idnits 2.17.1 draft-smack-mpls-rfc4379bis-06.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** There are 2 instances of too long lines in the document, the longest one being 4 characters in excess of 72. == There are 9 instances of lines with non-RFC6890-compliant IPv4 addresses in the document. If these are example addresses, they should be changed. == There are 1 instance of lines with multicast IPv4 addresses in the document. If these are generic example addresses, they should be changed to use the 233.252.0.x range defined in RFC 5771 == There are 8 instances of lines with private range IPv4 addresses in the document. If these are generic example addresses, they should be changed to use any of the ranges defined in RFC 6890 (or successor): 192.0.2.x, 198.51.100.x or 203.0.113.x. -- The draft header indicates that this document obsoletes RFC6829, but the abstract doesn't seem to mention this, which it should. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (October 6, 2015) is 3125 days in the past. Is this intentional? -- Found something which looks like a code comment -- if you have code sections in the document, please surround them with '' and '' lines. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'FEC-stack-depth' is mentioned on line 1827, but not defined ** Downref: Normative reference to an Informational RFC: RFC 4026 ** Obsolete normative reference: RFC 4379 (Obsoleted by RFC 8029) ** Obsolete normative reference: RFC 5226 (Obsoleted by RFC 8126) -- Obsolete informational reference (is this intentional?): RFC 3107 (Obsoleted by RFC 8277) -- Obsolete informational reference (is this intentional?): RFC 4447 (Obsoleted by RFC 8077) Summary: 4 errors (**), 0 flaws (~~), 5 warnings (==), 5 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group C. Pignataro 3 Internet-Draft N. Kumar 4 Obsoletes: 4379, 6829 (if approved) Cisco 5 Intended status: Standards Track S. Aldrin 6 Expires: April 8, 2016 Google 7 M. Chen 8 Huawei 9 October 6, 2015 11 Detecting Multi-Protocol Label Switched (MPLS) Data Plane Failures 12 draft-smack-mpls-rfc4379bis-06 14 Abstract 16 This document describes a simple and efficient mechanism that can be 17 used to detect data plane failures in Multi-Protocol Label Switching 18 (MPLS) Label Switched Paths (LSPs). There are two parts to this 19 document: information carried in an MPLS "echo request" and "echo 20 reply" for the purposes of fault detection and isolation, and 21 mechanisms for reliably sending the echo reply. 23 This document obsoletes RFC 4379. 25 Status of This Memo 27 This Internet-Draft is submitted in full conformance with the 28 provisions of BCP 78 and BCP 79. 30 Internet-Drafts are working documents of the Internet Engineering 31 Task Force (IETF). Note that other groups may also distribute 32 working documents as Internet-Drafts. The list of current Internet- 33 Drafts is at http://datatracker.ietf.org/drafts/current/. 35 Internet-Drafts are draft documents valid for a maximum of six months 36 and may be updated, replaced, or obsoleted by other documents at any 37 time. It is inappropriate to use Internet-Drafts as reference 38 material or to cite them other than as "work in progress." 40 This Internet-Draft will expire on April 8, 2016. 42 Copyright Notice 44 Copyright (c) 2015 IETF Trust and the persons identified as the 45 document authors. All rights reserved. 47 This document is subject to BCP 78 and the IETF Trust's Legal 48 Provisions Relating to IETF Documents 49 (http://trustee.ietf.org/license-info) in effect on the date of 50 publication of this document. Please review these documents 51 carefully, as they describe your rights and restrictions with respect 52 to this document. Code Components extracted from this document must 53 include Simplified BSD License text as described in Section 4.e of 54 the Trust Legal Provisions and are provided without warranty as 55 described in the Simplified BSD License. 57 Table of Contents 59 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 60 1.1. Conventions . . . . . . . . . . . . . . . . . . . . . . . 3 61 1.2. Structure of This Document . . . . . . . . . . . . . . . 4 62 1.3. Contributors . . . . . . . . . . . . . . . . . . . . . . 4 63 1.4. Scope of RFC4379bis work . . . . . . . . . . . . . . . . 4 64 1.5. ToDo . . . . . . . . . . . . . . . . . . . . . . . . . . 5 65 2. Motivation . . . . . . . . . . . . . . . . . . . . . . . . . 5 66 2.1. Use of Address Range 127/8 . . . . . . . . . . . . . . . 6 67 3. Packet Format . . . . . . . . . . . . . . . . . . . . . . . . 7 68 3.1. Return Codes . . . . . . . . . . . . . . . . . . . . . . 12 69 3.2. Target FEC Stack . . . . . . . . . . . . . . . . . . . . 12 70 3.2.1. LDP IPv4 Prefix . . . . . . . . . . . . . . . . . . . 14 71 3.2.2. LDP IPv6 Prefix . . . . . . . . . . . . . . . . . . . 14 72 3.2.3. RSVP IPv4 LSP . . . . . . . . . . . . . . . . . . . . 14 73 3.2.4. RSVP IPv6 LSP . . . . . . . . . . . . . . . . . . . . 15 74 3.2.5. VPN IPv4 Prefix . . . . . . . . . . . . . . . . . . . 15 75 3.2.6. VPN IPv6 Prefix . . . . . . . . . . . . . . . . . . . 16 76 3.2.7. L2 VPN Endpoint . . . . . . . . . . . . . . . . . . . 17 77 3.2.8. FEC 128 Pseudowire - IPv4 (Deprecated) . . . . . . . 17 78 3.2.9. FEC 128 Pseudowire - IPv4 (Current) . . . . . . . . . 18 79 3.2.10. FEC 129 Pseudowire - IPv4 . . . . . . . . . . . . . . 19 80 3.2.11. BGP Labeled IPv4 Prefix . . . . . . . . . . . . . . . 20 81 3.2.12. BGP Labeled IPv6 Prefix . . . . . . . . . . . . . . . 20 82 3.2.13. Generic IPv4 Prefix . . . . . . . . . . . . . . . . . 21 83 3.2.14. Generic IPv6 Prefix . . . . . . . . . . . . . . . . . 21 84 3.2.15. Nil FEC . . . . . . . . . . . . . . . . . . . . . . . 22 85 3.2.16. FEC 128 Pseudowire - IPv6 . . . . . . . . . . . . . . 22 86 3.2.17. FEC 129 Pseudowire - IPv6 . . . . . . . . . . . . . . 23 87 3.3. Downstream Mapping . . . . . . . . . . . . . . . . . . . 24 88 3.3.1. Multipath Information Encoding . . . . . . . . . . . 27 89 3.3.2. Downstream Router and Interface . . . . . . . . . . . 29 90 3.4. Pad TLV . . . . . . . . . . . . . . . . . . . . . . . . . 30 91 3.5. Vendor Enterprise Number . . . . . . . . . . . . . . . . 30 92 3.6. Interface and Label Stack . . . . . . . . . . . . . . . . 31 93 3.7. Errored TLVs . . . . . . . . . . . . . . . . . . . . . . 32 94 3.8. Reply TOS Byte TLV . . . . . . . . . . . . . . . . . . . 32 95 4. Theory of Operation . . . . . . . . . . . . . . . . . . . . . 33 96 4.1. Dealing with Equal-Cost Multi-Path (ECMP) . . . . . . . . 33 97 4.2. Testing LSPs That Are Used to Carry MPLS Payloads . . . . 34 98 4.3. Sending an MPLS Echo Request . . . . . . . . . . . . . . 34 99 4.4. Receiving an MPLS Echo Request . . . . . . . . . . . . . 35 100 4.4.1. FEC Validation . . . . . . . . . . . . . . . . . . . 41 101 4.5. Sending an MPLS Echo Reply . . . . . . . . . . . . . . . 42 102 4.6. Receiving an MPLS Echo Reply . . . . . . . . . . . . . . 43 103 4.7. Issue with VPN IPv4 and IPv6 Prefixes . . . . . . . . . . 43 104 4.8. Non-compliant Routers . . . . . . . . . . . . . . . . . . 44 105 5. Security Considerations . . . . . . . . . . . . . . . . . . . 44 106 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 45 107 6.1. Message Types, Reply Modes, Return Codes . . . . . . . . 46 108 6.2. TLVs . . . . . . . . . . . . . . . . . . . . . . . . . . 46 109 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 47 110 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 48 111 8.1. Normative References . . . . . . . . . . . . . . . . . . 48 112 8.2. Informative References . . . . . . . . . . . . . . . . . 49 113 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 50 115 1. Introduction 117 This document describes a simple and efficient mechanism that can be 118 used to detect data plane failures in MPLS Label Switched Paths 119 (LSPs). There are two parts to this document: information carried in 120 an MPLS "echo request" and "echo reply", and mechanisms for 121 transporting the echo reply. The first part aims at providing enough 122 information to check correct operation of the data plane, as well as 123 a mechanism to verify the data plane against the control plane, and 124 thereby localize faults. The second part suggests two methods of 125 reliable reply channels for the echo request message for more robust 126 fault isolation. 128 An important consideration in this design is that MPLS echo requests 129 follow the same data path that normal MPLS packets would traverse. 130 MPLS echo requests are meant primarily to validate the data plane, 131 and secondarily to verify the data plane against the control plane. 132 Mechanisms to check the control plane are valuable, but are not 133 covered in this document. 135 This document makes special use of the address range 127/8. This is 136 an exception to the behavior defined in RFC 1122 [RFC1122] and 137 updates that RFC. The motivation for this change and the details of 138 this exceptional use are discussed in section 2.1 below. 140 1.1. Conventions 142 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 143 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 144 document are to be interpreted as described in RFC 2119 [RFC2119]. 146 The term "Must Be Zero" (MBZ) is used in object descriptions for 147 reserved fields. These fields MUST be set to zero when sent and 148 ignored on receipt. 150 Terminology pertaining to L2 and L3 Virtual Private Networks (VPNs) 151 is defined in [RFC4026]. 153 Since this document refers to the MPLS Time to Live (TTL) far more 154 frequently than the IP TTL, the authors have chosen the convention of 155 using the unqualified "TTL" to mean "MPLS TTL" and using "IP TTL" for 156 the TTL value in the IP header. 158 1.2. Structure of This Document 160 The body of this memo contains four main parts: motivation, MPLS echo 161 request/reply packet format, LSP ping operation, and a reliable 162 return path. It is suggested that first-time readers skip the actual 163 packet formats and read the Theory of Operation first; the document 164 is structured the way it is to avoid forward references. 166 1.3. Contributors 168 A mechanism used to detect data plane failures in Multi-Protocol 169 Label Switching (MPLS) Label Switched Paths (LSPs) was originally 170 published as RFC 4379 in February 2006. It was produced by the MPLS 171 Working Group of the IETF and was jointly authored by Kireeti 172 Kompella and George Swallow. 174 The following made vital contributions to all aspects of the original 175 RFC 4379, and much of the material came out of debate and discussion 176 among this group. 178 Ronald P. Bonica, Juniper Networks, Inc. 179 Dave Cooper, Global Crossing 180 Ping Pan, Hammerhead Systems 181 Nischal Sheth, Juniper Networks, Inc. 182 Sanjay Wadhwa, Juniper Networks, Inc. 184 1.4. Scope of RFC4379bis work 186 The goal of this document is to take LSP Ping to an Internet 187 Standard. 189 [RFC4379] defines the basic mechanism for MPLS LSP validation that 190 can be used for fault detection and isolation. The scope of this 191 document also is to address various updates to MPLS LSP Ping, 192 including: 194 1. Updates to all references and citations. Obsoleted RFCs 2434, 195 2030, and 3036 are respectively replaced with RFCs 5226, 5905, 196 and 5036. Additionally, these three documents published as RFCs: 197 RFCs 4447, 5085, and 4761. 198 2. Incorporate all outstanding Errata. These include Erratum with 199 IDs: 108, 1418, 1714, 1786, 3399, 742, and 2978. 200 3. Replace EXP with Traffic Class (TC), based on the update from RFC 201 5462. 202 4. Incorporate the updates from RFC 6829, adding the PW FECs 203 advertised over IPv6. 205 1.5. ToDo 207 This section should be empty, and removed, prior to publication. 208 ToDos: 210 1. Evaluation of which of the RFCs that updated RFC 4379 need to be 211 incorporated into this 4379bis document. Specifically, these 212 RFCs updated RFC 4379: 6424, 6425, 6426, 7506, and 7537. RFCs 213 that updated RFC 4379 and are incorporated into this 4379bis, 214 will be Obsoleted by 4379bis. 215 2. Review IANA Allocations 217 2. Motivation 219 When an LSP fails to deliver user traffic, the failure cannot always 220 be detected by the MPLS control plane. There is a need to provide a 221 tool that would enable users to detect such traffic "black holes" or 222 misrouting within a reasonable period of time, and a mechanism to 223 isolate faults. 