idnits 2.17.1 draft-ietf-softwire-mesh-multicast-23.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (September 15, 2018) is 2050 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-13) exists of draft-ietf-intarea-tunnels-09 Summary: 0 errors (**), 0 flaws (~~), 2 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Softwire WG M. Xu 3 Internet-Draft Y. Cui 4 Intended status: Standards Track J. Wu 5 Expires: March 19, 2019 Tsinghua University 6 S. Yang 7 Shenzhen University 8 C. Metz 9 Cisco Systems 10 September 15, 2018 12 IPv4 Multicast over an IPv6 Multicast in Softwire Mesh Network 13 draft-ietf-softwire-mesh-multicast-23 15 Abstract 17 During the transition to IPv6, there will be scenarios where a 18 backbone network internally running one IP address family (referred 19 to as the internal IP or I-IP family), connects client networks 20 running another IP address family (referred to as the external IP or 21 E-IP family). In such cases, the I-IP backbone needs to offer both 22 unicast and multicast transit services to the client E-IP networks. 24 This document describes a mechanism for supporting multicast across 25 backbone networks where the I-IP and E-IP protocol families differ. 26 The document focuses on IPv4-over-IPv6 scenario, due to lack of real- 27 world use cases for IPv6-over-IPv4 scenario. 29 Status of This Memo 31 This Internet-Draft is submitted in full conformance with the 32 provisions of BCP 78 and BCP 79. 34 Internet-Drafts are working documents of the Internet Engineering 35 Task Force (IETF). Note that other groups may also distribute 36 working documents as Internet-Drafts. The list of current Internet- 37 Drafts is at https://datatracker.ietf.org/drafts/current/. 39 Internet-Drafts are draft documents valid for a maximum of six months 40 and may be updated, replaced, or obsoleted by other documents at any 41 time. It is inappropriate to use Internet-Drafts as reference 42 material or to cite them other than as "work in progress." 44 This Internet-Draft will expire on March 19, 2019. 46 Copyright Notice 48 Copyright (c) 2018 IETF Trust and the persons identified as the 49 document authors. All rights reserved. 51 This document is subject to BCP 78 and the IETF Trust's Legal 52 Provisions Relating to IETF Documents 53 (https://trustee.ietf.org/license-info) in effect on the date of 54 publication of this document. Please review these documents 55 carefully, as they describe your rights and restrictions with respect 56 to this document. Code Components extracted from this document must 57 include Simplified BSD License text as described in Section 4.e of 58 the Trust Legal Provisions and are provided without warranty as 59 described in the Simplified BSD License. 61 Table of Contents 63 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 64 2. Requirements Language . . . . . . . . . . . . . . . . . . . . 5 65 3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 5 66 4. Scope . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 67 5. Mesh Multicast Mechanism . . . . . . . . . . . . . . . . . . 7 68 5.1. Mechanism Overview . . . . . . . . . . . . . . . . . . . 8 69 5.2. Group Address Mapping . . . . . . . . . . . . . . . . . . 8 70 5.3. Source Address Mapping . . . . . . . . . . . . . . . . . 9 71 5.4. Routing Mechanism . . . . . . . . . . . . . . . . . . . . 9 72 6. Control Plane Functions of AFBR . . . . . . . . . . . . . . . 10 73 6.1. E-IP (*,G) and (S,G) State Maintenance . . . . . . . . . 10 74 6.2. I-IP (S',G') State Maintenance . . . . . . . . . . . . . 10 75 6.3. E-IP (S,G,rpt) State Maintenance . . . . . . . . . . . . 11 76 6.4. Inter-AFBR Signaling . . . . . . . . . . . . . . . . . . 11 77 6.5. SPT Switchover . . . . . . . . . . . . . . . . . . . . . 13 78 6.6. Other PIM Message Types . . . . . . . . . . . . . . . . . 13 79 6.7. Other PIM States Maintenance . . . . . . . . . . . . . . 13 80 7. Data Plane Functions of the AFBR . . . . . . . . . . . . . . 13 81 7.1. Process and Forward Multicast Data . . . . . . . . . . . 14 82 7.2. TTL . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 83 7.3. Fragmentation . . . . . . . . . . . . . . . . . . . . . . 14 84 8. Packet Format and Translation . . . . . . . . . . . . . . . . 