draft-ietf-mpls-ldp-ipv6-01.txt   draft-ietf-mpls-ldp-ipv6-02.txt 
MPLS Working Group Vishwas Manral MPLS Working Group Vishwas Manral
Internet Draft IPInfusion Inc. Internet Draft IPInfusion Inc.
Intended status: Standards Track (updates RFC5036) Intended status: Standards Track (updates RFC5036)
Expires: April 2011 Rajiv Papneja Expires: September 2011 Rajiv Papneja
Isocore Isocore
Rajiv Asati Rajiv Asati
Cisco Systems Cisco Systems
March 13, 2011 Carlos Pignataro
Cisco Systems
March 28, 2011
Updates to LDP for IPv6 Updates to LDP for IPv6
draft-ietf-mpls-ldp-ipv6-01 draft-ietf-mpls-ldp-ipv6-02
Status of this Memo Status of this Memo
This Internet-Draft is submitted to IETF in full conformance with This Internet-Draft is submitted to IETF in full conformance with
the provisions of BCP 78 and BCP 79. the provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet- other groups may also distribute working documents as Internet-
Drafts. Drafts.
skipping to change at page 1, line 37 skipping to change at page 1, line 40
months and may be updated, replaced, or obsoleted by other documents months and may be updated, replaced, or obsoleted by other documents
at any time. It is inappropriate to use Internet-Drafts as at any time. It is inappropriate to use Internet-Drafts as
reference material or to cite them other than as "work in progress." reference material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html http://www.ietf.org/shadow.html
This Internet-Draft will expire on April 13, 2010. This Internet-Draft will expire on September 28, 2011.
Copyright Notice Copyright Notice
Copyright (c) 2010 IETF Trust and the persons identified as the Copyright (c) 2011 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with carefully, as they describe your rights and restrictions with
respect to this document. Code Components extracted from this respect to this document. Code Components extracted from this
document must include Simplified BSD License text as described in document must include Simplified BSD License text as described in
Section 4.e of the Trust Legal Provisions and are provided without Section 4.e of the Trust Legal Provisions and are provided without
warranty as described in the BSD License. warranty as described in the BSD License.
Abstract Abstract
The Label Distribution Protocol (LDP) specification defines The Label Distribution Protocol (LDP) specification defines
procedures to exchange label bindings over either IPv4 or IPv6 or procedures to exchange label bindings over either IPv4, IPv6 or both
both networks. This document corrects and clarifies the LDP behavior networks. This document corrects and clarifies the LDP behavior when
when IPv6 network is used. IPv6 network is used.
Table of Contents Table of Contents
1. Introduction...................................................3 1. Introduction...................................................3
1.1. Topology Scenarios........................................3 1.1. Topology Scenarios........................................4
2. Specification Language.........................................4 2. Specification Language.........................................5
3. LSP Mapping....................................................5 3. LSP Mapping....................................................5
4. LDP Identifiers................................................6 4. LDP Identifiers................................................6
5. Peer Discovery.................................................6 5. Peer Discovery.................................................7
5.1. Basic Discovery Mechanism.................................6 5.1. Basic Discovery Mechanism.................................7
5.2. Extended Discovery Mechanism..............................7 5.2. Extended Discovery Mechanism..............................8
6. LDP Session Establishment and Maintenance......................7 6. LDP Session Establishment and Maintenance......................8
6.1. Transport connection establishment........................7 6.1. Transport connection establishment........................8
6.2. Maintaining Hello Adjacencies.............................9 6.2. Maintaining Hello Adjacencies............................10
6.3. Maintaining LDP Sessions..................................9 6.3. Maintaining LDP Sessions.................................10
7. Label Distribution.............................................9 7. Label Distribution............................................10
8. IANA Considerations...........................................10 8. IANA Considerations...........................................11
9. Security Considerations.......................................10 9. Security Considerations.......................................11
10. Acknowledgments..............................................10 10. Acknowledgments..............................................11
11. References...................................................11 11. References...................................................12
11.1. Normative References....................................11 11.1. Normative References....................................12
11.2. Informative References..................................11 11.2. Informative References..................................12
Author's Addresses...............................................12 Author's Addresses...............................................13
1. Introduction 1. Introduction
The LDP [RFC5036] specification defines procedures and messages for The LDP [RFC5036] specification defines procedures and messages for
exchanging label bindings over either IPv4 or IPv6 or both (e.g. exchanging FEC-label bindings over either IPv4 or IPv6 or both (e.g.
dual-stack) networks. dual-stack) networks.