225 In this document, we describe a mechanism that accomplishes these 226 goals. This mechanism is modeled after the ping/traceroute paradigm: 227 ping (ICMP echo request [RFC0792]) is used for connectivity checks, 228 and traceroute is used for hop-by-hop fault localization as well as 229 path tracing. This document specifies a "ping" mode and a 230 "traceroute" mode for testing MPLS LSPs. 232 The basic idea is to verify that packets that belong to a particular 233 Forwarding Equivalence Class (FEC) actually end their MPLS path on a 234 Label Switching Router (LSR) that is an egress for that FEC. This 235 document proposes that this test be carried out by sending a packet 236 (called an "MPLS echo request") along the same data path as other 237 packets belonging to this FEC. An MPLS echo request also carries 238 information about the FEC whose MPLS path is being verified. This 239 echo request is forwarded just like any other packet belonging to 240 that FEC. In "ping" mode (basic connectivity check), the packet 241 should reach the end of the path, at which point it is sent to the 242 control plane of the egress LSR, which then verifies whether it is 243 indeed an egress for the FEC. In "traceroute" mode (fault 244 isolation), the packet is sent to the control plane of each transit 245 LSR, which performs various checks that it is indeed a transit LSR 246 for this path; this LSR also returns further information that helps 247 check the control plane against the data plane, i.e., that forwarding 248 matches what the routing protocols determined as the path. 250 One way these tools can be used is to periodically ping an FEC to 251 ensure connectivity. If the ping fails, one can then initiate a 252 traceroute to determine where the fault lies. One can also 253 periodically traceroute FECs to verify that forwarding matches the 254 control plane; however, this places a greater burden on transit LSRs 255 and thus should be used with caution. 257 2.1. Use of Address Range 127/8 259 As described above, LSP ping is intended as a diagnostic tool. It is 260 intended to enable providers of an MPLS-based service to isolate 261 network faults. In particular, LSP ping needs to diagnose situations 262 where the control and data planes are out of sync. It performs this 263 by routing an MPLS echo request packet based solely on its label 264 stack. That is, the IP destination address is never used in a 265 forwarding decision. In fact, the sender of an MPLS echo request 266 packet may not know, a priori, the address of the router at the end 267 of the LSP. 269 Providers of MPLS-based services also need the ability to trace all 270 of the possible paths that an LSP may take. Since most MPLS services 271 are based on IP unicast forwarding, these paths are subject to equal- 272 cost multi-path (ECMP) load sharing. 274 This leads to the following requirements: 276 1. Although the LSP in question may be broken in unknown ways, the 277 likelihood of a diagnostic packet being delivered to a user of an 278 MPLS service MUST be held to an absolute minimum. 280 2. If an LSP is broken in such a way that it prematurely terminates, 281 the diagnostic packet MUST NOT be IP forwarded. 283 3. A means of varying the diagnostic packets such that they exercise 284 all ECMP paths is thus REQUIRED. 286 Clearly, using general unicast addresses satisfies neither of the 287 first two requirements. A number of other options for addresses were 288 considered, including a portion of the private address space (as 289 determined by the network operator) and the newly designated IPv4 290 link local addresses. Use of the private address space was deemed 291 ineffective since the leading MPLS-based service is an IPv4 Virtual 292 Private Network (VPN). VPNs often use private addresses. 294 The IPv4 link local addresses are more attractive in that the scope 295 over which they can be forwarded is limited. However, if one were to 296 use an address from this range, it would still be possible for the 297 first recipient of a diagnostic packet that "escaped" from a broken 298 LSP to have that address assigned to the interface on which it 299 arrived and thus could mistakenly receive such a packet. 300 Furthermore, the IPv4 link local address range has only recently been 301 allocated. Many deployed routers would forward a packet with an 302 address from that range toward the default route. 304 The 127/8 range for IPv4 and that same range embedded in as 305 IPv4-mapped IPv6 addresses for IPv6 was chosen for a number of 306 reasons. 308 RFC 1122 allocates the 127/8 as "Internal host loopback address" and 309 states: "Addresses of this form MUST NOT appear outside a host." 310 Thus, the default behavior of hosts is to discard such packets. This 311 helps to ensure that if a diagnostic packet is misdirected to a host, 312 it will be silently discarded. 314 RFC 1812 [RFC1812] states: 316 A router SHOULD NOT forward, except over a loopback interface, any 317 packet that has a destination address on network 127. A router 318 MAY have a switch that allows the network manager to disable these 319 checks. If such a switch is provided, it MUST default to 320 performing the checks. 322 This helps to ensure that diagnostic packets are never IP forwarded. 324 The 127/8 address range provides 16M addresses allowing wide 325 flexibility in varying addresses to exercise ECMP paths. Finally, as 326 an implementation optimization, the 127/8 provides an easy means of 327 identifying possible LSP packets. 329 3. Packet Format 331 An MPLS echo request is a (possibly labeled) IPv4 or IPv6 UDP packet; 332 the contents of the UDP packet have the following format: 334 0 1 2 3 335 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 336 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 337 | Version Number | Global Flags | 338 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 339 | Message Type | Reply mode | Return Code | Return Subcode| 340 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 341 | Sender's Handle | 342 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 343 | Sequence Number | 344 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 345 | TimeStamp Sent (seconds) | 346 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 347 | TimeStamp Sent (seconds fraction) | 348 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 349 | TimeStamp Received (seconds) | 350 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 351 | TimeStamp Received (seconds fraction) | 352 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 353 | TLVs ... | 354 . . 355 . . 356 . . 357 | | 358 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 360 The Version Number is currently 1. (Note: the version number is to 361 be incremented whenever a change is made that affects the ability of 362 an implementation to correctly parse or process an MPLS echo request/ 363 reply. These changes include any syntactic or semantic changes made 364 to any of the fixed fields, or to any Type-Length-Value (TLV) or sub- 365 TLV assignment or format that is defined at a certain version number. 366 The version number may not need to be changed if an optional TLV or 367 sub-TLV is added.) 369 The Global Flags field is a bit vector with the following format: 371 0 1 372 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 373 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 374 | MBZ |V| 375 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 377 One flag is defined for now, the V bit; the rest MUST be set to zero 378 when sending and ignored on receipt. 380 The V (Validate FEC Stack) flag is set to 1 if the sender wants the 381 receiver to perform FEC Stack validation; if V is 0, the choice is 382 left to the receiver. 384 The Message Type is one of the following: 386 Value Meaning 387 ----- ------- 388 1 MPLS echo request 389 2 MPLS echo reply 391 The Reply Mode can take one of the following values: 393 Value Meaning 394 ----- ------- 395 1 Do not reply 396 2 Reply via an IPv4/IPv6 UDP packet 397 3 Reply via an IPv4/IPv6 UDP packet with Router Alert 398 4 Reply via application level control channel 400 An MPLS echo request with 1 (Do not reply) in the Reply Mode field 401 may be used for one-way connectivity tests; the receiving router may 402 log gaps in the Sequence Numbers and/or maintain delay/jitter 403 statistics. An MPLS echo request would normally have 2 (Reply via an 404 IPv4/IPv6 UDP packet) in the Reply Mode field. If the normal IP 405 return path is deemed unreliable, one may use 3 (Reply via an IPv4/ 406 IPv6 UDP packet with Router Alert). Note that this requires that all 407 intermediate routers understand and know how to forward MPLS echo 408 replies. The echo reply uses the same IP version number as the 409 received echo request, i.e., an IPv4 encapsulated echo reply is sent 410 in response to an IPv4 encapsulated echo request. 412 Some applications support an IP control channel. One such example is 413 the associated control channel defined in Virtual Circuit 414 Connectivity Verification (VCCV) [RFC5085]. Any application that 415 supports an IP control channel between its control entities may set 416 the Reply Mode to 4 (Reply via application level control channel) to 417 ensure that replies use that same channel. Further definition of 418 this codepoint is application specific and thus beyond the scope of 419 this document. 421 Return Codes and Subcodes are described in the next section. 423 The Sender's Handle is filled in by the sender, and returned 424 unchanged by the receiver in the echo reply (if any). There are no 425 semantics associated with this handle, although a sender may find 426 this useful for matching up requests with replies. 428 The Sequence Number is assigned by the sender of the MPLS echo 429 request and can be (for example) used to detect missed replies. 431 The TimeStamp Sent is the time-of-day (according to the sender's 432 clock) in NTP format [RFC5905] when the MPLS echo request is sent. 433 The TimeStamp Received in an echo reply is the time-of-day (according 434 to the receiver's clock) in NTP format that the corresponding echo 435 request was received. 437 TLVs (Type-Length-Value tuples) have the following format: 439 0 1 2 3 440 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 441 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 442 | Type | Length | 443 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 444 | Value | 445 . . 446 . . 447 . . 448 | | 449 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 451 Types are defined below; Length is the length of the Value field in 452 octets. The Value field depends on the Type; it is zero padded to 453 align to a 4-octet boundary. TLVs may be nested within other TLVs, 454 in which case the nested TLVs are called sub-TLVs. Sub-TLVs have 455 independent types and MUST also be 4-octet aligned. 457 Two examples follow. The Label Distribution Protocol (LDP) IPv4 FEC 458 sub-TLV has the following format: 460 0 1 2 3 461 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 462 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 463 | Type = 1 (LDP IPv4 FEC) | Length = 5 | 464 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 465 | IPv4 prefix | 466 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 467 | Prefix Length | Must Be Zero | 468 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 470 The Length for this TLV is 5. A Target FEC Stack TLV that contains 471 an LDP IPv4 FEC sub-TLV and a VPN IPv4 prefix sub-TLV has the 472 following format: 474 0 1 2 3 475 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 476 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 477 | Type = 1 (FEC TLV) | Length = 32 | 478 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 479 | sub-Type = 1 (LDP IPv4 FEC) | Length = 5 | 480 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 481 | IPv4 prefix | 482 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 483 | Prefix Length | Must Be Zero | 484 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 485 | sub-Type = 6 (VPN IPv4 prefix)| Length = 13 | 486 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 487 | Route Distinguisher | 488 | (8 octets) | 489 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 490 | IPv4 prefix | 491 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 492 | Prefix Length | Must Be Zero | 493 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 495 A description of the Types and Values of the top-level TLVs for LSP 496 ping are given below: 498 Type # Value Field 499 ------ ----------- 500 1 Target FEC Stack 501 2 Downstream Mapping 502 3 Pad 503 4 Not Assigned 504 5 Vendor Enterprise Number 505 6 Not Assigned 506 7 Interface and Label Stack 507 8 Not Assigned 508 9 Errored TLVs 509 10 Reply TOS Byte 511 Types less than 32768 (i.e., with the high-order bit equal to 0) are 512 mandatory TLVs that MUST either be supported by an implementation or 513 result in the return code of 2 ("One or more of the TLVs was not 514 understood") being sent in the echo response. 