idnits 2.17.1 draft-ietf-softwire-mesh-multicast-19.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 323 has weird spacing: '... |group addre...' -- The document date (November 15, 2017) is 2325 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: 'RFC4291' is defined on line 669, but no explicit reference was found in the text == Unused Reference: 'RFC4301' is defined on line 673, but no explicit reference was found in the text == Unused Reference: 'RFC7371' is defined on line 724, but no explicit reference was found in the text ** Downref: Normative reference to an Informational RFC: RFC 4925 Summary: 1 error (**), 0 flaws (~~), 5 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Softwire WG M. Xu 3 Internet-Draft Y. Cui 4 Intended status: Standards Track J. Wu 5 Expires: May 19, 2018 S. Yang 6 Tsinghua University 7 C. Metz 8 G. Shepherd 9 Cisco Systems 10 November 15, 2017 12 IPv4 Multicast over an IPv6 Multicast in Softwire Mesh Network 13 draft-ietf-softwire-mesh-multicast-19 15 Abstract 17 During IPv6 transition, there will be scenarios where a backbone 18 network running one IP address family internally (referred to as 19 internal IP or I-IP), while the attached client networks running 20 another IP address family (referred to as external IP or E-IP). The 21 I-IP backbone should offer both unicast and multicast transit 22 services to the client E-IP networks. 24 This document describes the mechanism for supporting multicast across 25 a set of E-IP and I-IP networks supporting softwire mesh. The 26 document focuses on IPv4-over-IPv6 scenario, due to lack of real- 27 world use cases for IPv6-over-IPv4 scenario. 29 Status of This Memo 31 This Internet-Draft is submitted in full conformance with the 32 provisions of BCP 78 and BCP 79. 34 Internet-Drafts are working documents of the Internet Engineering 35 Task Force (IETF). Note that other groups may also distribute 36 working documents as Internet-Drafts. The list of current Internet- 37 Drafts is at https://datatracker.ietf.org/drafts/current/. 39 Internet-Drafts are draft documents valid for a maximum of six months 40 and may be updated, replaced, or obsoleted by other documents at any 41 time. It is inappropriate to use Internet-Drafts as reference 42 material or to cite them other than as "work in progress." 44 This Internet-Draft will expire on May 19, 2018. 46 Copyright Notice 48 Copyright (c) 2017 IETF Trust and the persons identified as the 49 document authors. All rights reserved. 51 This document is subject to BCP 78 and the IETF Trust's Legal 52 Provisions Relating to IETF Documents 53 (https://trustee.ietf.org/license-info) in effect on the date of 54 publication of this document. Please review these documents 55 carefully, as they describe your rights and restrictions with respect 56 to this document. Code Components extracted from this document must 57 include Simplified BSD License text as described in Section 4.e of 58 the Trust Legal Provisions and are provided without warranty as 59 described in the Simplified BSD License. 61 Table of Contents 63 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 64 1.1. Requirements Language . . . . . . . . . . . . . . . . . . 4 65 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 66 3. Scope . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 67 4. Mesh Multicast Mechanism . . . . . . . . . . . . . . . . . . 7 68 4.1. Mechanism Overview . . . . . . . . . . . . . . . . . . . 8 69 4.2. Group Address Mapping . . . . . . . . . . . . . . . . . . 8 70 4.3. Source Address Mapping . . . . . . . . . . . . . . . . . 9 71 4.4. Routing Mechanism . . . . . . . . . . . . . . . . . . . . 9 72 5. Control Plane Functions of AFBR . . . . . . . . . . . . . . . 10 73 5.1. E-IP (*,G) and (S,G) State Maintenance . . . . . . . . . 10 74 5.2. I-IP (S',G') State Maintenance . . . . . . . . . . . . . 10 75 5.3. E-IP (S,G,rpt) State Maintenance . . . . . . . . . . . . 11 76 5.4. Inter-AFBR Signaling . . . . . . . . . . . . . . . . . . 11 77 5.5. SPT Switchover . . . . . . . . . . . . . . . . . . . . . 13 78 5.6. Other PIM Message Types . . . . . . . . . . . . . . . . . 13 79 5.7. Other PIM States Maintenance . . . . . . . . . . . . . . 13 80 6. Data Plane Functions of the AFBR . . . . . . . . . . . . . . 