However, RFC5036 specification has the following deficiencies in However, RFC5036 specification has the following deficiencies in
regards to IPv6 usage: regards to IPv6 usage:
1) LSP mapping: No rule defined for mapping a particular packet to a 1) LSP mapping: No rule defined for mapping a particular packet to a
particular LSP that has an Address Prefix FEC element containing particular LSP that has an Address Prefix FEC element containing
IPv6 address of the egress router IPv6 address of the egress router
2) LDP identifier: No details specific to IPv6 usage 2) LDP identifier: No details specific to IPv6 usage
3) LDP discovery: No details for using a particular IPv6 multicast 3) LDP discovery: No details for using a particular IPv6 multicast
address (with or without IPv4 co-existence) address (with or without IPv4 co-existence)
4) LDP Session establishment: No rule for handling both IPv4 and 4) LDP Session establishment: No rule for handling both IPv4 and
IPv6 transport address optional objects in a Hello message, and IPv6 transport address optional objects in a Hello message, and
subsequently two IPv4 and IPv6 transport connections. subsequently two IPv4 and IPv6 transport connections.
5) LDP Label exchange: No rule for advertising IPv4 or/and IPv6 5) LDP Label exchange: No rule for advertising IPv4 or/and IPv6 FEC-
label bindings over an LDP session label bindings over an LDP session
6) LDP TTL security: No rule for built-in Generalized TTL Security
Mechanism (GTSM) in LDP
This document addresses the above deficiencies by specifying the This document addresses the above deficiencies by specifying the
desired behavior/rules/details. It also clarifies the topology desired behavior/rules/details. It also clarifies the topology
scenarios in section 1.1. scenarios in section 1.1.
Note that this document updates RFC5036. Note that this document updates RFC5036.
1.1. Topology Scenarios 1.1. Topology Scenarios
The following scenarios in which the LSRs may be inter-connected via The following scenarios in which the LSRs may be inter-connected via
one or more dual-stack interfaces (figure 1), or two or more single- one or more dual-stack interfaces (figure 1), or two or more single-
skipping to change at page 6, line 9 skipping to change at page 6, line 13
applicable to 'Typed WildCard prefix FEC' [RFC5918]. applicable to 'Typed WildCard prefix FEC' [RFC5918].
Additionally, it is desirable that a packet is forwarded to an LSP Additionally, it is desirable that a packet is forwarded to an LSP
of an egress router, only if LSP's address-family matches with that of an egress router, only if LSP's address-family matches with that
of the LDP hello adjacency on the next-hop interface. of the LDP hello adjacency on the next-hop interface.
4. LDP Identifiers 4. LDP Identifiers
Section 2.2.2 of [RFC5036] specifies formulating at least one LDP Section 2.2.2 of [RFC5036] specifies formulating at least one LDP
Identifier, however, it doesn't provide any consideration in case of Identifier, however, it doesn't provide any consideration in case of
IPv6 (with or without dual-stacking). IPv6 (with or without dual-stacking). Additionally, section 2.5.2 of
[RFC5036] prohibits using the same label space for IPv4 and IPv6
transports as well as FEC-label bindings.
This document preserves the usage of 32-bit LSR Id on an IPv6 only The first four octets of the LDP identifier, the 32-bit LSR Id,
LSR and allows the usage of a common LDP identifier i.e. same LSR-Id identify the LSR and is a globally unique value. This is regardless
and same Label space id for IPv4 and IPv6 on a dual-stack LSR. This of the address family used for the LDP session. In other words, this
rightly enables the per-platform label space to be shared between document preserves the usage of 32-bit LSR Id on an IPv6 only LSR.
IPv4 and IPv6.