516 Types greater than or equal to 32768 (i.e., with the high-order bit 517 equal to 1) are optional TLVs that SHOULD be ignored if the 518 implementation does not understand or support them. 520 3.1. Return Codes 522 The Return Code is set to zero by the sender. The receiver can set 523 it to one of the values listed below. The notation refers to 524 the Return Subcode. This field is filled in with the stack-depth for 525 those codes that specify that. For all other codes, the Return 526 Subcode MUST be set to zero. 528 Value Meaning 529 ----- ------- 530 0 No return code 531 1 Malformed echo request received 532 2 One or more of the TLVs was not understood 533 3 Replying router is an egress for the FEC at stack- 534 depth 535 4 Replying router has no mapping for the FEC at stack- 536 depth 537 5 Downstream Mapping Mismatch (See Note 1) 538 6 Upstream Interface Index Unknown (See Note 1) 539 7 Reserved 540 8 Label switched at stack-depth 541 9 Label switched but no MPLS forwarding at stack-depth 542 543 10 Mapping for this FEC is not the given label at stack- 544 depth 545 11 No label entry at stack-depth 546 12 Protocol not associated with interface at FEC stack- 547 depth 548 13 Premature termination of ping due to label stack 549 shrinking to a single label 551 Note 1 553 The Return Subcode contains the point in the label stack where 554 processing was terminated. If the RSC is 0, no labels were 555 processed. Otherwise the packet would have been label switched at 556 depth RSC. 558 3.2. Target FEC Stack 560 A Target FEC Stack is a list of sub-TLVs. The number of elements is 561 determined by looking at the sub-TLV length fields. 563 Sub-Type Length Value Field 564 -------- ------ ----------- 565 1 5 LDP IPv4 prefix 566 2 17 LDP IPv6 prefix 567 3 20 RSVP IPv4 LSP 568 4 56 RSVP IPv6 LSP 569 5 Not Assigned 570 6 13 VPN IPv4 prefix 571 7 25 VPN IPv6 prefix 572 8 14 L2 VPN endpoint 573 9 10 "FEC 128" Pseudowire - IPv4 (deprecated) 574 10 14 "FEC 128" Pseudowire - IPv4 575 11 16+ "FEC 129" Pseudowire - IPv4 576 12 5 BGP labeled IPv4 prefix 577 13 17 BGP labeled IPv6 prefix 578 14 5 Generic IPv4 prefix 579 15 17 Generic IPv6 prefix 580 16 4 Nil FEC 581 24 38 "FEC 128" Pseudowire - IPv6 582 25 40+ "FEC 129" Pseudowire - IPv6 584 Other FEC Types will be defined as needed. 586 Note that this TLV defines a stack of FECs, the first FEC element 587 corresponding to the top of the label stack, etc. 589 An MPLS echo request MUST have a Target FEC Stack that describes the 590 FEC Stack being tested. For example, if an LSR X has an LDP mapping 591 [RFC5036] for 192.168.1.1 (say, label 1001), then to verify that 592 label 1001 does indeed reach an egress LSR that announced this prefix 593 via LDP, X can send an MPLS echo request with an FEC Stack TLV with 594 one FEC in it, namely, of type LDP IPv4 prefix, with prefix 595 192.168.1.1/32, and send the echo request with a label of 1001. 597 Say LSR X wanted to verify that a label stack of <1001, 23456> is the 598 right label stack to use to reach a VPN IPv4 prefix [see section 599 3.2.5] of 10/8 in VPN foo. Say further that LSR Y with loopback 600 address 192.168.1.1 announced prefix 10/8 with Route Distinguisher 601 RD-foo-Y (which may in general be different from the Route 602 Distinguisher that LSR X uses in its own advertisements for VPN foo), 603 label 23456 and BGP next hop 192.168.1.1 [RFC4271]. Finally, suppose 604 that LSR X receives a label binding of 1001 for 192.168.1.1 via LDP. 605 X has two choices in sending an MPLS echo request: X can send an MPLS 606 echo request with an FEC Stack TLV with a single FEC of type VPN IPv4 607 prefix with a prefix of 10/8 and a Route Distinguisher of RD-foo-Y. 608 Alternatively, X can send an FEC Stack TLV with two FECs, the first 609 of type LDP IPv4 with a prefix of 192.168.1.1/32 and the second of 610 type of IP VPN with a prefix 10/8 with Route Distinguisher of RD-foo- 611 Y. In either case, the MPLS echo request would have a label stack of 612 <1001, 23456>. (Note: in this example, 1001 is the "outer" label and 613 23456 is the "inner" label.) 615 3.2.1. LDP IPv4 Prefix 617 The IPv4 Prefix FEC is defined in [RFC5036]. When an LDP IPv4 prefix 618 is encoded in a label stack, the following format is used. The value 619 consists of 4 octets of an IPv4 prefix followed by 1 octet of prefix 620 length in bits; the format is given below. The IPv4 prefix is in 621 network byte order; if the prefix is shorter than 32 bits, trailing 622 bits SHOULD be set to zero. See [RFC5036] for an example of a 623 Mapping for an IPv4 FEC. 625 0 1 2 3 626 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 627 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 628 | IPv4 prefix | 629 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 630 | Prefix Length | Must Be Zero | 631 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 633 3.2.2. LDP IPv6 Prefix 635 The IPv6 Prefix FEC is defined in [RFC5036]. When an LDP IPv6 prefix 636 is encoded in a label stack, the following format is used. The value 637 consists of 16 octets of an IPv6 prefix followed by 1 octet of prefix 638 length in bits; the format is given below. The IPv6 prefix is in 639 network byte order; if the prefix is shorter than 128 bits, the 640 trailing bits SHOULD be set to zero. See [RFC5036] for an example of 641 a Mapping for an IPv6 FEC. 643 0 1 2 3 644 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 645 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 646 | IPv6 prefix | 647 | (16 octets) | 648 | | 649 | | 650 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 651 | Prefix Length | Must Be Zero | 652 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 654 3.2.3. RSVP IPv4 LSP 656 The value has the format below. The value fields are taken from RFC 657 3209, sections 4.6.1.1 and 4.6.2.1. See [RFC3209]. 659 0 1 2 3 660 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 661 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 662 | IPv4 tunnel end point address | 663 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 664 | Must Be Zero | Tunnel ID | 665 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 666 | Extended Tunnel ID | 667 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 668 | IPv4 tunnel sender address | 669 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 670 | Must Be Zero | LSP ID | 671 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 673 3.2.4. RSVP IPv6 LSP 675 The value has the format below. The value fields are taken from RFC 676 3209, sections 4.6.1.2 and 4.6.2.2. See [RFC3209]. 678 0 1 2 3 679 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 680 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 681 | IPv6 tunnel end point address | 682 | | 683 | | 684 | | 685 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 686 | Must Be Zero | Tunnel ID | 687 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 688 | Extended Tunnel ID | 689 | | 690 | | 691 | | 692 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 693 | IPv6 tunnel sender address | 694 | | 695 | | 696 | | 697 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 698 | Must Be Zero | LSP ID | 699 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 701 3.2.5. VPN IPv4 Prefix 703 VPN-IPv4 Network Layer Routing Information (NLRI) is defined in 704 [RFC4365]. This document uses the term VPN IPv4 prefix for a VPN- 705 IPv4 NLRI that has been advertised with an MPLS label in BGP. See 706 [RFC3107]. 708 When a VPN IPv4 prefix is encoded in a label stack, the following 709 format is used. The value field consists of the Route Distinguisher 710 advertised with the VPN IPv4 prefix, the IPv4 prefix (with trailing 0 711 bits to make 32 bits in all), and a prefix length, as follows: 713 0 1 2 3 714 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 715 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 716 | Route Distinguisher | 717 | (8 octets) | 718 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 719 | IPv4 prefix | 720 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 721 | Prefix Length | Must Be Zero | 722 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 724 The Route Distinguisher (RD) is an 8-octet identifier; it does not 725 contain any inherent information. The purpose of the RD is solely to 726 allow one to create distinct routes to a common IPv4 address prefix. 727 The encoding of the RD is not important here. When matching this 728 field to the local FEC information, it is treated as an opaque value. 730 3.2.6. VPN IPv6 Prefix 732 VPN-IPv6 Network Layer Routing Information (NLRI) is defined in 733 [RFC4365]. This document uses the term VPN IPv6 prefix for a VPN- 734 IPv6 NLRI that has been advertised with an MPLS label in BGP. See 735 [RFC3107]. 737 When a VPN IPv6 prefix is encoded in a label stack, the following 738 format is used. The value field consists of the Route Distinguisher 739 advertised with the VPN IPv6 prefix, the IPv6 prefix (with trailing 0 740 bits to make 128 bits in all), and a prefix length, as follows: 742 0 1 2 3 743 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 744 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 745 | Route Distinguisher | 746 | (8 octets) | 747 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 748 | IPv6 prefix | 749 | | 750 | | 751 | | 752 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 753 | Prefix Length | Must Be Zero | 754 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 756 The Route Distinguisher is identical to the VPN IPv4 Prefix RD, 757 except that it functions here to allow the creation of distinct 758 routes to IPv6 prefixes. See section 3.2.5. When matching this 759 field to local FEC information, it is treated as an opaque value. 761 3.2.7. L2 VPN Endpoint 763 VPLS stands for Virtual Private LAN Service. The terms VPLS BGP NLRI 764 and VE ID (VPLS Edge Identifier) are defined in [RFC4761]. This 765 document uses the simpler term L2 VPN endpoint when referring to a 766 VPLS BGP NLRI. The Route Distinguisher is an 8-octet identifier used 767 to distinguish information about various L2 VPNs advertised by a 768 node. The VE ID is a 2-octet identifier used to identify a 769 particular node that serves as the service attachment point within a 770 VPLS. The structure of these two identifiers is unimportant here; 771 when matching these fields to local FEC information, they are treated 772 as opaque values. The encapsulation type is identical to the PW Type 773 in section 3.2.8 below. 775 When an L2 VPN endpoint is encoded in a label stack, the following 776 format is used. The value field consists of a Route Distinguisher (8 777 octets), the sender (of the ping)'s VE ID (2 octets), the receiver's 778 VE ID (2 octets), and an encapsulation type (2 octets), formatted as 779 follows: 781 0 1 2 3 782 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 783 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 784 | Route Distinguisher | 785 | (8 octets) | 786 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 787 | Sender's VE ID | Receiver's VE ID | 788 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 789 | Encapsulation Type | Must Be Zero | 790 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 792 3.2.8. FEC 128 Pseudowire - IPv4 (Deprecated) 794 FEC 128 (0x80) is defined in [RFC4447], as are the terms PW ID 795 (Pseudowire ID) and PW Type (Pseudowire Type). A PW ID is a non-zero 796 32-bit connection ID. The PW Type is a 15-bit number indicating the 797 encapsulation type. It is carried right justified in the field below 798 termed encapsulation type with the high-order bit set to zero. Both 799 of these fields are treated in this protocol as opaque values. 801 When an FEC 128 is encoded in a label stack, the following format is 802 used. The value field consists of the remote PE IPv4 address (the 803 destination address of the targeted LDP session), the PW ID, and the 804 encapsulation type as follows: 806 0 1 2 3 807 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 808 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 809 | Remote PE IPv4 Address | 810 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 811 | PW ID | 812 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 813 | PW Type | Must Be Zero | 814 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 816 This FEC is deprecated and is retained only for backward 817 compatibility. Implementations of LSP ping SHOULD accept and process 818 this TLV, but SHOULD send LSP ping echo requests with the new TLV 819 (see next section), unless explicitly configured to use the old TLV. 821 An LSR receiving this TLV SHOULD use the source IP address of the LSP 822 echo request to infer the sender's PE address. 