13 81 6.1. Process and Forward Multicast Data . . . . . . . . . . . 14 82 6.2. TTL . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 83 6.3. Fragmentation . . . . . . . . . . . . . . . . . . . . . . 14 84 7. Packet Format and Translation . . . . . . . . . . . . . . . . 14 85 8. Softwire Mesh Multicast Encapsulation . . . . . . . . . . . . 15 86 9. Security Considerations . . . . . . . . . . . . . . . . . . . 16 87 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 16 88 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 16 89 11.1. Normative References . . . . . . . . . . . . . . . . . . 16 90 11.2. Informative References . . . . . . . . . . . . . . . . . 17 91 Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 17 92 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 17 94 1. Introduction 96 During IPv6 transition, there will be scenarios where a backbone 97 network running one IP address family internally (referred to as 98 internal IP or I-IP) will provide transit services to attached client 99 networks running another IP address family (referred to as external 100 IP or E-IP). 102 One solution is to leverage the multicast functions inherent in the 103 I-IP backbone, to efficiently forward client E-IP multicast packets 104 inside an I-IP core tree, which is rooted at one or more ingress 105 Address Family Border Routers (AFBRs) [RFC5565] and branches out to 106 one or more egress AFBRs. 108 [RFC4925] outlines the requirements for the softwires mesh scenario 109 and includes support for multicast traffic. It is likely that client 110 E-IP multicast sources and receivers will reside in different client 111 E-IP networks connected to an I-IP backbone network. This requires 112 the client E-IP source-rooted or shared tree to traverse the I-IP 113 backbone network. 115 One method of accomplishing this is to re-use the multicast VPN 116 approach outlined in [RFC6513]. MVPN-like schemes can support the 117 softwire mesh scenario and achieve a "many-to-one" mapping between 118 the E-IP client multicast trees and the transit core multicast trees. 119 The advantage of this approach is that the number of trees in the 120 I-IP backbone network scales less than linearly with the number of 121 E-IP client trees. Corporate enterprise networks and by extension 122 multicast VPNs have been known to run applications that create too 123 many (S,G) states [RFC7899]. Aggregation at the edge contains the 124 (S,G) states for customer's VPNs and these need to be maintained by 125 the network operator. The disadvantage of this approach is the 126 possibility of inefficient bandwidth and resource utilization when 127 multicast packets are delivered to a receiving AFBR with no attached 128 E-IP receivers. 130 [RFC8114] provides a solution for delivering IPv4 multicast services 131 over an IPv6 network. But it mainly focuses on DS-lite [RFC6333] 132 scenario. This document describes a detailed solution for IPv4-over- 133 IPv6 softwire mesh scenario, where client networks run IPv4 but the 134 backbone network runs IPv6. 136 Internet-style multicast is somewhat different in that the trees are 137 source-rooted and relatively sparse. The need for multicast 138 aggregation at the edge (where many customer multicast trees are 139 mapped into one or more backbone multicast trees) does not exist and 140 to date has not been identified. Thus the need for a basic or closer 141 alignment with E-IP and I-IP multicast procedures emerges. 143 [RFC5565] describes the "Softwire Mesh Framework". This document 144 provides a more detailed description of how one-to-one mapping 145 schemes ([RFC5565], Section 11.1) for IPv4 over IPv6 can be achieved. 147 1.1. Requirements Language 149 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 150 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 151 document are to be interpreted as described in [RFC2119]. 