14 85 9. Softwire Mesh Multicast Encapsulation . . . . . . . . . . . . 15 86 10. Security Considerations . . . . . . . . . . . . . . . . . . . 16 87 11. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 16 88 12. References . . . . . . . . . . . . . . . . . . . . . . . . . 16 89 12.1. Normative References . . . . . . . . . . . . . . . . . . 16 90 12.2. Informative References . . . . . . . . . . . . . . . . . 17 91 Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 17 92 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 17 94 1. Introduction 96 During the transition to IPv6, there will be scenarios where a 97 backbone network internally running one IP address family (referred 98 to as the internal IP or I-IP family), connects client networks 99 running another IP address family (referred to as the external IP or 100 E-IP family). 102 One solution is to leverage the multicast functions inherent in the 103 I-IP backbone to efficiently forward client E-IP multicast packets 104 inside an I-IP core tree. The I-IP tree is rooted at one or more 105 ingress Address Family Border Routers (AFBRs) [RFC5565] and branches 106 out to one or more egress AFBRs. 108 [RFC4925] outlines the requirements for the softwire mesh scenario 109 and includes support for multicast traffic. It is likely that client 110 E-IP multicast sources and receivers will reside in different client 111 E-IP networks connected to an I-IP backbone network. This requires 112 the client E-IP source-rooted or shared tree to traverse the I-IP 113 backbone network. 115 This could be accomplished by re-using the multicast VPN approach 116 outlined in [RFC6513]. MVPN-like schemes can support the softwire 117 mesh scenario and achieve a "many-to-one" mapping between the E-IP 118 client multicast trees and the transit core multicast trees. The 119 advantage of this approach is that the number of trees in the I-IP 120 backbone network scales less than linearly with the number of E-IP 121 client trees. Corporate enterprise networks, and by extension 122 multicast VPNs, have been known to run applications that create too 123 many (S,G) states [RFC7761][RFC7899]. Aggregation at the edge 124 contains the (S,G) states for customer's VPNs and these need to be 125 maintained by the network operator. The disadvantage of this 126 approach is the possibility of inefficient bandwidth and resource 127 utilization when multicast packets are delivered to a receiving AFBR 128 with no attached E-IP receivers. 130 [RFC8114] provides a solution for delivering IPv4 multicast services 131 over an IPv6 network. But it mainly focuses on the DS-lite [RFC6333] 132 scenario, where IPv4 addresses assigned by a broadband service 133 provider are shared among customers. This document describes a 134 detailed solution for the IPv4-over-IPv6 softwire mesh scenario, 135 where client networks run IPv4 and the backbone network runs IPv6. 137 Internet-style multicast is somewhat different to the [RFC8114] 138 scenario in that the trees are source-rooted and relatively sparse. 139 The need for multicast aggregation at the edge (where many customer 140 multicast trees are mapped into one or more backbone multicast trees) 141 does not exist and to date has not been identified. Thus the need 142 for alignment between the E-IP and I-IP multicast mechanisms emerges. 144 [RFC5565] describes the "Softwire Mesh Framework". This document 145 provides a more detailed description of how one-to-one mapping 146 schemes ([RFC5565], Section 11.1) for IPv4-over-IPv6 multicast can be 147 achieved. 149 Figure 1 shows an example of how a softwire mesh network can support 150 multicast traffic. A multicast source S is located in one E-IP 151 client network, while candidate E-IP group receivers are located in 152 the same or different E-IP client networks that all share a common 153 I-IP transit network. When E-IP sources and receivers are not local 154 to each other, they can only communicate with each other through the 155 I-IP core. There may be several E-IP sources for a single multicast 156 group residing in different client E-IP networks. In the case of 157 shared trees, the E-IP sources, receivers and rendezvous points (RPs) 158 might be located in different client E-IP networks. In the simplest 159 case, a single operator manages the resources of the I-IP core, 160 although the inter-operator case is also possible and so not 161 precluded. 