824 3.2.9. FEC 128 Pseudowire - IPv4 (Current) 826 FEC 128 (0x80) is defined in [RFC4447], as are the terms PW ID 827 (Pseudowire ID) and PW Type (Pseudowire Type). A PW ID is a non-zero 828 32-bit connection ID. The PW Type is a 15-bit number indicating the 829 encapsulation type. It is carried right justified in the field below 830 termed encapsulation type with the high-order bit set to zero. 832 Both of these fields are treated in this protocol as opaque values. 833 When matching these field to the local FEC information, the match 834 MUST be exact. 836 When an FEC 128 is encoded in a label stack, the following format is 837 used. The value field consists of the sender's PE IPv4 address (the 838 source address of the targeted LDP session), the remote PE IPv4 839 address (the destination address of the targeted LDP session), the PW 840 ID, and the encapsulation type as follows: 842 0 1 2 3 843 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 844 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 845 | Sender's PE IPv4 Address | 846 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 847 | Remote PE IPv4 Address | 848 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 849 | PW ID | 850 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 851 | PW Type | Must Be Zero | 852 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 854 3.2.10. FEC 129 Pseudowire - IPv4 856 FEC 129 (0x81) and the terms PW Type, Attachment Group Identifier 857 (AGI), Attachment Group Identifier Type (AGI Type), Attachment 858 Individual Identifier Type (AII Type), Source Attachment Individual 859 Identifier (SAII), and Target Attachment Individual Identifier (TAII) 860 are defined in [RFC4447]. The PW Type is a 15-bit number indicating 861 the encapsulation type. It is carried right justified in the field 862 below PW Type with the high-order bit set to zero. All the other 863 fields are treated as opaque values and copied directly from the FEC 864 129 format. All of these values together uniquely define the FEC 865 within the scope of the LDP session identified by the source and 866 remote PE IPv4 addresses. 868 When an FEC 129 is encoded in a label stack, the following format is 869 used. The Length of this TLV is 16 + AGI length + SAII length + TAII 870 length. Padding is used to make the total length a multiple of 4; 871 the length of the padding is not included in the Length field. 873 0 1 2 3 874 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 875 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 876 | Sender's PE IPv4 Address | 877 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 878 | Remote PE IPv4 Address | 879 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 880 | PW Type | AGI Type | AGI Length | 881 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 882 ~ AGI Value ~ 883 | | 884 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 885 | AII Type | SAII Length | SAII Value | 886 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 887 ~ SAII Value (continued) ~ 888 | | 889 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 890 | AII Type | TAII Length | TAII Value | 891 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 892 ~ TAII Value (continued) ~ 893 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 894 | TAII (cont.) | 0-3 octets of zero padding | 895 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 897 3.2.11. BGP Labeled IPv4 Prefix 899 BGP labeled IPv4 prefixes are defined in [RFC3107]. When a BGP 900 labeled IPv4 prefix is encoded in a label stack, the following format 901 is used. The value field consists the IPv4 prefix (with trailing 0 902 bits to make 32 bits in all), and the prefix length, as follows: 904 0 1 2 3 905 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 906 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 907 | IPv4 Prefix | 908 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 909 | Prefix Length | Must Be Zero | 910 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 912 3.2.12. BGP Labeled IPv6 Prefix 914 BGP labeled IPv6 prefixes are defined in [RFC3107]. When a BGP 915 labeled IPv6 prefix is encoded in a label stack, the following format 916 is used. The value consists of 16 octets of an IPv6 prefix followed 917 by 1 octet of prefix length in bits; the format is given below. The 918 IPv6 prefix is in network byte order; if the prefix is shorter than 919 128 bits, the trailing bits SHOULD be set to zero. 921 0 1 2 3 922 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 923 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 924 | IPv6 prefix | 925 | (16 octets) | 926 | | 927 | | 928 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 929 | Prefix Length | Must Be Zero | 930 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 932 3.2.13. Generic IPv4 Prefix 934 The value consists of 4 octets of an IPv4 prefix followed by 1 octet 935 of prefix length in bits; the format is given below. The IPv4 prefix 936 is in network byte order; if the prefix is shorter than 32 bits, 937 trailing bits SHOULD be set to zero. This FEC is used if the 938 protocol advertising the label is unknown or may change during the 939 course of the LSP. An example is an inter-AS LSP that may be 940 signaled by LDP in one Autonomous System (AS), by RSVP-TE [RFC3209] 941 in another AS, and by BGP between the ASes, such as is common for 942 inter-AS VPNs. 944 0 1 2 3 945 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 946 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 947 | IPv4 prefix | 948 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 949 | Prefix Length | Must Be Zero | 950 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 952 3.2.14. Generic IPv6 Prefix 954 The value consists of 16 octets of an IPv6 prefix followed by 1 octet 955 of prefix length in bits; the format is given below. The IPv6 prefix 956 is in network byte order; if the prefix is shorter than 128 bits, the 957 trailing bits SHOULD be set to zero. 959 0 1 2 3 960 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 961 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 962 | IPv6 prefix | 963 | (16 octets) | 964 | | 965 | | 966 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 967 | Prefix Length | Must Be Zero | 968 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 970 3.2.15. Nil FEC 972 At times, labels from the reserved range, e.g., Router Alert and 973 Explicit-null, may be added to the label stack for various diagnostic 974 purposes such as influencing load-balancing. These labels may have 975 no explicit FEC associated with them. The Nil FEC Stack is defined 976 to allow a Target FEC Stack sub-TLV to be added to the Target FEC 977 Stack to account for such labels so that proper validation can still 978 be performed. 980 The Length is 4. Labels are 20-bit values treated as numbers. 982 0 1 2 3 983 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 984 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 985 | Label | MBZ | 986 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 988 Label is the actual label value inserted in the label stack; the MBZ 989 fields MUST be zero when sent and ignored on receipt. 991 3.2.16. FEC 128 Pseudowire - IPv6 993 The FEC 128 Pseudowire IPv6 sub-TLV has a structure consistent with 994 the FEC 128 Pseudowire IPv4 sub-TLV as described in Section 3.2.9. 995 The value field consists of the Sender's PE IPv6 address (the source 996 address of the targeted LDP session), the remote PE IPv6 address (the 997 destination address of the targeted LDP session), the PW ID, and the 998 encapsulation type as follows: 1000 0 1 2 3 1001 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1002 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1003 ~ Sender's PE IPv6 Address ~ 1004 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1005 ~ Remote PE IPv6 Address ~ 1006 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1007 | PW ID | 1008 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1009 | PW Type | Must Be Zero | 1010 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1012 Sender's PE IPv6 Address: The source IP address of the target IPv6 1013 LDP session. 16 octets. 1015 Remote PE IPv6 Address: The destination IP address of the target IPv6 1016 LDP session. 16 octets. 1018 PW ID: Same as FEC 128 Pseudowire IPv4 in Section 3.2.9. 1020 PW Type: Same as FEC 128 Pseudowire IPv4 in Section 3.2.9. 1022 3.2.17. FEC 129 Pseudowire - IPv6 1024 The FEC 129 Pseudowire IPv6 sub-TLV has a structure consistent with 1025 the FEC 129 Pseudowire IPv4 sub-TLV as described in Section 3.2.10. 1026 When an FEC 129 is encoded in a label stack, the following format is 1027 used. The length of this TLV is 40 + AGI (Attachment Group 1028 Identifier) length + SAII (Source Attachment Individual Identifier) 1029 length + TAII (Target Attachment Individual Identifier) length. 1030 Padding is used to make the total length a multiple of 4; the length 1031 of the padding is not included in the Length field. 1033 0 1 2 3 1034 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1035 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1036 ~ Sender's PE IPv6 Address ~ 1037 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1038 ~ Remote PE IPv6 Address ~ 1039 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1040 | PW Type | AGI Type | AGI Length | 1041 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1042 ~ AGI Value ~ 1043 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1044 | AII Type | SAII Length | SAII Value | 1045 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1046 ~ SAII Value (continued) ~ 1047 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1048 | AII Type | TAII Length | TAII Value | 1049 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1050 ~ TAII Value (continued) ~ 1051 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1052 | TAII (cont.) | 0-3 octets of zero padding | 1053 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1055 Sender's PE IPv6 Address: The source IP address of the target IPv6 1056 LDP session. 16 octets. 1058 Remote PE IPv6 Address: The destination IP address of the target IPv6 1059 LDP session. 16 octets. 1061 The other fields are the same as FEC 129 Pseudowire IPv4 in 1062 Section 3.2.10. 1064 3.3. Downstream Mapping 1066 The Downstream Mapping object is a TLV that MAY be included in an 1067 echo request message. Only one Downstream Mapping object may appear 1068 in an echo request. The presence of a Downstream Mapping object is a 1069 request that Downstream Mapping objects be included in the echo 1070 reply. If the replying router is the destination of the FEC, then a 1071 Downstream Mapping TLV SHOULD NOT be included in the echo reply. 1072 Otherwise the replying router SHOULD include a Downstream Mapping 1073 object for each interface over which this FEC could be forwarded. 1074 For a more precise definition of the notion of "downstream", see 1075 section 3.3.2, "Downstream Router and Interface". 1077 The Length is K + M + 4*N octets, where M is the Multipath Length, 1078 and N is the number of Downstream Labels. Values for K are found in 1079 the description of Address Type below. The Value field of a 1080 Downstream Mapping has the following format: 1082 0 1 2 3 1083 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1084 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1085 | MTU | Address Type | DS Flags | 1086 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1087 | Downstream IP Address (4 or 16 octets) | 1088 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1089 | Downstream Interface Address (4 or 16 octets) | 1090 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1091 | Multipath Type| Depth Limit | Multipath Length | 1092 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1093 . . 1094 . (Multipath Information) . 1095 . . 1096 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1097 | Downstream Label | Protocol | 1098 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1099 . . 1100 . . 1101 . . 1102 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1103 | Downstream Label | Protocol | 1104 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1106 Maximum Transmission Unit (MTU) 1108 The MTU is the size in octets of the largest MPLS frame (including 1109 label stack) that fits on the interface to the Downstream LSR. 1111 Address Type 1112 The Address Type indicates if the interface is numbered or 1113 unnumbered. It also determines the length of the Downstream IP 1114 Address and Downstream Interface fields. The resulting total for 1115 the initial part of the TLV is listed in the table below as "K 1116 Octets". The Address Type is set to one of the following values: 1118 Type # Address Type K Octets 1119 ------ ------------ -------- 1120 1 IPv4 Numbered 16 1121 2 IPv4 Unnumbered 16 1122 3 IPv6 Numbered 40 1123 4 IPv6 Unnumbered 28 1125 DS Flags 1127 The DS Flags field is a bit vector with the following format: 1129 0 1 2 3 4 5 6 7 1130 +-+-+-+-+-+-+-+-+ 1131 | Rsvd(MBZ) |I|N| 1132 +-+-+-+-+-+-+-+-+ 1134 Two flags are defined currently, I and N. The remaining flags MUST 1135 be set to zero when sending and ignored on receipt. 