draft-ietf-mpls-mldp-recurs-fec-03.txt   draft-ietf-mpls-mldp-recurs-fec-04.txt 
MPLS Working Group IJsbrand Wijnands MPLS Working Group IJsbrand Wijnands
Internet Draft Eric C. Rosen Internet Draft Eric C. Rosen
Intended Status: Proposed Standard Cisco Systems, Inc. Intended Status: Proposed Standard Cisco Systems, Inc.
Expires: December 23, 2011 Expires: January 25, 2012
Maria Napierala Maria Napierala
AT&T AT&T
Nicolai Leymann Nicolai Leymann
Deutsche Telekom Deutsche Telekom
June 23, 2011 July 25, 2011
Using Multipoint LDP when the Backbone has no Route to the Root Using Multipoint LDP when the Backbone has no Route to the Root
draft-ietf-mpls-mldp-recurs-fec-03.txt draft-ietf-mpls-mldp-recurs-fec-04.txt
Abstract Abstract
The control protocol used for constructing Point-to-Multipoint and The control protocol used for constructing Point-to-Multipoint and
Multipoint-to-Multipoint Label Switched Paths ("MP LSPs") contains a Multipoint-to-Multipoint Label Switched Paths ("MP LSPs") contains a
field that identifies the address of a "root node". Intermediate field that identifies the address of a "root node". Intermediate
nodes are expected to be able to look up that address in their nodes are expected to be able to look up that address in their
routing tables. However, if the route to the root node is a BGP routing tables. However, if the route to the root node is a BGP
route, and the intermediate nodes are part of a BGP-free core, this route, and the intermediate nodes are part of a BGP-free core, this
is not possible. This document specifies procedures which enable a is not possible. This document specifies procedures which enable a
skipping to change at page 2, line 34 skipping to change at page 2, line 34
Table of Contents Table of Contents
1 Introduction .......................................... 3 1 Introduction .......................................... 3
2 The Recursive Opaque Value ............................ 5 2 The Recursive Opaque Value ............................ 5
2.1 Encoding .............................................. 5 2.1 Encoding .............................................. 5
2.2 Procedures ............................................ 5 2.2 Procedures ............................................ 5
3 The VPN-Recursive Opaque Value ........................ 6 3 The VPN-Recursive Opaque Value ........................ 6
3.1 Encoding .............................................. 6 3.1 Encoding .............................................. 6
3.2 Procedures ............................................ 7 3.2 Procedures ............................................ 7
3.2.1 Unsegmented Inter-AS P-tunnels ........................ 7 3.2.1 Non-segmented Inter-AS P-tunnels ...................... 7
3.2.2 Limited Carrier's Carrier Function .................... 9 3.2.2 Limited Carrier's Carrier Function .................... 9
4 IANA Considerations ................................... 10 4 IANA Considerations ................................... 10
5 Security Considerations ............................... 11 5 Security Considerations ............................... 11
6 Acknowledgments ....................................... 11 6 Acknowledgments ....................................... 11
7 Authors' Addresses .................................... 11 7 Authors' Addresses .................................... 11
8 Normative References .................................. 12 8 Normative References .................................. 12
9 Informative References ................................ 12 9 Informative References ................................ 12
1. Introduction 1. Introduction
skipping to change at page 7, line 33 skipping to change at page 7, line 33
The value field of the "VPN-Recursive Opaque Value" consists of an The value field of the "VPN-Recursive Opaque Value" consists of an
eight-octet Route Distinguisher (RD), followed by a P2MP or MP2MP FEC eight-octet Route Distinguisher (RD), followed by a P2MP or MP2MP FEC
element, encoded exactly as specified in [mLDP], with a type field, a element, encoded exactly as specified in [mLDP], with a type field, a
length field, and value field of is own. The length of the VPN- length field, and value field of is own. The length of the VPN-
Recursive Opaque Value thus includes the 8 octets of RD plus the Recursive Opaque Value thus includes the 8 octets of RD plus the
lengths of the type, length, and values fields of the contained FEC lengths of the type, length, and values fields of the contained FEC
element. element.