163 +---------+ +---------+ 164 | | | | +--------+ 165 | E-IP | | E-IP +--+Source S| 166 | network | | network | +--------+ 167 +---+-----+ +--+------+ 168 | | 169 +-+--------+ +-------+--+ 170 | | | upstream | 171 +-| AFBR +--+ AFBR |-+ 172 | +----------+ +----------+ | 173 | | E-IP Multicast 174 | I-IP transit core | packets are forwarded 175 | | across the I-IP 176 | +----------+ +----------+ | transit core 177 +-|dowstream | |downstream|-+ 178 | AFBR |--| AFBR | 179 +--+-------+ +--------+-+ 180 | | 181 +---+----+ +---+----+ 182 +--------+ | | | | +--------+ 183 |Receiver+---+ E-IP | | E-IP +--+Receiver| 184 +--------+ |network | |network | +--------+ 185 +--------+ +--------+ 187 Figure 1: Softwire Mesh Multicast Framework 189 2. Requirements Language 191 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 192 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 193 document are to be interpreted as described in [RFC2119]. 195 3. Terminology 197 Terminology used in this document: 199 o Address Family Border Router (AFBR) - A router interconnecting two 200 or more networks using different IP address families. Besides, in 201 the context of softwire mesh multicast, the AFBR runs E-IP and I-IP 202 control planes to maintain E-IP and I-IP multicast states 203 respectively and performs the appropriate encapsulation/decapsulation 204 of client E-IP multicast packets for transport across the I-IP core. 205 An AFBR will act as a source and/or receiver in an I-IP multicast 206 tree. 208 o Upstream AFBR: An AFBR that is located on the upper reaches of a 209 multicast data flow. 211 o Downstream AFBR: An AFBR that is located on the lower reaches of a 212 multicast data flow. 214 o I-IP (Internal IP): This refers to IP address family that is 215 supported by the core network. In this document, the I-IP is IPv6. 217 o E-IP (External IP): This refers to the IP address family that is 218 supported by the client network(s) attached to the I-IP transit core. 219 In this document, the E-IP is IPv4. 221 o I-IP core tree: A distribution tree rooted at one or more AFBR 222 source nodes and branched out to one or more AFBR leaf nodes. An 223 I-IP core tree is built using standard IP or MPLS multicast signaling 224 protocols (in this document, we focus on IP multicast) operating 225 exclusively inside the I-IP core network. An I-IP core tree is used 226 to forward E-IP multicast packets belonging to E-IP trees across the 227 I-IP core. Another name for an I-IP core tree is multicast or 228 multipoint softwire. 230 o E-IP client tree: A distribution tree rooted at one or more hosts 231 or routers located inside a client E-IP network and branched out to 232 one or more leaf nodes located in the same or different client E-IP 233 networks. 235 o uPrefix46: The /96 unicast IPv6 prefix for constructing an 236 IPv4-embedded IPv6 unicast address [RFC6052]. 238 o mPrefix46: The /96 multicast IPv6 prefix for constructing an 239 IPv4-embedded IPv6 multicast address. 241 o PIMv4, PIMv6: refer to [RFC8114]. 243 o Inter-AFBR signaling: A mechanism used by downstream AFBRs to send 244 PIMv6 messages to the upstream AFBR. 246 4. Scope 248 This document focuses on the IPv4-over-IPv6 scenario, as shown in the 249 following diagram: 251 +---------+ +---------+ 252 | IPv4 | | IPv4 | +--------+ 253 | Client | | Client |--+Source S| 254 | Network | | Network | +--------+ 255 +----+----+ +----+----+ 256 | | 257 +--+-------+ +-------+--+ 258 | | | Upstream | 259 +-+ AFBR +--+ AFBR |-+ 260 | +----------+ +----------+ | 261 | | 262 | IPv6 transit core | 263 | | 264 | +----------+ +----------+ | 265 +-+Downstream+--+Downstream+-+ 266 | AFBR | | AFBR | 267 +--+-------+ +-------+--+ 268 | | 269 +----+----+ +----+----+ 270 +--------+ | IPv4 | | IPv4 | +--------+ 271 |Receiver+--+ Client | | Client +--+Receiver| 272 +--------+ | Network | | Network | +--------+ 273 +---------+ +---------+ 275 Figure 2: IPv4-over-IPv6 Scenario 277 In Figure 2, the E-IP client networks run IPv4 and the I-IP core runs 278 IPv6. 