153 2. Terminology 155 Figure 1 shows an example of how a softwire mesh network can support 156 multicast traffic. A multicast source S is located in one E-IP 157 client network, while candidate E-IP group receivers are located in 158 the same or different E-IP client networks that all share a common 159 I-IP transit network. When E-IP sources and receivers are not local 160 to each other, they can only communicate with each other through the 161 I-IP core. There may be several E-IP sources for a single multicast 162 group residing in different client E-IP networks. In the case of 163 shared trees, the E-IP sources, receivers and rendezvous points (RPs) 164 might be located in different client E-IP networks. In the simplest 165 case, a single operator manages the resources of the I-IP core, 166 although the inter-operator case is also possible and so not 167 precluded. 169 ._._._._. ._._._._. 170 | | | | -------- 171 | E-IP | | E-IP |--|Source S| 172 | network | | network | -------- 173 ._._._._. ._._._._. 174 | | 175 AFBR upstream AFBR 176 | | 177 __+____________________+__ 178 / : : : : \ 179 | : : : : | E-IP Multicast 180 | : I-IP transit core : | packets are forwarded 181 | : : : : | across the I-IP 182 | : : : : | transit core 183 \_._._._._._._._._._._._._./ 184 + + 185 downstream AFBR downstream AFBR 186 | | 187 ._._._._ ._._._._ 188 -------- | | | | -------- 189 |Receiver|-- | E-IP | | E-IP |--|Receiver| 190 -------- |network | |network | -------- 191 ._._._._ ._._._._ 193 Figure 1: Softwire Mesh Multicast Framework 195 Terminology used in this document: 197 o Address Family Border Router (AFBR) - A router interconnecting two 198 or more networks using different IP address families. It MUST 199 support functions specified in [RFC5565]. Besides, in the context of 200 softwire mesh multicast, the AFBR runs E-IP and I-IP control planes 201 to maintain E-IP and I-IP multicast states respectively and performs 202 the appropriate encapsulation/decapsulation of client E-IP multicast 203 packets for transport across the I-IP core. An AFBR will act as a 204 source and/or receiver in an I-IP multicast tree. 206 o Upstream AFBR: An AFBR that is located on the upper reaches of a 207 multicast data flow. 209 o Downstream AFBR: An AFBR that is located on the lower reaches of a 210 multicast data flow. 212 o I-IP (Internal IP): This refers to IP address family (i.e., either 213 IPv4 or IPv6) that is supported by the core network. 215 o E-IP (External IP): This refers to the IP address family (i.e. 216 either IPv4 or IPv6) that is supported by the client network(s) 217 attached to the I-IP transit core. 219 o I-IP core tree: A distribution tree rooted at one or more AFBR 220 source nodes and branched out to one or more AFBR leaf nodes. An 221 I-IP core tree is built using standard IP or MPLS multicast signaling 222 protocols operating exclusively inside the I-IP core network. An 223 I-IP core tree is used to forward E-IP multicast packets belonging to 224 E-IP trees across the I-IP core. Another name for an I-IP core tree 225 is multicast or multipoint softwire. 227 o E-IP client tree: A distribution tree rooted at one or more hosts 228 or routers located inside a client E-IP network and branched out to 229 one or more leaf nodes located in the same or different client E-IP 230 networks. 232 o uPrefix46: The /96 unicast IPv6 prefix for constructing an 233 IPv4-embedded IPv6 unicast address [RFC6052]. 235 o mPrefix46: The /96 multicast IPv6 prefix for constructing an 236 IPv4-embedded IPv6 multicast address. 238 o PIMv4, PIMv6: refer to [RFC8114]. 240 o Inter-AFBR signaling: A mechanism used by downstream AFBRs to send 241 PIMv6 messages to the upstream AFBR. 243 3. Scope 245 This document focuses on IPv4-over-IPv6 scenario, the following 246 diagram shows the scenario. 248 ._._._._. ._._._._. 249 | IPv4 | | IPv4 | -------- 250 | Client | | Client |--|Source S| 251 | network | | network | -------- 252 ._._._._. ._._._._. 253 | | 254 AFBR upstream AFBR 255 | | 256 __+____________________+__ 257 / : : : : \ 258 | : : : : | 259 | : IPv6 transit core : | 260 | : : : : | 261 | : : : : | 262 \_._._._._._._._._._._._._./ 263 + + 264 downstream AFBR downstream AFBR 265 | | 266 ._._._._ ._._._._ 267 -------- | IPv4 | | IPv4 | -------- 268 |Receiver|-- | Client | | Client |--|Receiver| 269 -------- | network| | network| -------- 270 ._._._._ ._._._._ 272 Figure 2: IPv4-over-IPv6 Scenario 274 In Figure 2, the E-IP client networks run IPv4 and the I-IP core runs 275 IPv6. 