1137 Flag Name and Meaning 1138 ---- ---------------- 1139 I Interface and Label Stack Object Request 1141 When this flag is set, it indicates that the replying 1142 router SHOULD include an Interface and Label Stack 1143 Object in the echo reply message. 1145 N Treat as a Non-IP Packet 1147 Echo request messages will be used to diagnose non-IP 1148 flows. However, these messages are carried in IP 1149 packets. For a router that alters its ECMP algorithm 1150 based on the FEC or deep packet examination, this flag 1151 requests that the router treat this as it would if the 1152 determination of an IP payload had failed. 1154 Downstream IP Address and Downstream Interface Address 1156 IPv4 addresses and interface indices are encoded in 4 octets; IPv6 1157 addresses are encoded in 16 octets. 1159 If the interface to the downstream LSR is numbered, then the 1160 Address Type MUST be set to IPv4 or IPv6, the Downstream IP 1161 Address MUST be set to either the downstream LSR's Router ID or 1162 the interface address of the downstream LSR, and the Downstream 1163 Interface Address MUST be set to the downstream LSR's interface 1164 address. 1166 If the interface to the downstream LSR is unnumbered, the Address 1167 Type MUST be IPv4 Unnumbered or IPv6 Unnumbered, the Downstream IP 1168 Address MUST be the downstream LSR's Router ID, and the Downstream 1169 Interface Address MUST be set to the index assigned by the 1170 upstream LSR to the interface. 1172 If an LSR does not know the IP address of its neighbor, then it 1173 MUST set the Address Type to either IPv4 Unnumbered or IPv6 1174 Unnumbered. For IPv4, it must set the Downstream IP Address to 1175 127.0.0.1; for IPv6 the address is set to 0::1. In both cases, 1176 the interface index MUST be set to 0. If an LSR receives an Echo 1177 Request packet with either of these addresses in the Downstream IP 1178 Address field, this indicates that it MUST bypass interface 1179 verification but continue with label validation. 1181 If the originator of an Echo Request packet wishes to obtain 1182 Downstream Mapping information but does not know the expected 1183 label stack, then it SHOULD set the Address Type to either IPv4 1184 Unnumbered or IPv6 Unnumbered. For IPv4, it MUST set the 1185 Downstream IP Address to 224.0.0.2; for IPv6 the address MUST be 1186 set to FF02::2. In both cases, the interface index MUST be set to 1187 0. If an LSR receives an Echo Request packet with the all-routers 1188 multicast address, then this indicates that it MUST bypass both 1189 interface and label stack validation, but return Downstream 1190 Mapping TLVs using the information provided. 1192 Multipath Type 1194 The following Multipath Types are defined: 1196 Key Type Multipath Information 1197 --- ---------------- --------------------- 1198 0 no multipath Empty (Multipath Length = 0) 1199 2 IP address IP addresses 1200 4 IP address range low/high address pairs 1201 8 Bit-masked IP IP address prefix and bit mask 1202 address set 1203 9 Bit-masked label set Label prefix and bit mask 1205 Type 0 indicates that all packets will be forwarded out this one 1206 interface. 1208 Types 2, 4, 8, and 9 specify that the supplied Multipath 1209 Information will serve to exercise this path. 1211 Depth Limit 1213 The Depth Limit is applicable only to a label stack and is the 1214 maximum number of labels considered in the hash; this SHOULD be 1215 set to zero if unspecified or unlimited. 1217 Multipath Length 1219 The length in octets of the Multipath Information. 1221 Multipath Information 1223 Address or label values encoded according to the Multipath Type. 1224 See the next section below for encoding details. 1226 Downstream Label(s) 1228 The set of labels in the label stack as it would have appeared if 1229 this router were forwarding the packet through this interface. 1230 Any Implicit Null labels are explicitly included. Labels are 1231 treated as numbers, i.e., they are right justified in the field. 1233 A Downstream Label is 24 bits, in the same format as an MPLS label 1234 minus the TTL field, i.e., the MSBit of the label is bit 0, the 1235 LSBit is bit 19, the Traffic Class (TC) bits are bits 20-22, and 1236 bit 23 is the S bit. The replying router SHOULD fill in the TC 1237 and S bits; the LSR receiving the echo reply MAY choose to ignore 1238 these bits. Protocol 1240 The Protocol is taken from the following table: 1242 Protocol # Signaling Protocol 1243 ---------- ------------------ 1244 0 Unknown 1245 1 Static 1246 2 BGP 1247 3 LDP 1248 4 RSVP-TE 1250 3.3.1. Multipath Information Encoding 1252 The Multipath Information encodes labels or addresses that will 1253 exercise this path. The Multipath Information depends on the 1254 Multipath Type. The contents of the field are shown in the table 1255 above. IPv4 addresses are drawn from the range 127/8; IPv6 addresses 1256 are drawn from the range 0:0:0:0:0:FFFF:7F00/104. Labels are treated 1257 as numbers, i.e., they are right justified in the field. For Type 4, 1258 ranges indicated by Address pairs MUST NOT overlap and MUST be in 1259 ascending sequence. 1261 Type 8 allows a more dense encoding of IP addresses. The IP prefix 1262 is formatted as a base IP address with the non-prefix low-order bits 1263 set to zero. The maximum prefix length is 27. Following the prefix 1264 is a mask of length 2^(32-prefix length) bits for IPv4 and 1265 2^(128-prefix length) bits for IPv6. Each bit set to 1 represents a 1266 valid address. The address is the base IPv4 address plus the 1267 position of the bit in the mask where the bits are numbered left to 1268 right beginning with zero. For example, the IPv4 addresses 1269 127.2.1.0, 127.2.1.5-127.2.1.15, and 127.2.1.20-127.2.1.29 would be 1270 encoded as follows: 1272 0 1 2 3 1273 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1274 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1275 |0 1 1 1 1 1 1 1 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0| 1276 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1277 |1 0 0 0 0 1 1 1 1 1 1 1 1 1 1 1 0 0 0 0 1 1 1 1 1 1 1 1 1 1 0 0| 1278 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1280 Those same addresses embedded in IPv6 would be encoded as follows: 1282 0 1 2 3 1283 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1284 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1285 |0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0| 1286 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1287 |0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0| 1288 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1289 |0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1| 1290 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1291 |0 1 1 1 1 1 1 1 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0| 1292 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1293 |1 0 0 0 0 1 1 1 1 1 1 1 1 1 1 1 0 0 0 0 1 1 1 1 1 1 1 1 1 1 0 0| 1294 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1296 Type 9 allows a more dense encoding of labels. The label prefix is 1297 formatted as a base label value with the non-prefix low-order bits 1298 set to zero. The maximum prefix (including leading zeros due to 1299 encoding) length is 27. Following the prefix is a mask of length 1300 2^(32-prefix length) bits. Each bit set to one represents a valid 1301 label. The label is the base label plus the position of the bit in 1302 the mask where the bits are numbered left to right beginning with 1303 zero. Label values of all the odd numbers between 1152 and 1279 1304 would be encoded as follows: 1306 0 1 2 3 1307 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1308 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1309 |0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 1 0 0 0 0 0 0 0| 1310 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1311 |0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1| 1312 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1313 |0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1| 1314 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1315 |0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1| 1316 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1317 |0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1| 1318 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1320 If the received Multipath Information is non-null, the labels and IP 1321 addresses MUST be picked from the set provided. If none of these 1322 labels or addresses map to a particular downstream interface, then 1323 for that interface, the type MUST be set to 0. If the received 1324 Multipath Information is null (i.e., Multipath Length = 0, or for 1325 Types 8 and 9, a mask of all zeros), the type MUST be set to 0. 1327 For example, suppose LSR X at hop 10 has two downstream LSRs, Y and 1328 Z, for the FEC in question. The received X could return Multipath 1329 Type 4, with low/high IP addresses of 127.1.1.1->127.1.1.255 for 1330 downstream LSR Y and 127.2.1.1->127.2.1.255 for downstream LSR Z. 1331 The head end reflects this information to LSR Y. Y, which has three 1332 downstream LSRs, U, V, and W, computes that 127.1.1.1->127.1.1.127 1333 would go to U and 127.1.1.128-> 127.1.1.255 would go to V. Y would 1334 then respond with 3 Downstream Mappings: to U, with Multipath Type 4 1335 (127.1.1.1->127.1.1.127); to V, with Multipath Type 4 1336 (127.1.1.127->127.1.1.255); and to W, with Multipath Type 0. 1338 Note that computing Multipath Information may impose a significant 1339 processing burden on the receiver. A receiver MAY thus choose to 1340 process a subset of the received prefixes. The sender, on receiving 1341 a reply to a Downstream Mapping with partial information, SHOULD 1342 assume that the prefixes missing in the reply were skipped by the 1343 receiver, and MAY re-request information about them in a new echo 1344 request. 1346 3.3.2. Downstream Router and Interface 1348 The notion of "downstream router" and "downstream interface" should 1349 be explained. Consider an LSR X. If a packet that was originated 1350 with TTL n>1 arrived with outermost label L and TTL=1 at LSR X, X 1351 must be able to compute which LSRs could receive the packet if it was 1352 originated with TTL=n+1, over which interface the request would 1353 arrive and what label stack those LSRs would see. (It is outside the 1354 scope of this document to specify how this computation is done.) The 1355 set of these LSRs/interfaces consists of the downstream routers/ 1356 interfaces (and their corresponding labels) for X with respect to L. 1357 Each pair of downstream router and interface requires a separate 1358 Downstream Mapping to be added to the reply. 1360 The case where X is the LSR originating the echo request is a special 1361 case. X needs to figure out what LSRs would receive the MPLS echo 1362 request for a given FEC Stack that X originates with TTL=1. 1364 The set of downstream routers at X may be alternative paths (see the 1365 discussion below on ECMP) or simultaneous paths (e.g., for MPLS 1366 multicast). In the former case, the Multipath Information is used as 1367 a hint to the sender as to how it may influence the choice of these 1368 alternatives. 1370 3.4. Pad TLV 1372 The value part of the Pad TLV contains a variable number (>= 1) of 1373 octets. The first octet takes values from the following table; all 1374 the other octets (if any) are ignored. The receiver SHOULD verify 1375 that the TLV is received in its entirety, but otherwise ignores the 1376 contents of this TLV, apart from the first octet. 1378 Value Meaning 1379 ----- ------- 1380 1 Drop Pad TLV from reply 1381 2 Copy Pad TLV to reply 1382 3-255 Reserved for future use 1384 3.5. Vendor Enterprise Number 1386 SMI Private Enterprise Numbers are maintained by IANA. The Length is 1387 always 4; the value is the SMI Private Enterprise code, in network 1388 octet order, of the vendor with a Vendor Private extension to any of 1389 the fields in the fixed part of the message, in which case this TLV 1390 MUST be present. If none of the fields in the fixed part of the 1391 message have Vendor Private extensions, inclusion of this TLV is 1392 OPTIONAL. Vendor Private ranges for Message Types, Reply Modes, and 1393 Return Codes have been defined. When any of these are used, the 1394 Vendor Enterprise Number TLV MUST be included in the message. 