by the RP via the PIM Register-Stop message sent to the 125 DR. Thus a DR will switch to the new format only when it learns that 126 the RP is capable of handling the PIM Packed Null-Register messages. 128 Conversely, a DR that does not support the packed format can continue 129 generating the PIM Null-Register as defined in [RFC7761] 130 (Section 4.4). To exchange the capability information in the 131 Register-Stop message, the "Reserved" field can be used to indicate 132 this capability in those Register-Stop messages. One bit of the 133 Reserved field is used to indicate the "packing" capability (P bit). 134 The rest of the bits in the "Reserved" field will be retained for 135 future use. 137 0 1 2 3 138 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 139 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 140 |PIM Ver| Type |P| Reserved | Checksum | 141 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 142 | Group Address (Encoded-Group format) | 143 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 144 | Source Address (Encoded-Unicast format) | 145 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 147 Figure 1: PIM Register-Stop message with capability option 149 PIM Version, Type, Checksum, Group Address, Source Address: 151 Same as [RFC7761] (Section 4.9.4) 153 P: 155 Capability bit (flag bit 7) used to indicate support for the 156 Packed Null-Register Capability 158 3. PIM Packed Null-Register message format 160 PIM Packed Null-Register message format includes a count to indicate 161 the number of Null-Register records in the message. 163 0 1 2 3 164 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 165 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 166 |PIM Ver| Type |Subtype| FB | Checksum | 167 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 168 | Count | Reserved | 169 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 170 | Group Address[1] (Encoded-Group format) | 171 | Source Address[1] (Encoded-Unicast format) | 172 . . 173 . . 174 . . 175 . . 176 . Group Address[N] . 177 | Source Address[N] | 178 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 180 Figure 2: PIM Packed Null-Register message format 182 PIM Version, Reserved, Checksum: 184 Same as [RFC7761] (Section 4.9.3) 186 Type, SubType: 188 The new packed Null-Register Type and SubType values TBD. 189 [RFC8736] 191 Count: 193 The number of packed Null-Register records. A record consists of 194 a Group Address and Source Address pair. 196 Group Address, Source Address: 198 Same as [RFC7761] (Section 4.9.4) 200 4. PIM Packed Register-Stop message format 202 The PIM Packed Register-Stop message includes a count to indicate the 203 number of records that are present in the message. 205 0 1 2 3 206 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 207 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 208 |PIM Ver| Type |Subtype| FB | Checksum | 209 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 210 | Count | Reserved | 211 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 212 | Group Address[1] (Encoded-Group format) | 213 | Source Address[1] (Encoded-Unicast format) | 214 . . 215 . . 216 . . 217 . . 218 . Group Address[N] . 219 | Source Address[N] | 220 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 222 Figure 3: PIM Packed Register-Stop message format 224 PIM Version, Reserved, Checksum: 226 Same as [RFC7761] (Section 4.9.4) 228 Type: 230 The new Register Stop Type and SubType values TBD 232 Count: 234 The number of PIM packed Register-Stop records. A record consists 235 of a Group Address and Source Address pair. 237 Group Address, Source Address: 239 Same as [RFC7761] (Section 4.9.4) 241 5. Protocol operation 243 The following combinations exist - 245 1. DR and RP both support the PIM Packed Null-Register and PIM 246 Packed Register-Stop formats: 248 * As specified in [RFC7761], the DR sends PIM Register messages 249 towards the RP when a new source is detected. 251 * An RP supporting this specification MUST set the P-bit in the 252 corresponding Register-Stop messages. 254 * When a Register-Stop message with the P-bit set is received, 255 the DR SHOULD send PIM Packed Null-Register messages 256 (Section 3) to the RP instead of multiple Register messages 257 with the N-bit set [RFC7761]. 259 * The RP, after receiving a PIM Packed Null-Register message 260 SHOULD start sending PIM Packed Register-Stop messages 261 (Section 4) to the corresponding DR instead of individual 262 Register-Stop messages. 264 2. DR supports but RP does not support the PIM Packed Null-Register 265 and PIM Packed Register-Stop formats: 267 * As specified in [RFC7761], DR sends PIM Null-Registers towards 268 the RP. 270 * After receiving DR's PIM Null-Register message, RP sends a 271 normal Register-Stop without any capability information. 273 * DR then sends PIM Null-Registers in the unpacked format 274 [RFC7761]. 276 3. RP supports but DR does not support the PIM Packed Null-Register 277 and PIM Packed Register-Stop formats: 279 * As specified in [RFC7761], DR sends the PIM Null-Register 280 towards the RP. 282 * After receiving DR's PIM Null-Register message, RP sends a PIM 283 Packed Register-Stop towards the DR that includes capability 284 information. 286 * Since DR does not support the new format, it sends PIM Null- 287 Registers in the unpacked format [RFC7761]. 