280 Because of the much larger IPv6 group address space, the client E-IP 281 tree can be mapped to a specific I-IP core tree. This simplifies 282 operations on the AFBR because it becomes possible to algorithmically 283 map an IPv4 group/source address to an IPv6 group/source address and 284 vice-versa. 286 The IPv4-over-IPv6 scenario is an emerging requirement as network 287 operators build out native IPv6 backbone networks. These networks 288 support native IPv6 services and applications but in many cases, 289 support for legacy IPv4 unicast and multicast services will also need 290 to be accommodated. 292 5. Mesh Multicast Mechanism 293 5.1. Mechanism Overview 295 Routers in the client E-IP networks have routes to all other client 296 E-IP networks. Through PIMv4 messages, E-IP hosts and routers have 297 discovered or learnt of (S,G) or (*,G)[RFC7761] IPv4 addresses. Any 298 I-IP multicast state instantiated in the core is referred to as 299 (S',G') or (*,G') and is separated from E-IP multicast state. 301 Suppose a downstream AFBR receives an E-IP PIM Join/Prune message 302 from the E-IP network for either an (S,G) tree or a (*,G) tree. The 303 AFBR translates the PIMv4 message into an PIMv6 message with the 304 latter being directed towards the I-IP IPv6 address of the upstream 305 AFBR. When the PIMv6 message arrives at the upstream AFBR, it is 306 translated back into an PIMv4 message. The result of these actions 307 is the construction of E-IP trees and a corresponding I-IP tree in 308 the I-IP network. An example of the packet format and translation is 309 provided in Section 8. 311 In this case, it is incumbent upon the AFBRs to perform PIM message 312 conversions in the control plane and IP group address conversions or 313 mappings in the data plane. The AFBRs perform an algorithmic, one- 314 to-one mapping of IPv4-to-IPv6. 316 5.2. Group Address Mapping 318 A simple algorithmic mapping between IPv4 multicast group addresses 319 and IPv6 group addresses is performed. Figure 3 is provided as a 320 reminder of the format: 322 +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+ 323 | 0-------------32--40--48--56--64--72--80--88--96-----------127| 324 +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+ 325 | mPrefix46 | group address | 326 +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+ 328 Figure 3: IPv4-Embedded IPv6 Multicast Address Format 330 An IPv6 multicast prefix (mPrefix46) is provisioned on each AFBR. 331 AFBRs will prepend the prefix to an IPv4 multicast group address when 332 translating it to an IPv6 multicast group address. 334 The construction of the mPrefix46 for SSM is the same as the 335 construction of the mPrefix64 described in Section 5 of [RFC8114]. 337 With this scheme, each IPv4 multicast address can be mapped into an 338 IPv6 multicast address (with the assigned prefix), and each IPv6 339 multicast address with the assigned prefix can be mapped into an IPv4 340 multicast address. The group address translation algorithm can be 341 referred in Section 5.2 of [RFC8114]. 343 5.3. Source Address Mapping 345 There are two kinds of multicast: ASM and SSM. Considering that the 346 I-IP network and E-IP network may support different kinds of 347 multicast, the source address translation rules needed to support all 348 possible scenarios may become very complex. But since SSM can be 349 implemented with a strict subset of the PIM-SM protocol mechanisms 350 [RFC7761], we can treat the I-IP core as SSM-only to make it as 351 simple as possible. There then remain only two scenarios to be 352 discussed in detail: 354 o E-IP network supports SSM 356 One possible way to make sure that the translated PIMv6 message 357 reaches upstream AFBR is to set S' to a virtual IPv6 address that 358 leads to the upstream AFBR. The unicast adddress translation 359 should be achieved according to [RFC6052] 361 o E-IP network supports ASM 363 The (S,G) source list entry and the (*,G) source list entry differ 364 only in that the latter has both the WildCard (WC) and RPT bits of 365 the Encoded-Source-Address set, while with the former, the bits 366 are cleared (See Section 4.9.5.1 of [RFC7761]). As a result, the 367 source list entries in (*,G) messages can be translated into 368 source list entries in (S',G') messages by clearing both the WC 369 and RPT bits at downstream AFBRs, and vice-versa for the reverse 370 translation at upstream AFBRs. 