277 Because of the much larger IPv6 group address space, the client 278 E-IPv4 tree can be mapped to a specific I-IPv6 core tree. This 279 simplifies operations on the AFBR because it becomes possible to 280 algorithmically map an IPv4 group/source address to an IPv6 group/ 281 source address and vice-versa. 283 The IPv4-over-IPv6 scenario is an emerging requirement as network 284 operators build out native IPv6 backbone networks. These networks 285 support native IPv6 services and applications but in many cases, 286 support for legacy IPv4 unicast and multicast services will also need 287 to be accommodated. 289 4. Mesh Multicast Mechanism 290 4.1. Mechanism Overview 292 Routers in the client E-IPv4 networks have routes to all other client 293 E-IPv4 networks. Through PIMv4 messages, E-IPv4 hosts and routers 294 have discovered or learnt of (S,G) or (*,G) IPv4 addresses. Any 295 I-IPv6 multicast state instantiated in the core is referred to as 296 (S',G') or (*,G') and is certainly separated from E-IPv4 multicast 297 state. 299 Suppose a downstream AFBR receives an E-IPv4 PIM Join/Prune message 300 from the E-IPv4 network for either an (S,G) tree or a (*,G) tree. 301 The AFBR translates the PIMv4 message into an PIMv6 message with the 302 latter being directed towards the I-IP IPv6 address of the upstream 303 AFBR. When the PIMv6 message arrives at the upstream AFBR, it is 304 translated back into an PIMv4 message. The result of these actions 305 is the construction of E-IPv4 trees and a corresponding I-IP tree in 306 the I-IP network. An example of the packet format and translation is 307 provided in Section 8. 309 In this case, it is incumbent upon the AFBRs to perform PIM message 310 conversions in the control plane and IP group address conversions or 311 mappings in the data plane. The AFBRs perform an algorithmic, one- 312 to-one mapping of IPv4-to-IPv6. 314 4.2. Group Address Mapping 316 For the IPv4-over-IPv6 scenario, a simple algorithmic mapping between 317 IPv4 multicast group addresses and IPv6 group addresses is performed. 318 Figure 4 shows the reminder of the format: 320 +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+ 321 | 0-------------32--40--48--56--64--72--80--88--96-----------127| 322 +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+ 323 | mPrefix46 |group address | 324 +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+ 326 Figure 4: IPv4-Embedded IPv6 Multicast Address Format 328 An IPv6 multicast prefix (mPrefix46) is provisioned on each AFBR. 329 AFBRs will prepend the prefix to an IPv4 multicast group address when 330 translating it to an IPv6 multicast group address. 332 The construction of the mPrefix46 for SSM is the same as the 333 construction of the mPrefix64 described in Section 5 of [RFC8114]. 335 With this scheme, each IPv4 multicast address can be mapped into an 336 IPv6 multicast address (with the assigned prefix), and each IPv6 337 multicast address with the assigned prefix can be mapped into an IPv4 338 multicast address. The group address translation algorithm can be 339 referred in Section 5.2 of [RFC8114]. 341 4.3. Source Address Mapping 343 There are two kinds of multicast modes: ASM and SSM. Considering 344 that the I-IP network and E-IP network may support different kinds of 345 multicast, the source address translation rules needed to support all 346 possible scenarios may become very complex. But since SSM can be 347 implemented with a strict subset of the PIM-SM protocol mechanisms 348 [RFC7761], we can treat the I-IP core as SSM-only to make it as 349 simple as possible. There then remain only two scenarios to be 350 discussed in detail: 352 o E-IP network supports SSM 354 One possible way to make sure that the translated PIMv6 message 355 reaches upstream AFBR is to set S' to a virtual IPv6 address that 356 leads to the upstream AFBR. The unicast adddress translation 357 should be achieved according to [RFC6052] 359 o E-IP network supports ASM 361 The (S,G) source list entry and the (*,G) source list entry only 362 differ in that the latter has both the WC and RPT bits of the 363 Encoded-Source-Address set, while the former is all cleared (See 364 Section 4.9.5.1 of [RFC7761]). So we can translate source list 365 entries in (*,G) messages into source list entries in (S'G') 366 messages by applying the format specified in Figure 5 and clearing 367 both the WildCard (WC) and RPT bits at downstream AFBRs, and vice- 368 versa for the reverse translation at upstream AFBRs. 