289 6. Operational Considerations 291 In case the network manager disables the packed capability at the RP, 292 the router should not advertise the capability. However, an 293 implementation MAY choose to still parse any packed registers if they 294 are received. This may be particularly useful in the transitional 295 period after the network manager disables it. 297 7. PIM Anycast RP Considerations 299 The PIM Packed Null-Register format should be enabled only if it is 300 supported by all PIM Anycast RP [RFC4610] members in the RP set for 301 the RP address. This consideration applies to PIM Anycast RP with 302 MSDP [RFC3446] as well. 304 8. PIM RP router version downgrade 306 Consider a PIM RP router that supports PIM Packed Null-Registers and 307 PIM Packed Register-Stops. When this router downgrades to a software 308 version which does not support PIM Packed Null-Registers and PIM 309 Packed Register-Stops, the DR that sends the PIM Packed Null-Register 310 message will not get a PIM Register-Stop message back from the RP. 311 In such scenarios the DR can send an unpacked PIM Null-Register and 312 check the PIM Register-Stop to see if the capability bit (P-bit) for 313 PIM Packed Null-Register is set or not. If it is not set then the DR 314 will continue sending unpacked PIM Null-Register messages. 316 9. Fragmentation Considerations 318 When building a PIM Packed Null-Register message or PIM Packed 319 Register-Stop message, a router should include as many records as 320 possible based on the path MTU towards RP, if path MTU discovery is 321 done. Otherwise, the number of records should be limited by the MTU 322 of the outgoing interface. 324 10. Security Considerations 326 General Register messages security considerations from [RFC7761] 327 apply. As mentioned in [RFC7761], PIM Null-Register messages and 328 Register-Stop messages are forwarded by intermediate routers to their 329 destination using normal IP forwarding. Without data origin 330 authentication, an attacker who is located anywhere in the network 331 may be able to forge a Null-Register or Register-Stop message. We 332 next consider the effect of a forgery of each of these messages. By 333 forging a Register message, an attacker can cause the RP to inject 334 forged traffic onto the shared multicast tree. 336 By forging a Register-Stop message, an attacker can prevent a 337 legitimate DR from registering packets to the RP. This can prevent 338 local hosts on that LAN from sending multicast packets. The above 339 two PIM messages are not changed by intermediate routers and need 340 only be examined by the intended receiver. Thus, these messages can 341 be authenticated end-to-end. Attacks on Register and Register-Stop 342 messages do not apply to a PIM-SSM-only implementation, as these 343 messages are not used in PIM-SSM. 345 There is another case where a spoofed Register-Stop can be sent to 346 make it appear that is from the RP, and that the RP supports this new 347 packed capability when it does not. This can cause Null-Registers to 348 be sent to an RP that doesnt support this packed format. But 349 standard methods to prevent spoofing should take care of this case. 350 For example, uRPF can be used to filter out packets coming from the 351 outside from addresses that belong to routers inside. 353 11. IANA Considerations 355 This document requires the assignment of Capability bit (P-bit), 356 flag bit 7 in the PIM Register-Stop message. 358 This document requires the assignment of 2 new PIM message types 359 for the PIM Packed Null-Register and PIM Packed Register-Stop. 361 12. Acknowledgments 363 The authors would like to thank Stig Venaas, Anish Peter, Zheng Zhang 364 and Umesh Dudani for their helpful comments on the draft. 366 13. References 368 13.1. Normative References 370 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 371 Requirement Levels", BCP 14, RFC 2119, 372 DOI 10.17487/RFC2119, March 1997, 373 . 375 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 376 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 377 May 2017, . 379 [RFC7761] Fenner, B., Handley, M., Holbrook, H., Kouvelas, I., 380 Parekh, R., Zhang, Z., and L. Zheng, "Protocol Independent 381 Multicast - Sparse Mode (PIM-SM): Protocol Specification 382 (Revised)", STD 83, RFC 7761, DOI 10.17487/RFC7761, March 383 2016, . 385 [RFC4610] Farinacci, D. and Y. Cai, "Anycast-RP Using Protocol 386 Independent Multicast (PIM)", RFC 4610, 387 DOI 10.17487/RFC4610, August 2006, 388 . 390 [RFC8736] Venaas, S. and A. Retana, "PIM Message Type Space 391 Extension and Reserved Bits", RFC 8736, 392 DOI 10.17487/RFC8736, February 2020, 393 . 395 13.2. Informative References 397 [RFC3446] Kim, D., Meyer, D., Kilmer, H., and D. Farinacci, "Anycast 398 Rendevous Point (RP) mechanism using Protocol Independent 399 Multicast (PIM) and Multicast Source Discovery Protocol 400 (MSDP)", RFC 3446, DOI 10.17487/RFC3446, January 2003, 401 . 403 Authors' Addresses 405 Vikas Ramesh Kamath 406 VMware 407 3401 Hillview Ave 408 Palo Alto, CA 94304 409 United States of America 411 Email: vkamath@vmware.com 412 Ramakrishnan Chokkanathapuram Sundaram 413 Cisco Systems, Inc. 414 Tasman Drive 415 San Jose, CA 95134 416 United States of America 418 Email: ramaksun@cisco.com 420 Raunak Banthia 421 Apstra 422 333 Middlefield Rd STE 200 423 Menlo Park, CA 94025 424 United States of America 426 Email: rbanthia@apstra.com 428 Ananya Gopal 429 Cisco Systems, Inc. 430 Tasman Drive 431 San Jose, CA 95134 432 United States of America 434 Email: ananygop@cisco.com