1396 3.6. Interface and Label Stack 1398 The Interface and Label Stack TLV MAY be included in a reply message 1399 to report the interface on which the request message was received and 1400 the label stack that was on the packet when it was received. Only 1401 one such object may appear. The purpose of the object is to allow 1402 the upstream router to obtain the exact interface and label stack 1403 information as it appears at the replying LSR. 1405 The Length is K + 4*N octets; N is the number of labels in the label 1406 stack. Values for K are found in the description of Address Type 1407 below. The Value field of a Downstream Mapping has the following 1408 format: 1410 0 1 2 3 1411 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1412 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1413 | Address Type | Must Be Zero | 1414 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1415 | IP Address (4 or 16 octets) | 1416 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1417 | Interface (4 or 16 octets) | 1418 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1419 . . 1420 . . 1421 . Label Stack . 1422 . . 1423 . . 1424 . . 1425 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1427 Address Type 1429 The Address Type indicates if the interface is numbered or 1430 unnumbered. It also determines the length of the IP Address and 1431 Interface fields. The resulting total for the initial part of the 1432 TLV is listed in the table below as "K Octets". The Address Type 1433 is set to one of the following values: 1435 Type # Address Type K Octets 1436 ------ ------------ -------- 1437 1 IPv4 Numbered 12 1438 2 IPv4 Unnumbered 12 1439 3 IPv6 Numbered 36 1440 4 IPv6 Unnumbered 24 1442 IP Address and Interface 1443 IPv4 addresses and interface indices are encoded in 4 octets; IPv6 1444 addresses are encoded in 16 octets. 1446 If the interface upon which the echo request message was received 1447 is numbered, then the Address Type MUST be set to IPv4 or IPv6, 1448 the IP Address MUST be set to either the LSR's Router ID or the 1449 interface address, and the Interface MUST be set to the interface 1450 address. 1452 If the interface is unnumbered, the Address Type MUST be either 1453 IPv4 Unnumbered or IPv6 Unnumbered, the IP Address MUST be the 1454 LSR's Router ID, and the Interface MUST be set to the index 1455 assigned to the interface. 1457 Label Stack 1459 The label stack of the received echo request message. If any TTL 1460 values have been changed by this router, they SHOULD be restored. 1462 3.7. Errored TLVs 1464 The following TLV is a TLV that MAY be included in an echo reply to 1465 inform the sender of an echo request of mandatory TLVs either not 1466 supported by an implementation or parsed and found to be in error. 1468 The Value field contains the TLVs that were not understood, encoded 1469 as sub-TLVs. 1471 0 1 2 3 1472 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1473 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1474 | Type = 9 | Length | 1475 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1476 | Value | 1477 . . 1478 . . 1479 . . 1480 | | 1481 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1483 3.8. Reply TOS Byte TLV 1485 This TLV MAY be used by the originator of the echo request to request 1486 that an echo reply be sent with the IP header TOS byte set to the 1487 value specified in the TLV. This TLV has a length of 4 with the 1488 following value field. 1490 0 1 2 3 1491 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1492 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1493 | Reply-TOS Byte| Must Be Zero | 1494 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1496 4. Theory of Operation 1498 An MPLS echo request is used to test a particular LSP. The LSP to be 1499 tested is identified by the "FEC Stack"; for example, if the LSP was 1500 set up via LDP, and is to an egress IP address of 10.1.1.1, the FEC 1501 Stack contains a single element, namely, an LDP IPv4 prefix sub-TLV 1502 with value 10.1.1.1/32. If the LSP being tested is an RSVP LSP, the 1503 FEC Stack consists of a single element that captures the RSVP Session 1504 and Sender Template that uniquely identifies the LSP. 1506 FEC Stacks can be more complex. For example, one may wish to test a 1507 VPN IPv4 prefix of 10.1/8 that is tunneled over an LDP LSP with 1508 egress 10.10.1.1. The FEC Stack would then contain two sub-TLVs, the 1509 bottom being a VPN IPv4 prefix, and the top being an LDP IPv4 prefix. 1510 If the underlying (LDP) tunnel were not known, or was considered 1511 irrelevant, the FEC Stack could be a single element with just the VPN 1512 IPv4 sub-TLV. 1514 When an MPLS echo request is received, the receiver is expected to 1515 verify that the control plane and data plane are both healthy (for 1516 the FEC Stack being pinged) and that the two planes are in sync. The 1517 procedures for this are in section 4.4 below. 1519 4.1. Dealing with Equal-Cost Multi-Path (ECMP) 1521 LSPs need not be simple point-to-point tunnels. Frequently, a single 1522 LSP may originate at several ingresses, and terminate at several 1523 egresses; this is very common with LDP LSPs. LSPs for a given FEC 1524 may also have multiple "next hops" at transit LSRs. At an ingress, 1525 there may also be several different LSPs to choose from to get to the 1526 desired endpoint. Finally, LSPs may have backup paths, detour paths, 1527 and other alternative paths to take should the primary LSP go down. 1529 To deal with the last two first: it is assumed that the LSR sourcing 1530 MPLS echo requests can force the echo request into any desired LSP, 1531 so choosing among multiple LSPs at the ingress is not an issue. The 1532 problem of probing the various flavors of backup paths that will 1533 typically not be used for forwarding data unless the primary LSP is 1534 down will not be addressed here. 1536 Since the actual LSP and path that a given packet may take may not be 1537 known a priori, it is useful if MPLS echo requests can exercise all 1538 possible paths. This, although desirable, may not be practical, 1539 because the algorithms that a given LSR uses to distribute packets 1540 over alternative paths may be proprietary. 1542 To achieve some degree of coverage of alternate paths, there is a 1543 certain latitude in choosing the destination IP address and source 1544 UDP port for an MPLS echo request. This is clearly not sufficient; 1545 in the case of traceroute, more latitude is offered by means of the 1546 Multipath Information of the Downstream Mapping TLV. This is used as 1547 follows. An ingress LSR periodically sends an MPLS traceroute 1548 message to determine whether there are multipaths for a given LSP. 1549 If so, each hop will provide some information how each of its 1550 downstream paths can be exercised. The ingress can then send MPLS 1551 echo requests that exercise these paths. If several transit LSRs 1552 have ECMP, the ingress may attempt to compose these to exercise all 1553 possible paths. However, full coverage may not be possible. 1555 4.2. Testing LSPs That Are Used to Carry MPLS Payloads 1557 To detect certain LSP breakages, it may be necessary to encapsulate 1558 an MPLS echo request packet with at least one additional label when 1559 testing LSPs that are used to carry MPLS payloads (such as LSPs used 1560 to carry L2VPN and L3VPN traffic. For example, when testing LDP or 1561 RSVP-TE LSPs, just sending an MPLS echo request packet may not detect 1562 instances where the router immediately upstream of the destination of 1563 the LSP ping may forward the MPLS echo request successfully over an 1564 interface not configured to carry MPLS payloads because of the use of 1565 penultimate hop popping. Since the receiving router has no means to 1566 differentiate whether the IP packet was sent unlabeled or implicitly 1567 labeled, the addition of labels shimmed above the MPLS echo request 1568 (using the Nil FEC) will prevent a router from forwarding such a 1569 packet out unlabeled interfaces. 1571 4.3. Sending an MPLS Echo Request 1573 An MPLS echo request is a UDP packet. The IP header is set as 1574 follows: the source IP address is a routable address of the sender; 1575 the destination IP address is a (randomly chosen) IPv4 address from 1576 the range 127/8 or IPv6 address from the range 1577 0:0:0:0:0:FFFF:7F00/104. The IP TTL is set to 1. The source UDP 1578 port is chosen by the sender; the destination UDP port is set to 3503 1579 (assigned by IANA for MPLS echo requests). The Router Alert option 1580 MUST be set in the IP header. 1582 An MPLS echo request is sent with a label stack corresponding to the 1583 FEC Stack being tested. Note that further labels could be applied 1584 if, for example, the normal route to the topmost FEC in the stack is 1585 via a Traffic Engineered Tunnel [RFC3209]. If all of the FECs in the 1586 stack correspond to Implicit Null labels, the MPLS echo request is 1587 considered unlabeled even if further labels will be applied in 1588 sending the packet. 1590 If the echo request is labeled, one MAY (depending on what is being 1591 pinged) set the TTL of the innermost label to 1, to prevent the ping 1592 request going farther than it should. Examples of where this SHOULD 1593 be done include pinging a VPN IPv4 or IPv6 prefix, an L2 VPN endpoint 1594 or a pseudowire. Preventing the ping request from going too far can 1595 also be accomplished by inserting a Router Alert label above this 1596 label; however, this may lead to the undesired side effect that MPLS 1597 echo requests take a different data path than actual data. For more 1598 information on how these mechanisms can be used for pseudowire 1599 connectivity verification, see [RFC5085]. 1601 In "ping" mode (end-to-end connectivity check), the TTL in the 1602 outermost label is set to 255. In "traceroute" mode (fault isolation 1603 mode), the TTL is set successively to 1, 2, and so on. 1605 The sender chooses a Sender's Handle and a Sequence Number. When 1606 sending subsequent MPLS echo requests, the sender SHOULD increment 1607 the Sequence Number by 1. However, a sender MAY choose to send a 1608 group of echo requests with the same Sequence Number to improve the 1609 chance of arrival of at least one packet with that Sequence Number. 1611 The TimeStamp Sent is set to the time-of-day in NTP format that the 1612 echo request is sent. The TimeStamp Received is set to zero. 1614 An MPLS echo request MUST have an FEC Stack TLV. Also, the Reply 1615 Mode must be set to the desired reply mode; the Return Code and 1616 Subcode are set to zero. In the "traceroute" mode, the echo request 1617 SHOULD include a Downstream Mapping TLV. 1619 4.4. Receiving an MPLS Echo Request 1621 Sending an MPLS echo request to the control plane is triggered by one 1622 of the following packet processing exceptions: Router Alert option, 1623 IP TTL expiration, MPLS TTL expiration, MPLS Router Alert label, or 1624 the destination address in the 127/8 address range. The control 1625 plane further identifies it by UDP destination port 3503. 1627 For reporting purposes the bottom of stack is considered to be stack- 1628 depth of 1. This is to establish an absolute reference for the case 1629 where the actual stack may have more labels than there are FECs in 1630 the Target FEC Stack. 1632 Furthermore, in all the error codes listed in this document, a stack- 1633 depth of 0 means "no value specified". This allows compatibility 1634 with existing implementations that do not use the Return Subcode 1635 field. 1637 An LSR X that receives an MPLS echo request then processes it as 1638 follows. 1640 1. General packet sanity is verified. If the packet is not well- 1641 formed, LSR X SHOULD send an MPLS Echo Reply with the Return Code 1642 set to "Malformed echo request received" and the Subcode to zero. 1643 If there are any TLVs not marked as "Ignore" that LSR X does not 1644 understand, LSR X SHOULD send an MPLS "TLV not understood" (as 1645 appropriate), and the Subcode set to zero. In the latter case, 1646 the misunderstood TLVs (only) are included as sub-TLVs in an 1647 Errored TLVs TLV in the reply. The header fields Sender's 1648 Handle, Sequence Number, and Timestamp Sent are not examined, but 1649 are included in the MPLS echo reply message. 1651 The algorithm uses the following variables and identifiers: 1653 Interface-I: the interface on which the MPLS echo request was 1654 received. 1656 Stack-R: the label stack on the packet as it was received. 1658 Stack-D: the label stack carried in the Downstream Mapping 1659 TLV (not always present) 1661 Label-L: the label from the actual stack currently being 1662 examined. Requires no initialization. 