Editor's note: The possible conflict with last paragraph of Please note that 32-bit LSR Id value would not map to any IPv4-
section 2.5.2 of RFC5036 needs to be addressed or clarified. address in an IPv6 only LSR (i.e., single stack), nor would there
be an expectation of it being DNS-resolvable. In IPv4 deployments,
the LSR Id is typically derived from an IPv4 address, generally
assigned to a loopback interface. In IPv6 only deployments, this
32-bit LSR Id must be derived by some other means that guarantees
global uniqueness.
Additionally, this document reserves 0.0.0.0 as the LSR-Id, and The first sentence of last paragraph of Section 2.5.2 of [RFC5036]
prohibits its usage. is qualified per address family and therefore updated to the
following: "For a given address family over which a Hello is sent,
and a given label space, an LSR MUST advertise the same transport
address." This rightly enables the per-platform label space to be
shared between IPv4 and IPv6.
In summary, this document not only allows the usage of a common LDP
identifier i.e. same LSR-Id, but also the common Label space id for
both IPv4 and IPv6 on a dual-stack LSR.
This document reserves 0.0.0.0 as the LSR-Id, and prohibits its
usage.
5. Peer Discovery 5. Peer Discovery
5.1. Basic Discovery Mechanism 5.1. Basic Discovery Mechanism
Section 2.4.1 of [RFC5036] defines the Basic Discovery mechanism for Section 2.4.1 of [RFC5036] defines the Basic Discovery mechanism for
directly connected LSRs. Following this mechanism, LSRs periodically directly connected LSRs. Following this mechanism, LSRs periodically
sends LDP Link Hellos destined to "all routers on this subnet" group sends LDP Link Hellos destined to "all routers on this subnet" group
multicast IP address. multicast IP address.
skipping to change at page 7, line 4 skipping to change at page 7, line 30
FF05:0:0:0:0:0:0:2 = Site-local scope FF05:0:0:0:0:0:0:2 = Site-local scope
[RFC5036] does not specify which particular IPv6 'all routers on [RFC5036] does not specify which particular IPv6 'all routers on
this subnet' group multicast IP address should be used by LDP Link this subnet' group multicast IP address should be used by LDP Link
Hellos. Hellos.
This document specifies the usage of link-local scope e.g. This document specifies the usage of link-local scope e.g.
FF02:0:0:0:0:0:0:2 as the destination multicast IP address for IPv6 FF02:0:0:0:0:0:0:2 as the destination multicast IP address for IPv6
LDP Link Hellos. An LDP Hello packet received on any of the other LDP Link Hellos. An LDP Hello packet received on any of the other
addresses should be dropped. Also, the LDP Link Hello packets must addresses must be dropped.
have their IPv6 Hop Limit set to 1.
Also, the LDP Link Hello packets must have their IPv6 Hop Limit set
to 255, and be checked for the same upon receipt before any further
processing, as specified in Generalized TTL Security Mechanism
(GTSM)[RFC5082]. The built-in inclusion of GTSM automatically
protects IPv6 LDP from off-link attacks.
More importantly, if an interface is a dual-stack LDP interface More importantly, if an interface is a dual-stack LDP interface
(e.g. enabled with both IPv4 and IPv6 LDP), then the LSR must (e.g. enabled with both IPv4 and IPv6 LDP), then the LSR must
periodically send both IPv4 and IPv6 LDP Link Hellos (using the same periodically send both IPv4 and IPv6 LDP Link Hellos (using the same
LDP Identifier per section 4) and must separately maintain the Hello LDP Identifier per section 4) and must separately maintain the Hello
adjacency for IPv4 and IPv6 on that interface. adjacency for IPv4 and IPv6 on that interface.
Needless to say, the IPv4 and IPv6 LDP Link Hellos must carry the Needless to say, the IPv4 and IPv6 LDP Link Hellos must carry the
same LDP identifier (assuming per-platform label space usage). same LDP identifier (assuming per-platform label space usage).
skipping to change at page 8, line 39 skipping to change at page 9, line 25
that only one transport connection should be established, even that only one transport connection should be established, even
if there are two Hello adjacencies (one for IPv4 and another if there are two Hello adjacencies (one for IPv4 and another
for IPv6). This is independent of whether the Hello Adjacencies for IPv6). This is independent of whether the Hello Adjacencies
are created over a single interface (scenarios 1 in section are created over a single interface (scenarios 1 in section
1.1) or multiple interfaces (scenario 2 in section 1.1). 1.1) or multiple interfaces (scenario 2 in section 1.1).