370 4.4. Routing Mechanism 372 In the mesh multicast scenario, extra multicast routing information 373 is REQUIRED to be distributed among AFBRs to make sure that the PIMv6 374 messages that a downstream AFBR propagates reach the right upstream 375 AFBR. 377 Every AFBR MUST know the /32 prefix in "IPv4-Embedded IPv6 Virtual 378 Source Address Format". To achieve this, every AFBR should announce 379 one of its E-IPv4 interfaces in the "v4" field, and the corresponding 380 uPrefix46. The announcement SHOULD be sent to the other AFBRs 381 through MBGP [RFC4760]. Since every IP address of upstream AFBR's 382 E-IPv4 interface is different from each other, every uPrefix46 that 383 AFBR announces MUST be different, and uniquely identifies each AFBR. 384 "uPrefix46" is an IPv6 prefix, and the distribution mechanism is the 385 same as the traditional mesh unicast scenario. But "v4" field is an 386 E-IPv4 address, and BGP messages are not tunneled through softwires 387 or any other mechanism specified in [RFC5565], AFBRs MUST be able to 388 transport and encode/decode BGP messages that are carried over 389 I-IPv6, whose NLRI and NH are of E-IPv4 address family. 391 In this way, when a downstream AFBR receives an E-IPv4 PIM (S,G) 392 message, it can translate this message into (S',G') by looking up the 393 IP address of the corresponding AFBR's E-IPv4 interface. Since the 394 uPrefix46 of S' is unique, and is known to every router in the I-IPv6 395 network, the translated message will be forwarded to the 396 corresponding upstream AFBR, and the upstream AFBR can translate the 397 message back to (S,G). When a downstream AFBR receives an E-IPv4 PIM 398 (*,G) message, S' can be generated according to the format specified 399 in Figure 4, with "source address" field set to *(the IPv4 address of 400 RP). The translated message will be forwarded to the corresponding 401 upstream AFBR. Since every PIM router within a PIM domain MUST be 402 able to map a particular multicast group address to the same RP (see 403 Section 4.7 of [RFC7761]), when the upstream AFBR checks the "source 404 address" field of the message, it finds the IPv4 address of the RP, 405 and ascertains that this is originally a (*,G) message. This is then 406 translated back to the (*,G) message and processed. 408 5. Control Plane Functions of AFBR 410 AFBRs are responsible for the following functions: 412 5.1. E-IP (*,G) and (S,G) State Maintenance 414 E-IP (*,G) and (S,G) state maintenance on AFBR is the same as E-IP 415 (*,G) and (S,G) state maintenance on mAFTR described in Section 7.2 416 of [RFC8114] 418 5.2. I-IP (S',G') State Maintenance 420 It is possible that the I-IP transit core runs another non-transit 421 I-IP PIM-SSM instance. Since the translated source address starts 422 with the unique "Well-Known" prefix or the ISP-defined prefix that 423 SHOULD NOT be used by other service provider, mesh multicast will not 424 influence non-transit PIM-SSM multicast at all. When an AFBR 425 receives an I-IP (S',G') message, it MUST check S'. If S' starts 426 with the unique prefix, then the message is actually a translated 427 E-IP (S,G) or (*,G) message, and the AFBR MUST translate this message 428 back to PIMv4 message and process it. 430 5.3. E-IP (S,G,rpt) State Maintenance 432 When an AFBR wishes to propagate a Join/Prune(S,G,rpt) message to an 433 I-IP upstream router, the AFBR MUST operate as specified in 434 Section 6.5 and Section 6.6. 436 5.4. Inter-AFBR Signaling 438 Assume that one downstream AFBR has joined a RPT of (*,G) and a SPT 439 of (S,G), and decide to perform an SPT switchover. According to 440 [RFC7761], it SHOULD propagate a Prune(S,G,rpt) message along with 441 the periodical Join(*,G) message upstream towards RP. However, 442 routers in the I-IP transit core do not process (S,G,rpt) messages 443 since the I-IP transit core is treated as SSM-only. As a result, the 444 downstream AFBR is unable to prune S from this RPT, so it will 445 receive two copies of the same data of (S,G). In order to solve this 446 problem, we introduce a new mechanism for downstream AFBRs to inform 447 upstream AFBRs of pruning any given S from an RPT. 449 When a downstream AFBR wishes to propagate a (S,G,rpt) message 450 upstream, it SHOULD encapsulate the (S,G,rpt) message, then send the 451 encapsulated unicast message to the corresponding upstream AFBR, 452 which we call "RP'". 