372 5.4. Routing Mechanism 374 With mesh multicast, PIMv6 messages originating from a downstream 375 AFBR need to be propogated to the correct upstream AFBR, and every 376 AFBR needs the /96 prefix in "IPv4-Embedded IPv6 Virtual Source 377 Address Format". 379 To achieve this, every AFBR MUST announce the address of one of its 380 E-IPv4 interfaces in the "v4" field alongside the corresponding 381 uPreifx64. The announcement MUST be sent to the other AFBRs through 382 MBGP [RFC4760]. Every uPrefix46 that an AFBR announces MUST be 383 unique. "uPrefix46" is an IPv6 prefix, and the distribution 384 mechanism is the same as the traditional mesh unicast scenario. 386 As the "v4" field is an E-IP address, and BGP messages are not 387 tunneled through softwires or any other mechanism specified in 388 [RFC5565], AFBRs MUST be able to transport and encode/decode BGP 389 messages that are carried over the I-IP, and whose NLRI and NH are of 390 the E-IP address family. 392 In this way, when a downstream AFBR receives an E-IP PIM (S,G) 393 message, it can translate this message into (S',G') by looking up the 394 IP address of the corresponding AFBR's E-IP interface. Since the 395 uPrefix46 of S' is unique, and is known to every router in the I-IP 396 network, the translated message will be forwarded to the 397 corresponding upstream AFBR, and the upstream AFBR can translate the 398 message back to (S,G). 400 When a downstream AFBR receives an E-IP PIM (*,G) message, S' can be 401 generated according to the format specified in Figure 3, with the 402 "source address" field set to * (wildcard value). The translated 403 message will be forwarded to the corresponding upstream AFBR. Since 404 every PIM router within a PIM domain MUST be able to map a particular 405 multicast group address to the same RP (see Section 4.7 of 406 [RFC7761]), when the upstream AFBR checks the "source address" field 407 of the message, it finds the IPv4 address of the RP, and ascertains 408 that this is originally a (*,G) message. This is then translated 409 back to the (*,G) message and processed. 411 6. Control Plane Functions of AFBR 413 AFBRs are responsible for the following functions: 415 6.1. E-IP (*,G) and (S,G) State Maintenance 417 E-IP (*,G) and (S,G) state maintenance for an AFBR is the same as 418 E-IP (*,G) and (S,G) state maintenance for an mAFTR described in 419 Section 7.2 of [RFC8114] 421 6.2. I-IP (S',G') State Maintenance 423 It is possible that the I-IP transit core runs another, non-transit, 424 I-IP PIM-SSM instance. Since the translated source address starts 425 with the unique "Well-Known" prefix or the ISP-defined prefix that 426 MUST NOT be used by another service provider, mesh multicast will not 427 influence non-transit PIM-SSM multicast at all. When an AFBR 428 receives an I-IP (S',G') message, it MUST check S'. If S' starts 429 with the unique prefix, then the message is actually a translated 430 E-IP (S,G) or (*,G) message, and the AFBR translate this message back 431 to a PIMv4 message and process it. 433 6.3. E-IP (S,G,rpt) State Maintenance 435 When an AFBR wishes to propagate a Join/Prune(S,G,rpt)[RFC7761] 436 message to an I-IP upstream router, the AFBR MUST operate as 437 specified in Section 6.5 and Section 6.6. 439 6.4. Inter-AFBR Signaling 441 Assume that one downstream AFBR has joined an RPT of (*,G) and an SPT 442 of (S,G), and decided to perform an SPT switchover. According to 443 [RFC7761], it SHOULD propagate a Prune(S,G,rpt) message along with 444 the periodical Join(*,G) message upstream towards the RP. However, 445 routers in the I-IP transit core do not process (S,G,rpt) messages 446 since the I-IP transit core is treated as SSM-only. As a result, the 447 downstream AFBR is unable to prune S from this RPT, so it will 448 receive two copies of the same data for (S,G). In order to solve 449 this problem, we introduce a new mechanism for downstream AFBRs to 450 inform upstream AFBRs of pruning any given S from an RPT. 452 When a downstream AFBR wishes to propagate an (S,G,rpt) message 453 upstream, it SHOULD encapsulate the (S,G,rpt) message, then send the 454 encapsulated unicast message to the corresponding upstream AFBR, 455 which we call "RP'". 