- An LSR should prefer the LDP/TCP connection over IPv6 for a new - An LSR should prefer the LDP/TCP connection over IPv6 for a new
LDP session with a remote LSR, if it has both IPv4 and IPv6 LDP session with a remote LSR, if it has both IPv4 and IPv6
hello adjacencies for the same LDP Identifier (over a dual- hello adjacencies for the same LDP Identifier (over a dual-
stack interface, or two or more single-stack IPv4 and IPv6 stack interface, or two or more single-stack IPv4 and IPv6
interfaces). interfaces). This applies to the section 2.5.2 of RFC5036.
- An LSR should prefer the LDP/TCP connection over IPv6 for a new - An LSR should prefer the LDP/TCP connection over IPv6 for a new
LDP session with a remote LSR, if they attempted two TCP LDP session with a remote LSR, if they attempted two TCP
connections using IPv4 and IPv6 transports simultaneously. connections using IPv4 and IPv6 transports simultaneously.
This document allows an implementation to provide a configuration to This document allows an implementation to provide a configuration to
override the above stated preference from IPv6 to IPv4. Suffice to override the above stated preference from IPv6 to IPv4 on a per-peer
say that, such preference must be set on both LSRs, whether on a basis. Suffice to say that, such preference must be set on both
per-peer granularity or not. LSRs.
This document also specifies that the LDP/TCP transport connection
over IPv6 must follow the GTSM procedures (Section 3 of [RFC5082])
by default, if the LDP/TCP transport connection is being established
between the adjacent LSRs (using Basic Discovery, as described in
section 5.1). This means that the IP Hop Limit field is set to 255
upon sending, and checked to be 255 upon receipt. The built-in
inclusion of GTSM automatically protects IPv6 LDP peering session
from off-link attacks.
6.2. Maintaining Hello Adjacencies 6.2. Maintaining Hello Adjacencies
As outlined in section 2.5.5 of RFC5036, this draft suggests that if As outlined in section 2.5.5 of RFC5036, this draft suggests that if
an LSR has a dual-stack interface, which is enabled with both IPv4 an LSR has a dual-stack interface, which is enabled with both IPv4
and IPv6 LDP, then the LSR must periodically send both IPv4 and IPv6 and IPv6 LDP, then the LSR must periodically send both IPv4 and IPv6
LDP Link Hellos and must separately maintain the Hello adjacency for LDP Link Hellos and must separately maintain the Hello adjacency for
IPv4 and IPv6 on that interface. IPv4 and IPv6 on that interface.
This ensures successful labeled IPv4 and labeled IPv6 traffic This ensures successful labeled IPv4 and labeled IPv6 traffic
skipping to change at page 10, line 16 skipping to change at page 11, line 12
to a peer over an IPv4 LDP session, if no IPv6 Hello Adjacency to a peer over an IPv4 LDP session, if no IPv6 Hello Adjacency
existed for that peer (and vice versa). existed for that peer (and vice versa).
8. IANA Considerations 8. IANA Considerations
None. None.
9. Security Considerations 9. Security Considerations
The extensions defined in this document only clarify the behavior of The extensions defined in this document only clarify the behavior of
LDP, they do not define any new protocol procedures. All the LDP, they do not define any new protocol procedures. Hence, this
security issues relevant for the [RFC5036] are relevant for this document does not add any new security issues to LDP.
document as well.
While the security issues relevant for the [RFC5036] are relevant
for this document as well, this document reduces the chances of off-
link attacks when using IPv6 transport connection by including the
use of GTSM procedures [RFC5082].
Moreover, this document allows the use of IPsec [RFC4301] for IPv6 Moreover, this document allows the use of IPsec [RFC4301] for IPv6
protection, hence, LDP can benefit from the additional security as protection, hence, LDP can benefit from the additional security as
specified in [RFC4835]. specified in [RFC4835] as well as [RFC5920].