454 When RP' receives this encapsulated message, it SHOULD decapsulate 455 the message as in the unicast scenario, and retrieve the original 456 (S,G,rpt) message. The incoming interface of this message may be 457 different to the outgoing interface which propagates multicast data 458 to the corresponding downstream AFBR, and there may be other 459 downstream AFBRs that need to receive multicast data of (S,G) from 460 this incoming interface, so RP' SHOULD NOT simply process this 461 message as specified in [RFC7761] on the incoming interface. 463 To solve this problem, we introduce an "interface agent" to process 464 all the encapsulated (S,G,rpt) messages the upstream AFBR receives. 465 The interface agent's RP' SHOULD prune S from the RPT of group G when 466 no downstream AFBR is subscribed to receive multicast data of (S,G) 467 along the RPT. 469 In this way, we ensure that downstream AFBRs will not miss any 470 multicast data that they need. The cost of this is that multicast 471 data of (S,G) will be duplicated along the RPT received by SPT- 472 switched-over downstream AFBRs, if at least one downstream AFBR 473 exists that has not yet sent Prune(S,G,rpt) messages to the upstream 474 AFBR. 476 In certain deployment scenarios (e.g. if there is only a single 477 downstream router), the interface agent function is not required. 479 The mechanism used to achieve this is left to the implementation. 480 The following diagram provides one possible solution for an 481 "interface agent" implementation: 483 +----------------------------------------+ 484 | | 485 | +-----------+----------+ | 486 | | PIM-SM | UDP | | 487 | +-----------+----------+ | 488 | ^ | | 489 | | | | 490 | | v | 491 | +----------------------+ | 492 | | I/F Agent | | 493 | +----------------------+ | 494 | PIM ^ | multicast | 495 | messages | | data | 496 | | +-------------+---+ | 497 | +--+--|-----------+ | | 498 | | v | v | 499 | +--------- + +----------+ | 500 | | I-IP I/F | | I-IP I/F | | 501 | +----------+ +----------+ | 502 | ^ | ^ | | 503 | | | | | | 504 +--------|-----|----------|-----|--------+ 505 | v | v 507 Figure 7: Interface Agent Implementation Example 509 Figure 7 shows an example of interface agent implementation using UDP 510 encapsulation. The interface agent has two responsibilities: In the 511 control plane, it SHOULD work as a real interface that has joined 512 (*,G), representing of all the I-IP interfaces which are outgoing 513 interfaces of the (*,G) state machine, and process the (S,G,rpt) 514 messages received from all the I-IP interfaces. 516 The interface agent maintains downstream (S,G,rpt) state machines of 517 every downstream AFBR, and submits Prune (S,G,rpt) messages to the 518 PIM-SM module only when every (S,G,rpt) state machine is at Prune(P) 519 or PruneTmp(P') state, which means that no downstream AFBR is 520 subscribed to receive multicast data of (S,G) along the RPT of G. 521 Once a (S,G,rpt) state machine changes to NoInfo(NI) state, which 522 means that the corresponding downstream AFBR has switched to receive 523 multicast data of (S,G) along the RPT again, the interface agent 524 SHOULD send a Join (S,G,rpt) to the PIM-SM module immediately. 526 In the data plane, upon receiving a multicast data packet, the 527 interface agent SHOULD encapsulate it at first, then propagate the 528 encapsulated packet from every I-IP interface. 530 NOTICE: It is possible that an E-IP neighbor of RP' that has joined 531 the RPT of G, so the per-interface state machine for receiving E-IP 532 Join/Prune (S,G,rpt) messages SHOULD be preserved. 534 5.5. SPT Switchover 536 After a new AFBR requests the receipt of traffic destined for a 537 multicast group, it will receive all the data from the RPT at first. 