1664 Label-stack-depth: the depth of label being verified. Initialized 1665 to the number of labels in the received label 1666 stack S. 1668 FEC-stack-depth: depth of the FEC in the Target FEC Stack that 1669 should be used to verify the current actual 1670 label. Requires no initialization. 1672 Best-return-code: contains the return code for the echo reply 1673 packet as currently best known. As the algorithm 1674 progresses, this code may change depending on the 1675 results of further checks that it performs. 1677 Best-rtn-subcode: similar to Best-return-code, but for the Echo 1678 Reply Subcode. 1680 FEC-status: result value returned by the FEC Checking 1681 algorithm described in section 4.4.1. 1683 /* Save receive context information */ 1685 2. If the echo request is good, LSR X stores the interface over 1686 which the echo was received in Interface-I, and the label stack 1687 with which it came in Stack-R. 1689 /* The rest of the algorithm iterates over the labels in Stack-R, 1690 verifies validity of label values, reports associated label switching 1691 operations (for traceroute), verifies correspondence between the 1692 Stack-R and the Target FEC Stack description in the body of the echo 1693 request, and reports any errors. */ 1695 /* The algorithm iterates as follows. */ 1697 3. Label Validation: 1699 If Label-stack-depth is 0 { 1701 /* The LSR needs to report its being a tail-end for the LSP */ 1703 Set FEC-stack-depth to 1, set Label-L to 3 (Implicit Null). 1704 Set Best-return-code to 3 ("Replying router is an egress for 1705 the FEC at stack depth"), set Best-rtn-subcode to the value of 1706 FEC-stack-depth (1) and go to step 5 (Egress Processing). 1708 } 1710 /* This step assumes there is always an entry for well-known label 1711 values */ 1713 Set Label-L to the value extracted from Stack-R at depth Label- 1714 stack-depth. Look up Label-L in the Incoming Label Map (ILM) to 1715 determine if the label has been allocated and an operation is 1716 associated with it. 1718 If there is no entry for L { 1720 /* Indicates a temporary or permanent label synchronization 1721 problem the LSR needs to report an error */ 1723 Set Best-return-code to 11 ("No label entry at stack-depth") 1724 and Best-rtn-subcode to Label-stack-depth. Go to step 7 (Send 1725 Reply Packet). 1727 } 1729 Else { 1730 Retrieve the associated label operation from the corresponding 1731 NHLFE and proceed to step 4 (Label Operation check). 1733 } 1735 4. Label Operation Check 1737 If the label operation is "Pop and Continue Processing" { 1739 /* Includes Explicit Null and Router Alert label cases */ 1741 Iterate to the next label by decrementing Label-stack-depth and 1742 loop back to step 3 (Label Validation). 1744 } 1746 If the label operation is "Swap or Pop and Switch based on Popped 1747 Label" { 1749 Set Best-return-code to 8 ("Label switched at stack-depth") and 1750 Best-rtn-subcode to Label-stack-depth to report transit 1751 switching. 1753 If a Downstream Mapping TLV is present in the received echo 1754 request { 1756 If the IP address in the TLV is 127.0.0.1 or 0::1 { 1758 Set Best-return-code to 6 ("Upstream Interface Index 1759 Unknown"). An Interface and Label Stack TLV SHOULD be 1760 included in the reply and filled with Interface-I and 1761 Stack-R. 1763 } 1765 Else { 1767 Verify that the IP address, interface address, and label 1768 stack in the Downstream Mapping TLV match Interface-I and 1769 Stack-R. If there is a mismatch, set Best-return-code to 1770 5, "Downstream Mapping Mismatch". An Interface and Label 1771 Stack TLV SHOULD be included in the reply and filled in 1772 based on Interface-I and Stack-R. Go to step 7 (Send 1773 Reply Packet). 1775 } 1777 } 1778 For each available downstream ECMP path { 1780 Retrieve output interface from the NHLFE entry. 1782 /* Note: this return code is set even if Label-stack-depth 1783 is one */ 1785 If the output interface is not MPLS enabled { 1787 Set Best-return-code to Return Code 9, "Label switched 1788 but no MPLS forwarding at stack-depth" and set Best-rtn- 1789 subcode to Label-stack-depth and goto Send_Reply_Packet. 1791 } 1793 If a Downstream Mapping TLV is present { 1795 A Downstream Mapping TLV SHOULD be included in the echo 1796 reply (see section 3.3) filled in with information about 1797 the current ECMP path. 1799 } 1801 } 1803 If no Downstream Mapping TLV is present, or the Downstream IP 1804 Address is set to the ALLROUTERS multicast address, go to step 1805 7 (Send Reply Packet). 1807 If the "Validate FEC Stack" flag is not set and the LSR is not 1808 configured to perform FEC checking by default, go to step 7 1809 (Send Reply Packet). 1811 /* Validate the Target FEC Stack in the received echo request. 1813 First determine FEC-stack-depth from the Downstream Mapping 1814 TLV. This is done by walking through Stack-D (the Downstream 1815 labels) from the bottom, decrementing the number of labels for 1816 each non-Implicit Null label, while incrementing FEC-stack- 1817 depth for each label. If the Downstream Mapping TLV contains 1818 one or more Implicit Null labels, FEC-stack-depth may be 1819 greater than Label-stack-depth. To be consistent with the 1820 above stack-depths, the bottom is considered to be entry 1. 1821 */ 1823 Set FEC-stack-depth to 0. Set i to Label-stack-depth. 1825 While (i > 0 ) do { 1826 ++FEC-stack-depth. 1827 if Stack-D[FEC-stack-depth] != 3 (Implicit Null) 1828 --i. 1829 } 1831 If the number of FECs in the FEC stack is greater than or equal 1832 to FEC-stack-depth { 1833 Perform the FEC Checking procedure (see subsection 4.4.1 1834 below). 1836 If FEC-status is 2, set Best-return-code to 10 ("Mapping for 1837 this FEC is not the given label at stack-depth"). 1839 If the return code is 1, set Best-return-code to FEC-return- 1840 code and Best-rtn-subcode to FEC-stack-depth. 1841 } 1843 Go to step 7 (Send Reply Packet). 1844 } 1846 5. Egress Processing: 1848 /* These steps are performed by the LSR that identified itself as 1849 the tail-end LSR for an LSP. */ 1851 If received echo request contains no Downstream Mapping TLV, or 1852 the Downstream IP Address is set to 127.0.0.1 or 0::1 go to step 6 1853 (Egress FEC Validation). 1855 Verify that the IP address, interface address, and label stack in 1856 the Downstream Mapping TLV match Interface-I and Stack-R. If not, 1857 set Best-return-code to 5, "Downstream Mapping Mis-match". A 1858 Received Interface and Label Stack TLV SHOULD be created for the 1859 echo response packet. Go to step 7 (Send Reply Packet). 1861 6. Egress FEC Validation: 1863 /* This is a loop for all entries in the Target FEC Stack starting 1864 with FEC-stack-depth. */ 1866 Perform FEC checking by following the algorithm described in 1867 subsection 4.4.1 for Label-L and the FEC at FEC-stack-depth. 1869 Set Best-return-code to FEC-code and Best-rtn-subcode to the value 1870 in FEC-stack-depth. 1872 If FEC-status (the result of the check) is 1, 1873 go to step 7 (Send Reply Packet). 1875 /* Iterate to the next FEC entry */ 1877 ++FEC-stack-depth. 1878 If FEC-stack-depth > the number of FECs in the FEC-stack, 1879 go to step 7 (Send Reply Packet). 1881 If FEC-status is 0 { 1883 ++Label-stack-depth. 1884 If Label-stack-depth > the number of labels in Stack-R, 1885 Go to step 7 (Send Reply Packet). 1887 Label-L = extracted label from Stack-R at depth 1888 Label-stack-depth. 1889 Loop back to step 6 (Egress FEC Validation). 1890 } 1892 7. Send Reply Packet: 1894 Send an MPLS echo reply with a Return Code of Best-return-code, 1895 and a Return Subcode of Best-rtn-subcode. Include any TLVs 1896 created during the above process. The procedures for sending the 1897 echo reply are found in subsection 4.5. 1899 4.4.1. FEC Validation 1901 /* This subsection describes validation of an FEC entry within the 1902 Target FEC Stack and accepts an FEC, Label-L, and Interface-I. The 1903 algorithm performs the following steps. */ 1905 1. Two return values, FEC-status and FEC-return-code, are 1906 initialized to 0. 1908 2. If the FEC is the Nil FEC { 1910 If Label-L is either Explicit_Null or Router_Alert, return. 1912 Else { 1914 Set FEC-return-code to 10 ("Mapping for this FEC is not the 1915 given label at stack-depth"). 1916 Set FEC-status to 1 1917 Return. 1918 } 1920 } 1922 3. Check the FEC label mapping that describes how traffic received 1923 on the LSP is further switched or which application it is 1924 associated with. If no mapping exists, set FEC-return-code to 1925 Return 4, "Replying router has no mapping for the FEC at stack- 1926 depth". Set FEC-status to 1. Return. 1928 4. If the label mapping for FEC is Implicit Null, set FEC-status to 1929 2 and proceed to step 5. Otherwise, if the label mapping for FEC 1930 is Label-L, proceed to step 5. Otherwise, set FEC-return-code to 1931 10 ("Mapping for this FEC is not the given label at stack- 1932 depth"), set FEC-status to 1, and return. 1934 5. This is a protocol check. Check what protocol would be used to 1935 advertise FEC. If it can be determined that no protocol 1936 associated with Interface-I would have advertised an FEC of that 1937 FEC-Type, set FEC-return-code to 12 ("Protocol not associated 1938 with interface at FEC stack-depth"). Set FEC-status to 1. 1940 6. Return. 1942 4.5. Sending an MPLS Echo Reply 1944 An MPLS echo reply is a UDP packet. It MUST ONLY be sent in response 1945 to an MPLS echo request. The source IP address is a routable address 1946 of the replier; the source port is the well-known UDP port for LSP 1947 ping. The destination IP address and UDP port are copied from the 1948 source IP address and UDP port of the echo request. The IP TTL is 1949 set to 255. If the Reply Mode in the echo request is "Reply via an 1950 IPv4 UDP packet with Router Alert", then the IP header MUST contain 1951 the Router Alert IP option. If the reply is sent over an LSP, the 1952 topmost label MUST in this case be the Router Alert label (1) (see 1953 [RFC3032]). 1955 The format of the echo reply is the same as the echo request. The 1956 Sender's Handle, the Sequence Number, and TimeStamp Sent are copied 1957 from the echo request; the TimeStamp Received is set to the time-of- 1958 day that the echo request is received (note that this information is 1959 most useful if the time-of-day clocks on the requester and the 1960 replier are synchronized). The FEC Stack TLV from the echo request 1961 MAY be copied to the reply. 1963 The replier MUST fill in the Return Code and Subcode, as determined 1964 in the previous subsection. 1966 If the echo request contains a Pad TLV, the replier MUST interpret 1967 the first octet for instructions regarding how to reply. 1969 If the replying router is the destination of the FEC, then Downstream 1970 Mapping TLVs SHOULD NOT be included in the echo reply. 1972 If the echo request contains a Downstream Mapping TLV, and the 1973 replying router is not the destination of the FEC, the replier SHOULD 1974 compute its downstream routers and corresponding labels for the 1975 incoming label, and add Downstream Mapping TLVs for each one to the 1976 echo reply it sends back. 1978 If the Downstream Mapping TLV contains Multipath Information 1979 requiring more processing than the receiving router is willing to 1980 perform, the responding router MAY choose to respond with only a 1981 subset of multipaths contained in the echo request Downstream 1982 Mapping. (Note: The originator of the echo request MAY send another 1983 echo request with the Multipath Information that was not included in 1984 the reply.) 1986 Except in the case of Reply Mode 4, "Reply via application level 1987 control channel", echo replies are always sent in the context of the 1988 IP/MPLS network. 1990 4.6. Receiving an MPLS Echo Reply 1992 An LSR X should only receive an MPLS echo reply in response to an 1993 MPLS echo request that it sent. Thus, on receipt of an MPLS echo 1994 reply, X should parse the packet to ensure that it is well-formed, 1995 then attempt to match up the echo reply with an echo request that it 1996 had previously sent, using the destination UDP port and the Sender's 1997 Handle. If no match is found, then X jettisons the echo reply; 1998 otherwise, it checks the Sequence Number to see if it matches. 2000 If the echo reply contains Downstream Mappings, and X wishes to 2001 traceroute further, it SHOULD copy the Downstream Mapping(s) into its 2002 next echo request(s) (with TTL incremented by one). 