3.2. Procedures 3.2. Procedures
3.2.1. Unsegmented Inter-AS P-tunnels 3.2.1. Non-segmented Inter-AS P-tunnels
Consider the Inter-AS VPN scenario depicted in Figure 5. Consider the Inter-AS VPN scenario depicted in Figure 5.
PE1 --- P1 ---- ASBR1 ... ASBR2 ---- P2 ---- PE2 PE1 --- P1 ---- ASBR1 ... ASBR2 ---- P2 ---- PE2
Figure 5 Figure 5
Suppose this is an "option B" VPN interconnect ([VPN] section 10). Suppose this is an "option B" VPN interconnect ([VPN] section 10).
This means that the Autonomous System Border Router (ASBR) in the This means that the Autonomous System Border Router (ASBR) in the
first Autonomous System (i.e., ASBR1) does not have a route to PE first Autonomous System (i.e., ASBR1) does not have a route to PE
routers in other ASes (such as PE2). Suppose also that the MVPN routers in other ASes (such as PE2). Suppose also that the MVPN
policy is to instantiate PMSIs [MVPN] using mLDP, and that policy is to instantiate PMSIs [MVPN] using mLDP, and that
"unsegmented inter-AS P-tunnels" [MVPN] are being used. "non-segmented inter-AS P-tunnels" [MVPN] are being used.
In this scenario, PE1 may need to join a P2MP or MP2MP LSP whose root In this scenario, PE1 may need to join a P2MP or MP2MP LSP whose root
is PE2. P1 has no route to PE2, and all PE1 knows about the route to is PE2. P1 has no route to PE2, and all PE1 knows about the route to
PE2 is that ASBR1 is the BGP next hop. Since P1 has no root to PE2, PE2 is that ASBR1 is the BGP next hop. Since P1 has no root to PE2,
PE1 needs to originate an mLDP message with a FEC element that PE1 needs to originate an mLDP message with a FEC element that
identifies ASBR1 as the root. This FEC element must contain enough identifies ASBR1 as the root. This FEC element must contain enough
information to enable ASBR1 to find the next hop towards PE2 even information to enable ASBR1 to find the next hop towards PE2 even
though ASBR1 does not have a route to PE2. though ASBR1 does not have a route to PE2.
Although ASBR1 does not have a route to PE2, it does have a BGP Although ASBR1 does not have a route to PE2, it does have a BGP
Intra-AS I-PMSI A-D route [MVPN] whose NLRI contains PE2's IP address Intra-AS I-PMSI A-D route [MVPN] whose NLRI contains PE2's IP address
together with a particular RD. PE1 also has this Inter-AS I-PMSI A-D together with a particular RD. PE1 also has this Inter-AS I-PMSI A-D
route. The LSP needs to be set up along the path established by the route. The LSP needs to be set up along the path established by the
Intra-AS I-PMSI A-D routes. Therefore one must use a Recursive FEC Intra-AS I-PMSI A-D routes. Therefore one must use a Recursive FEC
element that contains the RD as well as the as well as the address of element that contains the RD as well as the as well as the address of
PE2. The "VPN-Recursive FEC Element" defined herein is used for this PE2. The "VPN-Recursive FEC Element" defined herein is used for this
purpose. purpose.
This enables us to provide the same functionality, for mLDP P-tunnels This enables us to provide the same functionality, for mLDP P-tunnels
that is provided for PIM P-tunnels in section 8.1.3.2 of [MVPN] that is provided for PIM P-tunnels in section 8.1.3.2 of [MVPN]
though the use of the MVPN Join Attribute. through the use of the MVPN Join Attribute.