538 At this time, every downstream AFBR will receive multicast data from 539 any source from this RPT, in spite of whether they have switched over 540 to an SPT of some source(s) or not. 542 To minimize this redundancy, it is recommended that every AFBR's 543 SwitchToSptDesired(S,G) function employs the "switch on first packet" 544 policy. In this way, the delay in switchover to SPT is kept as small 545 as possible, and after the moment that every AFBR has performed the 546 SPT switchover for every S of group G, no data will be forwarded in 547 the RPT of G, thus no more unnecessary duplication will be produced. 549 5.6. Other PIM Message Types 551 In addition to Join or Prune, other message types exist, including 552 Register, Register-Stop, Hello and Assert. Register and Register- 553 Stop messages are sent by unicast, while Hello and Assert messages 554 are only used between directly linked routers to negotiate with each 555 other. It is not necessary to translate these for forwarding, thus 556 the processing of these messages is out of scope for this document. 558 5.7. Other PIM States Maintenance 560 In addition to states mentioned above, other states exist, including 561 (*,*,RP) and I-IP (*,G') state. Since we treat the I-IP core as SSM- 562 only, the maintenance of these states is out of scope for this 563 document. 565 6. Data Plane Functions of the AFBR 566 6.1. Process and Forward Multicast Data 568 Refer to Section 7.4 of [RFC8114]. If there is at least one outgoing 569 interface whose IP address family is different from the incoming 570 interface, the AFBR MUST encapsulate this packet with 571 mPrefix46-derived and uPrefix46-derived IPv6 address to form an IPv6 572 multicast packet. 574 6.2. TTL 576 Processing of TTL information in protocol headers depends on the 577 tunneling technology, and it is out of scope of this document. 579 6.3. Fragmentation 581 The encapsulation performed by an upstream AFBR will increase the 582 size of packets. As a result, the outgoing I-IP link MTU may not 583 accommodate the larger packet size. As it is not always possible for 584 core operators to increase the MTU of every link. Fragmentation 585 after encapsulation and reassembling of encapsulated packets MUST be 586 supported by AFBRs [RFC5565]. 588 7. Packet Format and Translation 590 Because the PIM-SM Specification is independent of the underlying 591 unicast routing protocol, the packet format in Section 4.9 of 592 [RFC7761] remains the same, except that the group address and source 593 address MUST be translated when traversing AFBR. 595 For example, Figure 8 shows the register-stop message format in IPv4 596 and IPv6 address family. 598 0 1 2 3 599 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 600 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 601 |PIM Ver| Type | Reserved | Checksum | 602 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 603 | IPv4 Group Address (Encoded-Group format) | 604 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 605 | IPv4 Source Address (Encoded-Unicast format) | 606 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 607 (1). IPv4 Register-Stop Message Format 609 0 1 2 3 610 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 611 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 612 |PIM Ver| Type | Reserved | Checksum | 613 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 614 | IPv6 Group Address (Encoded-Group format) | 615 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 616 | IPv6 Source Address (Encoded-Unicast format) | 617 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 618 (2). IPv6 Register-Stop Message Format 620 Figure 8: Register-Stop Message Format 622 In Figure 8, the semantics of fields "PIM Ver", "Type", "Reserved", 623 and "Checksum" remain the same. 625 IPv4 Group Address (Encoded-Group format): The encoded-group format 626 of the IPv4 group address described in Section 4.2. 628 IPv4 Source Address (Encoded-Group format): The encoded-unicast 629 format of the IPv4 source address described in Section 4.3. 631 IPv6 Group Address (Encoded-Group format): The encoded-group format 632 of the IPv6 group address described in Section 4.2. 634 IPv6 Source Address (Encoded-Group format): The encoded-unicast 635 format of the IPv6 source address described in Section 4.3. 637 8. Softwire Mesh Multicast Encapsulation 639 Softwire mesh multicast encapsulation does not require the use of any 640 one particular encapsulation mechanism. Rather, it MUST accommodate 641 a variety of different encapsulation mechanisms, and allow the use of 642 encapsulation mechanisms mentioned in [RFC4925]. Additionally, all 643 of the AFBRs attached to the I-IP network MUST implement the same 644 encapsulation mechanism. 