457 When RP' receives this encapsulated message, it SHOULD decapsulate 458 the message as in the unicast scenario, and retrieve the original 459 (S,G,rpt) message. The incoming interface of this message may be 460 different to the outgoing interface which propagates multicast data 461 to the corresponding downstream AFBR, and there may be other 462 downstream AFBRs that need to receive multicast data of (S,G) from 463 this incoming interface, so RP' SHOULD NOT simply process this 464 message as specified in [RFC7761] on the incoming interface. 466 To solve this problem, we introduce an "interface agent" to process 467 all the encapsulated (S,G,rpt) messages the upstream AFBR receives. 468 The interface agent's RP' SHOULD prune S from the RPT of group G when 469 no downstream AFBR is subscribed to receive multicast data of (S,G) 470 along the RPT. 472 In this way, we ensure that downstream AFBRs will not miss any 473 multicast data that they need. The cost of this is that multicast 474 data for (S,G) will be duplicated along the RPT received by AFBRs 475 affected by the SPT switch over, if at least one downstream AFBR 476 exists that has not yet sent Prune(S,G,rpt) messages to the upstream 477 AFBR. 479 In certain deployment scenarios (e.g. if there is only a single 480 downstream router), the interface agent function is not required. 482 The mechanism used to achieve this is left to the implementation. 483 The following diagram provides one possible solution for an 484 "interface agent" implementation: 486 +----------------------------------------+ 487 | | 488 | +-----------+----------+ | 489 | | PIM-SM | UDP | | 490 | +-----------+----------+ | 491 | ^ | | 492 | | | | 493 | | v | 494 | +----------------------+ | 495 | | I/F Agent | | 496 | +----------------------+ | 497 | PIM ^ | multicast | 498 | messages | | data | 499 | | +-------------+---+ | 500 | +--+--|-----------+ | | 501 | | v | v | 502 | +--------- + +----------+ | 503 | | I-IP I/F | | I-IP I/F | | 504 | +----------+ +----------+ | 505 | ^ | ^ | | 506 | | | | | | 507 +--------|-----|----------|-----|--------+ 508 | v | v 510 Figure 4: Interface Agent Implementation Example 512 Figure 4 shows an example of an interface agent implementation using 513 UDP encapsulation. The interface agent has two responsibilities: In 514 the control plane, it SHOULD work as a real interface that has joined 515 (*,G), representing of all the I-IP interfaces which are outgoing 516 interfaces of the (*,G) state machine, and process the (S,G,rpt) 517 messages received from all the I-IP interfaces. 519 The interface agent maintains downstream (S,G,rpt) state machines for 520 every downstream AFBR, and submits Prune (S,G,rpt) messages to the 521 PIM-SM module only when every (S,G,rpt) state machine is in the 522 Prune(P) or PruneTmp(P') state, which means that no downstream AFBR 523 is subscribed to receive multicast data for (S,G) along the RPT of G. 524 Once a (S,G,rpt) state machine changes to NoInfo(NI) state, which 525 means that the corresponding downstream AFBR has switched to receive 526 multicast data of (S,G) along the RPT again, the interface agent 527 SHOULD send a Join (S,G,rpt) to the PIM-SM module immediately. 529 In the data plane, upon receiving a multicast data packet, the 530 interface agent SHOULD encapsulate it at first, then propagate the 531 encapsulated packet from every I-IP interface. 533 NOTICE: It is possible that an E-IP neighbor of RP' has joined the 534 RPT of G, so the per-interface state machine for receiving E-IP Join/ 535 Prune (S,G,rpt) messages SHOULD be preserved. 537 6.5. SPT Switchover 539 After a new AFBR requests the receipt of traffic destined for a 540 multicast group, it will receive all the data from the RPT at first. 541 At this time, every downstream AFBR will receive multicast data from 542 any source from this RPT, in spite of whether they have switched over 543 to an SPT or not. 545 To minimize this redundancy, it is recommended that every AFBR's 546 SwitchToSptDesired(S,G) function employs the "switch on first packet" 547 policy. In this way, the delay in switchover to SPT is kept as small 548 as possible, and after the moment that every AFBR has performed the 549 SPT switchover for every S of group G, no data will be forwarded in 550 the RPT of G, thus no more unnecessary duplication will be produced. 