10. Acknowledgments 10. Acknowledgments
A lot of the text in this document is borrowed from [RFC5036]. The We acknowledge the authors of [RFC5036], since a lot of the text in
authors of the document are acknowledged. The authors also this document is borrowed from [RFC5036].
aknowledge the help of Manoj Dutta and Vividh Siddha. Thanks to Bob
Thomas for providing critical feedback to improve this document Thanks to Bob Thomas for providing critical feedback to improve this
early on. Thanks to Kamran Raza, Eric Rosen, Lizhong Jin, Bin Mo, document early on. Thanks to Kamran Raza, Eric Rosen, Lizhong Jin,
Mach Chen, Kishore Tiruveedhula for reviewing this document. Bin Mo, Mach Chen, and Kishore Tiruveedhula for reviewing this
document. The authors also aknowledge the help of Manoj Dutta and
Vividh Siddha.
This document was prepared using 2-Word-v2.0.template.dot. This document was prepared using 2-Word-v2.0.template.dot.
11. References 11. References
11.1. Normative References 11.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997. Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC5036] Andersson, L., Minei, I., and Thomas, B., "LDP [RFC5036] Andersson, L., Minei, I., and Thomas, B., "LDP
Specification", RFC 5036, October 2007. Specification", RFC 5036, October 2007.
[RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6
(IPv6) Specification", RFC 2460, December 1998.
[RFC4291] Hinden, R. and S. Deering, "Internet Protocol Version 6 [RFC4291] Hinden, R. and S. Deering, "Internet Protocol Version 6
(IPv6) Addressing Architecture", RFC 3513, April 2003. (IPv6) Addressing Architecture", RFC 3513, April 2003.
[RFC5082] Pignataro, C., Gill, V., Heasley, J., Meyer, D., and
Savola, P., "The Generalized TTL Security Mechanism
(GTSM)", RFC 3513, April 2003.
11.2. Informative References 11.2. Informative References
[RFC4301] Kent, S. and K. Seo, "Security Architecture and Internet [RFC4301] Kent, S. and K. Seo, "Security Architecture and Internet
Protocol", RFC 4301, December 2005. Protocol", RFC 4301, December 2005.
[RFC4853] Manral, V., "Cryptographic Algorithm Implementation
Requirements for Encapsulating Security Payload (ESP) and
Authentication Header (AH)", RFC 4835, April 2007.
[RFC5918] Asati, R. Minei, I., and Thomas, B., "Label Distribution [RFC5918] Asati, R. Minei, I., and Thomas, B., "Label Distribution
Protocol (LDP) 'Typed Wildcard' Forward Equivalence Class Protocol (LDP) 'Typed Wildcard' Forward Equivalence Class
(FEC)", RFC 5918, April 2010. (FEC)", RFC 5918, April 2010.
[IANA-IPv6] http://www.iana.org/assignments/ipv6-address-space. [RFC5920] Fang, L., "Security Framework for MPLS and GMPLS
Networks", RFC 5920, July 2010.
Author's Addresses Author's Addresses
Vishwas Manral Vishwas Manral
IP Infusion Inc., IP Infusion Inc.,
Bamankhola, Bansgali, 1188 E. Arques Ave,
Almora, Uttarakhand 263601 Sunnyvale, CA, 94089
Email: vishwas@ipinfusion.com Email: vishwas@ipinfusion.com
Rajiv Papneja Rajiv Papneja
ISOCORE ISOCORE
12359 Sunrise Valley Dr, STE 100 12359 Sunrise Valley Dr, STE 100
Reston, VA 20190 Reston, VA 20190
Email: rpapneja@isocore.com Email: rpapneja@isocore.com
Rajiv Asati Rajiv Asati
Cisco Systems, Cisco Systems,
7025 Kit Creek Rd, RTP, NC, 27709-4987 7025 Kit Creek Rd, RTP, NC, 27709-4987
Email: rajiva@cisco.com Email: rajiva@cisco.com
Carlos Pignataro
Cisco Systems,
7025 Kit Creek Rd, RTP, NC, 27709-4987
Email: rajiva@cisco.com
 End of changes. 27 change blocks. 
63 lines changed or deleted 104 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/