646 9. Security Considerations 648 The security concerns raised in [RFC4925] and [RFC7761] are 649 applicable here. In addition, the additional workload associated 650 with some schemes could be exploited by an attacker to perform a out 651 DDoS attack. Compared with [RFC4925], the security concerns SHOULD 652 be considered more carefully: an attacker could potentially set up 653 many multicast trees in the edge networks, causing too many multicast 654 states in the core network. 656 10. IANA Considerations 658 This document includes no request to IANA. 660 11. References 662 11.1. Normative References 664 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 665 Requirement Levels", BCP 14, RFC 2119, 666 DOI 10.17487/RFC2119, March 1997, 667 . 669 [RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing 670 Architecture", RFC 4291, DOI 10.17487/RFC4291, February 671 2006, . 673 [RFC4301] Kent, S. and K. Seo, "Security Architecture for the 674 Internet Protocol", RFC 4301, DOI 10.17487/RFC4301, 675 December 2005, . 677 [RFC4760] Bates, T., Chandra, R., Katz, D., and Y. Rekhter, 678 "Multiprotocol Extensions for BGP-4", RFC 4760, 679 DOI 10.17487/RFC4760, January 2007, 680 . 682 [RFC4925] Li, X., Ed., Dawkins, S., Ed., Ward, D., Ed., and A. 683 Durand, Ed., "Softwire Problem Statement", RFC 4925, 684 DOI 10.17487/RFC4925, July 2007, 685 . 687 [RFC5565] Wu, J., Cui, Y., Metz, C., and E. Rosen, "Softwire Mesh 688 Framework", RFC 5565, DOI 10.17487/RFC5565, June 2009, 689 . 691 [RFC6052] Bao, C., Huitema, C., Bagnulo, M., Boucadair, M., and X. 692 Li, "IPv6 Addressing of IPv4/IPv6 Translators", RFC 6052, 693 DOI 10.17487/RFC6052, October 2010, 694 . 696 [RFC6333] Durand, A., Droms, R., Woodyatt, J., and Y. Lee, "Dual- 697 Stack Lite Broadband Deployments Following IPv4 698 Exhaustion", RFC 6333, DOI 10.17487/RFC6333, August 2011, 699 . 701 [RFC6513] Rosen, E., Ed. and R. Aggarwal, Ed., "Multicast in MPLS/ 702 BGP IP VPNs", RFC 6513, DOI 10.17487/RFC6513, February 703 2012, . 705 [RFC7761] Fenner, B., Handley, M., Holbrook, H., Kouvelas, I., 706 Parekh, R., Zhang, Z., and L. Zheng, "Protocol Independent 707 Multicast - Sparse Mode (PIM-SM): Protocol Specification 708 (Revised)", STD 83, RFC 7761, DOI 10.17487/RFC7761, March 709 2016, . 711 [RFC7899] Morin, T., Ed., Litkowski, S., Patel, K., Zhang, Z., 712 Kebler, R., and J. Haas, "Multicast VPN State Damping", 713 RFC 7899, DOI 10.17487/RFC7899, June 2016, 714 . 716 [RFC8114] Boucadair, M., Qin, C., Jacquenet, C., Lee, Y., and Q. 717 Wang, "Delivery of IPv4 Multicast Services to IPv4 Clients 718 over an IPv6 Multicast Network", RFC 8114, 719 DOI 10.17487/RFC8114, March 2017, 720 . 722 11.2. Informative References 724 [RFC7371] Boucadair, M. and S. Venaas, "Updates to the IPv6 725 Multicast Addressing Architecture", RFC 7371, 726 DOI 10.17487/RFC7371, September 2014, 727 . 729 Appendix A. Acknowledgements 731 Wenlong Chen, Xuan Chen, Alain Durand, Yiu Lee, Jacni Qin and Stig 732 Venaas provided useful input into this document. 734 Authors' Addresses 735 Mingwei Xu 736 Tsinghua University 737 Department of Computer Science, Tsinghua University 738 Beijing 100084 739 P.R. China 741 Phone: +86-10-6278-5822 742 Email: xumw@tsinghua.edu.cn 744 Yong Cui 745 Tsinghua University 746 Department of Computer Science, Tsinghua University 747 Beijing 100084 748 P.R. China 750 Phone: +86-10-6278-5822 751 Email: cuiyong@tsinghua.edu.cn 753 Jianping Wu 754 Tsinghua University 755 Department of Computer Science, Tsinghua University 756 Beijing 100084 757 P.R. China 759 Phone: +86-10-6278-5983 760 Email: jianping@cernet.edu.cn 762 Shu Yang 763 Tsinghua University 764 Graduate School at Shenzhen 765 Shenzhen 518055 766 P.R. China 768 Phone: +86-10-6278-5822 769 Email: yangshu@csnet1.cs.tsinghua.edu.cn 771 Chris Metz 772 Cisco Systems 773 170 West Tasman Drive 774 San Jose, CA 95134 775 USA 777 Phone: +1-408-525-3275 778 Email: chmetz@cisco.com 779 Greg Shepherd 780 Cisco Systems 781 170 West Tasman Drive 782 San Jose, CA 95134 783 USA 785 Phone: +1-541-912-9758 786 Email: shep@cisco.com