552 6.6. Other PIM Message Types 554 In addition to Join or Prune, other message types exist, including 555 Register, Register-Stop, Hello and Assert. Register and Register- 556 Stop messages are sent by unicast, while Hello and Assert messages 557 are only used between directly linked routers to negotiate with each 558 other. It is not necessary to translate these for forwarding, thus 559 the processing of these messages is out of scope for this document. 561 6.7. Other PIM States Maintenance 563 In addition to states mentioned above, other states exist, including 564 (*,*,RP) and I-IP (*,G') state. Since we treat the I-IP core as SSM- 565 only, the maintenance of these states is out of scope for this 566 document. 568 7. Data Plane Functions of the AFBR 569 7.1. Process and Forward Multicast Data 571 Refer to Section 7.4 of [RFC8114]. If there is at least one outgoing 572 interface whose IP address family is different from the incoming 573 interface, the AFBR MUST encapsulate this packet with 574 mPrefix46-derived and uPrefix46-derived IPv6 address to form an IPv6 575 multicast packet. 577 7.2. TTL 579 Processing of TTL information in protocol headers depends on the 580 tunneling technology [I-D.ietf-intarea-tunnels], and it is out of 581 scope of this document. 583 7.3. Fragmentation 585 The encapsulation performed by an upstream AFBR will increase the 586 size of packets. As a result, the outgoing I-IP link MTU may not 587 accommodate the larger packet size. It is not always possible for 588 core operators to increase the MTU of every link, thus fragmentation 589 after encapsulation and reassembling of encapsulated packets MUST be 590 supported by AFBRs [RFC5565]. The specific requirements for 591 fragmentation and tunnel configuration COULD be referred to in 592 [I-D.ietf-intarea-tunnels], which is under revision currently. 594 8. Packet Format and Translation 596 Because the PIM-SM Specification is independent of the underlying 597 unicast routing protocol, the packet format in Section 4.9 of 598 [RFC7761] remains the same, except that the group address and source 599 address MUST be translated when traversing an AFBR. 601 For example, Figure 5 shows the register-stop message format in the 602 IPv4 and IPv6 address families. 604 0 1 2 3 605 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 606 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 607 |PIM Ver| Type | Reserved | Checksum | 608 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 609 | IPv4 Group Address (Encoded-Group format) | 610 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 611 | IPv4 Source Address (Encoded-Unicast format) | 612 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 613 (1). IPv4 Register-Stop Message Format 615 0 1 2 3 616 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 617 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 618 |PIM Ver| Type | Reserved | Checksum | 619 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 620 | IPv6 Group Address (Encoded-Group format) | 621 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 622 | IPv6 Source Address (Encoded-Unicast format) | 623 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 624 (2). IPv6 Register-Stop Message Format 626 Figure 5: Register-Stop Message Format 628 In Figure 5, the semantics of fields "PIM Ver", "Type", "Reserved", 629 and "Checksum" can be referred in Section 4.9 of [RFC7761]. 631 IPv4 Group Address (Encoded-Group format): The encoded-group format 632 of the IPv4 group address described in Section 4.2. 634 IPv4 Source Address (Encoded-Group format): The encoded-unicast 635 format of the IPv4 source address described in Section 4.3. 637 IPv6 Group Address (Encoded-Group format): The encoded-group format 638 of the IPv6 group address described in Section 4.2. 640 IPv6 Source Address (Encoded-Group format): The encoded-unicast 641 format of the IPv6 source address described in Section 4.3. 