At PE1 in Figure 4, the LSP to be created is associated with a At PE1 in Figure 4, the LSP to be created is associated with a
particular VPN Routing/Forwarding Table (VRF). PE1 looks up in that particular VPN Routing/Forwarding Table (VRF). PE1 looks up in that
VRF the Intra-AS I-PMSI A-D route originated by PE2. It finds that VRF the Intra-AS I-PMSI A-D route originated by PE2. It finds that
the BGP next hop of that route is ASBR1. So it creates a P2MP or the BGP next hop of that route is ASBR1. So it creates a P2MP or
MP2MP FEC element whose root is ASBR1, and whose opaque value is a MP2MP FEC element whose root is ASBR1, and whose opaque value is a
VPN-Recursive FEC element. The VPN-Recursive FEC element itself VPN-Recursive FEC element. The VPN-Recursive FEC element itself
consists of a root, an RD, and an opaque value, set as follows: consists of a root, an RD, and an opaque value, set as follows:
- The root is PE2 - The root is PE2
skipping to change at page 10, line 17 skipping to change at page 10, line 17
being sent on to CE2, and presumably further from CE2 to R. being sent on to CE2, and presumably further from CE2 to R.
In this scenario, the RD in the VPN-Recursive Opaque Value also In this scenario, the RD in the VPN-Recursive Opaque Value also
ensures uniqueness of the FEC Element within the inner carrier's ensures uniqueness of the FEC Element within the inner carrier's
network. network.
This way of providing Carrier's Carrier service has limited This way of providing Carrier's Carrier service has limited
applicability, as it only works under the following conditions: applicability, as it only works under the following conditions:
- Both the inner carrier and the outer carrier are using - Both the inner carrier and the outer carrier are using
unsegmented mLDP P-tunnels non-segmented mLDP P-tunnels
- The inner carrier is not aggregating the P-tunnels of the outer - The inner carrier is not aggregating the P-tunnels of the outer
carrier, but is content to carry each such P-tunnel in a single carrier, but is content to carry each such P-tunnel in a single
P-tunnel of its own. P-tunnel of its own.
The carrier's carrier scenario can be distinguished from the inter-AS The carrier's carrier scenario can be distinguished from the inter-AS
scenario by the fact that in the former, the mLDP messages are being scenario by the fact that in the former, the mLDP messages are being
exchanged on VRF interfaces. exchanged on VRF interfaces.
4. IANA Considerations 4. IANA Considerations
[mLDP] defines a registry for "The LDP MP Opaque Value Element Basic [mLDP] defines a registry for "The LDP MP Opaque Value Element Basic
Type". This document requires the assignment of two new code points Type". This document requires the assignment of two new code points
in this registry: in this registry:
- Recursive Opaque Value: Type TBD (requested value: 6) - Recursive Opaque Value: Type TBD (requested value: 7)
An opaque value of this type is itself a TLV that encodes an mLDP An opaque value of this type is itself a TLV that encodes an mLDP
FEC type, as defined in [mLDP]. FEC type, as defined in [mLDP].
- VPN-Recursive Opaque Value: Type TBD (requested value: 7) - VPN-Recursive Opaque Value: Type TBD (requested value: 8)
An opaque value of this type consists of an eight-octet Route An opaque value of this type consists of an eight-octet Route
Distinguisher as defined in [VPN], followed by a TLV that encodes Distinguisher as defined in [VPN], followed by a TLV that encodes
an mLDP FEC type, as defined in [mLDP]. an mLDP FEC type, as defined in [mLDP].
5. Security Considerations 5. Security Considerations
The security considerations of [LDP] and [mLDP] apply. The security considerations of [LDP] and [mLDP] apply.
Unauthorized modification of the FEC elements defined in this Unauthorized modification of the FEC elements defined in this
document can disrupt the creation of the multipoint LSPs, or can document can disrupt the creation of the multipoint LSPs, or can
cause he multipoint LSPs to pass through parts of the network where cause the multipoint LSPs to pass through parts of the network where
they are not supposed to go. This could potentially be used as part they are not supposed to go. This could potentially be used as part
of an attack to illegitimately insert or intercept multicast traffic. of an attack to illegitimately insert or intercept multicast traffic.
However, since the FEC elements defined in this document are not However, since the FEC elements defined in this document are not
inherently more vulnerable to this form of attack than are the inherently more vulnerable to this form of attack than are the
previously defined FEC elements, this document does not add new previously defined FEC elements, this document does not add new
security vulnerabilities. security vulnerabilities.
A description of general security issues for MPLS can be found in A description of general security issues for MPLS can be found in
[RFC5920]. [RFC5920].
 End of changes. 11 change blocks. 
11 lines changed or deleted 11 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/