2004 4.7. Issue with VPN IPv4 and IPv6 Prefixes 2006 Typically, an LSP ping for a VPN IPv4 prefix or VPN IPv6 prefix is 2007 sent with a label stack of depth greater than 1, with the innermost 2008 label having a TTL of 1. This is to terminate the ping at the egress 2009 PE, before it gets sent to the customer device. However, under 2010 certain circumstances, the label stack can shrink to a single label 2011 before the ping hits the egress PE; this will result in the ping 2012 terminating prematurely. One such scenario is a multi-AS Carrier's 2013 Carrier VPN. 2015 To get around this problem, one approach is for the LSR that receives 2016 such a ping to realize that the ping terminated prematurely, and send 2017 back error code 13. In that case, the initiating LSR can retry the 2018 ping after incrementing the TTL on the VPN label. In this fashion, 2019 the ingress LSR will sequentially try TTL values until it finds one 2020 that allows the VPN ping to reach the egress PE. 2022 4.8. Non-compliant Routers 2024 If the egress for the FEC Stack being pinged does not support MPLS 2025 ping, then no reply will be sent, resulting in possible "false 2026 negatives". If in "traceroute" mode, a transit LSR does not support 2027 LSP ping, then no reply will be forthcoming from that LSR for some 2028 TTL, say, n. The LSR originating the echo request SHOULD try sending 2029 the echo request with TTL=n+1, n+2, ..., n+k to probe LSRs further 2030 down the path. In such a case, the echo request for TTL > n SHOULD 2031 be sent with Downstream Mapping TLV "Downstream IP Address" field set 2032 to the ALLROUTERs multicast address until a reply is received with a 2033 Downstream Mapping TLV. The label stack MAY be omitted from the 2034 Downstream Mapping TLV. Furthermore, the "Validate FEC Stack" flag 2035 SHOULD NOT be set until an echo reply packet with a Downstream 2036 Mapping TLV is received. 2038 5. Security Considerations 2040 Overall, the security needs for LSP ping are similar to those of ICMP 2041 ping. 2043 There are at least three approaches to attacking LSRs using the 2044 mechanisms defined here. One is a Denial-of-Service attack, by 2045 sending MPLS echo requests/replies to LSRs and thereby increasing 2046 their workload. The second is obfuscating the state of the MPLS data 2047 plane liveness by spoofing, hijacking, replaying, or otherwise 2048 tampering with MPLS echo requests and replies. The third is an 2049 unauthorized source using an LSP ping to obtain information about the 2050 network. 2052 To avoid potential Denial-of-Service attacks, it is RECOMMENDED that 2053 implementations regulate the LSP ping traffic going to the control 2054 plane. A rate limiter SHOULD be applied to the well-known UDP port 2055 defined below. 2057 Unsophisticated replay and spoofing attacks involving faking or 2058 replaying MPLS echo reply messages are unlikely to be effective. 2059 These replies would have to match the Sender's Handle and Sequence 2060 Number of an outstanding MPLS echo request message. A non-matching 2061 replay would be discarded as the sequence has moved on, thus a spoof 2062 has only a small window of opportunity. However, to provide a 2063 stronger defense, an implementation MAY also validate the TimeStamp 2064 Sent by requiring an exact match on this field. 2066 To protect against unauthorized sources using MPLS echo request 2067 messages to obtain network information, it is RECOMMENDED that 2068 implementations provide a means of checking the source addresses of 2069 MPLS echo request messages against an access list before accepting 2070 the message. 2072 It is not clear how to prevent hijacking (non-delivery) of echo 2073 requests or replies; however, if these messages are indeed hijacked, 2074 LSP ping will report that the data plane is not working as it should. 2076 It does not seem vital (at this point) to secure the data carried in 2077 MPLS echo requests and replies, although knowledge of the state of 2078 the MPLS data plane may be considered confidential by some. 2079 Implementations SHOULD, however, provide a means of filtering the 2080 addresses to which echo reply messages may be sent. 2082 Although this document makes special use of 127/8 address, these are 2083 used only in conjunction with the UDP port 3503. Furthermore, these 2084 packets are only processed by routers. All other hosts MUST treat 2085 all packets with a destination address in the range 127/8 in 2086 accordance to RFC 1122. Any packet received by a router with a 2087 destination address in the range 127/8 without a destination UDP port 2088 of 3503 MUST be treated in accordance to RFC 1812. In particular, 2089 the default behavior is to treat packets destined to a 127/8 address 2090 as "martians". 2092 6. IANA Considerations 2094 The TCP and UDP port number 3503 has been allocated by IANA for LSP 2095 echo requests and replies. 2097 The following sections detail the new name spaces to be managed by 2098 IANA. For each of these name spaces, the space is divided into 2099 assignment ranges; the following terms are used in describing the 2100 procedures by which IANA allocates values: "Standards Action" (as 2101 defined in [RFC5226]), "Specification Required", and "Vendor Private 2102 Use". 2104 Values from "Specification Required" ranges MUST be registered with 2105 IANA. The request MUST be made via an Experimental RFC that 2106 describes the format and procedures for using the code point; the 2107 actual assignment is made during the IANA actions for the RFC. 2109 Values from "Vendor Private" ranges MUST NOT be registered with IANA; 2110 however, the message MUST contain an enterprise code as registered 2111 with the IANA SMI Private Network Management Private Enterprise 2112 Numbers. For each name space that has a Vendor Private range, it 2113 must be specified where exactly the SMI Private Enterprise Number 2114 resides; see below for examples. In this way, several enterprises 2115 (vendors) can use the same code point without fear of collision. 2117 6.1. Message Types, Reply Modes, Return Codes 2119 The IANA has created and will maintain registries for Message Types, 2120 Reply Modes, and Return Codes. Each of these can take values in the 2121 range 0-255. Assignments in the range 0-191 are via Standards 2122 Action; assignments in the range 192-251 are made via "Specification 2123 Required"; values in the range 252-255 are for Vendor Private Use, 2124 and MUST NOT be allocated. 2126 If any of these fields fall in the Vendor Private range, a top-level 2127 Vendor Enterprise Number TLV MUST be present in the message. 2129 Message Types defined in this document are the following: 2131 Value Meaning 2132 ----- ------- 2133 1 MPLS echo request 2134 2 MPLS echo reply 2136 Reply Modes defined in this document are the following: 2138 Value Meaning 2139 ----- ------- 2140 1 Do not reply 2141 2 Reply via an IPv4/IPv6 UDP packet 2142 3 Reply via an IPv4/IPv6 UDP packet with Router Alert 2143 4 Reply via application level control channel 2145 Return Codes defined in this document are listed in section 3.1. 2147 6.2. TLVs 2149 The IANA has created and will maintain a registry for the Type field 2150 of top-level TLVs as well as for any associated sub-TLVs. Note the 2151 meaning of a sub-TLV is scoped by the TLV. The number spaces for the 2152 sub-TLVs of various TLVs are independent. 2154 The valid range for TLVs and sub-TLVs is 0-65535. Assignments in the 2155 range 0-16383 and 32768-49161 are made via Standards Action as 2156 defined in [RFC5226]; assignments in the range 16384-31743 and 2157 49162-64511 are made via "Specification Required" as defined above; 2158 values in the range 31744-32767 and 64512-65535 are for Vendor 2159 Private Use, and MUST NOT be allocated. 2161 If a TLV or sub-TLV has a Type that falls in the range for Vendor 2162 Private Use, the Length MUST be at least 4, and the first four octets 2163 MUST be that vendor's SMI Private Enterprise Number, in network octet 2164 order. The rest of the Value field is private to the vendor. 2166 TLVs and sub-TLVs defined in this document are the following: 2168 Type Sub-Type Value Field 2169 ---- -------- ----------- 2170 1 Target FEC Stack 2171 1 LDP IPv4 prefix 2172 2 LDP IPv6 prefix 2173 3 RSVP IPv4 LSP 2174 4 RSVP IPv6 LSP 2175 5 Not Assigned 2176 6 VPN IPv4 prefix 2177 7 VPN IPv6 prefix 2178 8 L2 VPN endpoint 2179 9 "FEC 128" Pseudowire - IPv4 (Deprecated) 2180 10 "FEC 128" Pseudowire - IPv4 2181 11 "FEC 129" Pseudowire - IPv4 2182 12 BGP labeled IPv4 prefix 2183 13 BGP labeled IPv6 prefix 2184 14 Generic IPv4 prefix 2185 15 Generic IPv6 prefix 2186 16 Nil FEC 2187 24 "FEC 128" Pseudowire - IPv6 2188 25 "FEC 129" Pseudowire - IPv6 2189 2 Downstream Mapping 2190 3 Pad 2191 4 Not Assigned 2192 5 Vendor Enterprise Number 2193 6 Not Assigned 2194 7 Interface and Label Stack 2195 8 Not Assigned 2196 9 Errored TLVs 2197 Any value The TLV not understood 2198 10 Reply TOS Byte 2200 7. Acknowledgements 2202 The original acknowledgements from RFC 4379 state the following: 2204 This document is the outcome of many discussions among many 2205 people, including Manoj Leelanivas, Paul Traina, Yakov Rekhter, 2206 Der-Hwa Gan, Brook Bailey, Eric Rosen, Ina Minei, Shivani 2207 Aggarwal, and Vanson Lim. 2209 The description of the Multipath Information sub-field of the 2210 Downstream Mapping TLV was adapted from text suggested by Curtis 2211 Villamizar. 2213 We would like to thank Loa Andersson for motivating the advancement 2214 of this bis specification. We also would like to thank Alexander 2215 Vainshtein for his review and comments. 2217 8. References 2219 8.1. Normative References 2221 [RFC1122] Braden, R., Ed., "Requirements for Internet Hosts - 2222 Communication Layers", STD 3, RFC 1122, 2223 DOI 10.17487/RFC1122, October 1989, 2224 . 2226 [RFC1812] Baker, F., Ed., "Requirements for IP Version 4 Routers", 2227 RFC 1812, DOI 10.17487/RFC1812, June 1995, 2228 . 2230 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 2231 Requirement Levels", BCP 14, RFC 2119, 2232 DOI 10.17487/RFC2119, March 1997, 2233 . 2235 [RFC3032] Rosen, E., Tappan, D., Fedorkow, G., Rekhter, Y., 2236 Farinacci, D., Li, T., and A. Conta, "MPLS Label Stack 2237 Encoding", RFC 3032, DOI 10.17487/RFC3032, January 2001, 2238 . 2240 [RFC4026] Andersson, L. and T. Madsen, "Provider Provisioned Virtual 2241 Private Network (VPN) Terminology", RFC 4026, 2242 DOI 10.17487/RFC4026, March 2005, 2243 . 2245 [RFC4271] Rekhter, Y., Ed., Li, T., Ed., and S. Hares, Ed., "A 2246 Border Gateway Protocol 4 (BGP-4)", RFC 4271, 2247 DOI 10.17487/RFC4271, January 2006, 2248 . 2250 [RFC4379] Kompella, K. and G. Swallow, "Detecting Multi-Protocol 2251 Label Switched (MPLS) Data Plane Failures", RFC 4379, 2252 DOI 10.17487/RFC4379, February 2006, 2253 . 2255 [RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an 2256 IANA Considerations Section in RFCs", BCP 26, RFC 5226, 2257 DOI 10.17487/RFC5226, May 2008, 2258 . 2260 [RFC5905] Mills, D., Martin, J., Ed., Burbank, J., and W. Kasch, 2261 "Network Time Protocol Version 4: Protocol and Algorithms 2262 Specification", RFC 5905, DOI 10.17487/RFC5905, June 2010, 2263 . 2265 8.2. Informative References 2267 [RFC0792] Postel, J., "Internet Control Message Protocol", STD 5, 2268 RFC 792, DOI 10.17487/RFC0792, September 1981, 2269 . 2271 [RFC3107] Rekhter, Y. and E. Rosen, "Carrying Label Information in 2272 BGP-4", RFC 3107, DOI 10.17487/RFC3107, May 2001, 2273 . 2275 [RFC3209] Awduche, D., Berger, L., Gan, D., Li, T., Srinivasan, V., 2276 and G. Swallow, "RSVP-TE: Extensions to RSVP for LSP 2277 Tunnels", RFC 3209, DOI 10.17487/RFC3209, December 2001, 2278 . 2280 [RFC4365] Rosen, E., "Applicability Statement for BGP/MPLS IP 2281 Virtual Private Networks (VPNs)", RFC 4365, 2282 DOI 10.17487/RFC4365, February 2006, 2283 . 2285 [RFC4447] Martini, L., Ed., Rosen, E., El-Aawar, N., Smith, T., and 2286 G. Heron, "Pseudowire Setup and Maintenance Using the 2287 Label Distribution Protocol (LDP)", RFC 4447, 2288 DOI 10.17487/RFC4447, April 2006, 2289 . 2291 [RFC4761] Kompella, K., Ed. and Y. Rekhter, Ed., "Virtual Private 2292 LAN Service (VPLS) Using BGP for Auto-Discovery and 2293 Signaling", RFC 4761, DOI 10.17487/RFC4761, January 2007, 2294 . 2296 [RFC5036] Andersson, L., Ed., Minei, I., Ed., and B. Thomas, Ed., 2297 "LDP Specification", RFC 5036, DOI 10.17487/RFC5036, 2298 October 2007, . 2300 [RFC5085] Nadeau, T., Ed. and C. Pignataro, Ed., "Pseudowire Virtual 2301 Circuit Connectivity Verification (VCCV): A Control 2302 Channel for Pseudowires", RFC 5085, DOI 10.17487/RFC5085, 2303 December 2007, . 2305 Authors' Addresses 2307 Carlos Pignataro 2308 Cisco Systems, Inc. 2310 Email: cpignata@cisco.com 2312 Nagendra Kumar 2313 Cisco Systems, Inc. 2315 Email: naikumar@cisco.com 2317 Sam Aldrin 2318 Google 2320 Email: aldrin.ietf@gmail.com 2322 Mach(Guoyi) Chen 2323 Huawei 2325 Email: mach.chen@huawei.com