643 9. Softwire Mesh Multicast Encapsulation 645 Softwire mesh multicast encapsulation does not require the use of any 646 one particular encapsulation mechanism. Rather, it MUST accommodate 647 a variety of different encapsulation mechanisms, and allow the use of 648 encapsulation mechanisms mentioned in [RFC4925]. Additionally, all 649 of the AFBRs attached to the I-IP network MUST implement the same 650 encapsulation mechanism, and follow the requirements mentioned in 651 [I-D.ietf-intarea-tunnels]. 653 10. Security Considerations 655 The security concerns raised in [RFC4925] and [RFC7761] are 656 applicable here. 658 The additional workload associated with some schemes could be 659 exploited by an attacker to perform a DDoS attack. 661 Compared with [RFC4925], the security concerns SHOULD be considered 662 more carefully: an attacker could potentially set up many multicast 663 trees in the edge networks, causing too many multicast states in the 664 core network. To defend against these attacks, BGP policies SHOULD 665 be carefully configured, e.g., AFBRs only accept Well-Known prefix 666 advertisements from trusted peers. 668 11. IANA Considerations 670 This document includes no request to IANA. 672 12. References 674 12.1. Normative References 676 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 677 Requirement Levels", BCP 14, RFC 2119, 678 DOI 10.17487/RFC2119, March 1997, 679 . 681 [RFC4760] Bates, T., Chandra, R., Katz, D., and Y. Rekhter, 682 "Multiprotocol Extensions for BGP-4", RFC 4760, 683 DOI 10.17487/RFC4760, January 2007, 684 . 686 [RFC5565] Wu, J., Cui, Y., Metz, C., and E. Rosen, "Softwire Mesh 687 Framework", RFC 5565, DOI 10.17487/RFC5565, June 2009, 688 . 690 [RFC6052] Bao, C., Huitema, C., Bagnulo, M., Boucadair, M., and X. 691 Li, "IPv6 Addressing of IPv4/IPv6 Translators", RFC 6052, 692 DOI 10.17487/RFC6052, October 2010, 693 . 695 [RFC6333] Durand, A., Droms, R., Woodyatt, J., and Y. Lee, "Dual- 696 Stack Lite Broadband Deployments Following IPv4 697 Exhaustion", RFC 6333, DOI 10.17487/RFC6333, August 2011, 698 . 700 [RFC6513] Rosen, E., Ed. and R. Aggarwal, Ed., "Multicast in MPLS/ 701 BGP IP VPNs", RFC 6513, DOI 10.17487/RFC6513, February 702 2012, . 704 [RFC7761] Fenner, B., Handley, M., Holbrook, H., Kouvelas, I., 705 Parekh, R., Zhang, Z., and L. Zheng, "Protocol Independent 706 Multicast - Sparse Mode (PIM-SM): Protocol Specification 707 (Revised)", STD 83, RFC 7761, DOI 10.17487/RFC7761, March 708 2016, . 710 [RFC7899] Morin, T., Ed., Litkowski, S., Patel, K., Zhang, Z., 711 Kebler, R., and J. Haas, "Multicast VPN State Damping", 712 RFC 7899, DOI 10.17487/RFC7899, June 2016, 713 . 715 [RFC8114] Boucadair, M., Qin, C., Jacquenet, C., Lee, Y., and Q. 716 Wang, "Delivery of IPv4 Multicast Services to IPv4 Clients 717 over an IPv6 Multicast Network", RFC 8114, 718 DOI 10.17487/RFC8114, March 2017, 719 . 721 12.2. Informative References 723 [I-D.ietf-intarea-tunnels] 724 Touch, J. and M. Townsley, "IP Tunnels in the Internet 725 Architecture", draft-ietf-intarea-tunnels-09 (work in 726 progress), July 2018. 728 [RFC4925] Li, X., Ed., Dawkins, S., Ed., Ward, D., Ed., and A. 729 Durand, Ed., "Softwire Problem Statement", RFC 4925, 730 DOI 10.17487/RFC4925, July 2007, 731 . 733 Appendix A. Acknowledgements 735 Wenlong Chen, Xuan Chen, Alain Durand, Yiu Lee, Jacni Qin and Stig 736 Venaas provided useful input into this document. 738 Authors' Addresses 739 Mingwei Xu 740 Tsinghua University 741 Department of Computer Science, Tsinghua University 742 Beijing 100084 743 P.R. China 745 Phone: +86-10-6278-5822 746 Email: xumw@tsinghua.edu.cn 748 Yong Cui 749 Tsinghua University 750 Department of Computer Science, Tsinghua University 751 Beijing 100084 752 P.R. China 754 Phone: +86-10-6278-5822 755 Email: cuiyong@tsinghua.edu.cn 757 Jianping Wu 758 Tsinghua University 759 Department of Computer Science, Tsinghua University 760 Beijing 100084 761 P.R. China 763 Phone: +86-10-6278-5983 764 Email: jianping@cernet.edu.cn 766 Shu Yang 767 Shenzhen University 768 South Campus, Shenzhen University 769 Shenzhen 518060 770 P.R. China 772 Phone: +86-755-2653-4078 773 Email: yang.shu@szu.edu.cn 775 Chris Metz 776 Cisco Systems 777 170 West Tasman Drive 778 San Jose, CA 95134 779 USA 781 Phone: +1-408-525-3275 782 Email: chmetz@cisco.com