draft-ietf-ospf-lls-03.txt   draft-ietf-ospf-lls-04.txt 
Network Working Group A. Zinin Network Working Group A. Zinin
Internet-Draft Alcatel Internet-Draft Alcatel
Intended status: Standards Track A. Roy Intended status: Standards Track A. Roy
Expires: January 31, 2008 L. Nguyen Expires: August 15, 2008 L. Nguyen
Cisco Systems Cisco Systems
B. Friedman B. Friedman
Redback Networks Redback Networks
D. Yeung D. Young
August 2007 February 12, 2008
OSPF Link-local Signaling OSPF Link-local Signaling
draft-ietf-ospf-lls-03.txt draft-ietf-ospf-lls-04.txt
Status of this Memo Status of this Memo
By submitting this Internet-Draft, each author represents that any By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79. aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
skipping to change at page 1, line 39 skipping to change at page 1, line 39
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on January 31, 2008. This Internet-Draft will expire on August 15, 2008.
Copyright Notice Copyright Notice
Copyright (C) The IETF Trust (2007). Copyright (C) The IETF Trust (2008).
Abstract Abstract
OSPF is a link-state intra-domain routing protocol. OSPF routers OSPF is a link-state intra-domain routing protocol. OSPF routers
exchange information on a link using packets that follow a well- exchange information on a link using packets that follow a well-
defined fixed format. The format is not flexible enough to enable defined fixed format. The format is not flexible enough to enable
new features which need to exchange arbitrary data. This memo new features which need to exchange arbitrary data. This document
describes a backward-compatible technique to perform link-local describes a backward-compatible technique to perform link-local
signaling, i.e., exchange arbitrary data on a link. signaling, i.e., exchange arbitrary data on a link.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Conventions Used In This Document . . . . . . . . . . . . 3 1.1. Requirements notation . . . . . . . . . . . . . . . . . . 3
2. Proposed solution . . . . . . . . . . . . . . . . . . . . . . 4 2. Proposed solution . . . . . . . . . . . . . . . . . . . . . . 4
2.1. Options Field . . . . . . . . . . . . . . . . . . . . . . 5 2.1. Options Field . . . . . . . . . . . . . . . . . . . . . . 5
2.2. LLS Data Block . . . . . . . . . . . . . . . . . . . . . . 5 2.2. LLS Data Block . . . . . . . . . . . . . . . . . . . . . . 5
2.3. LLS TLVs . . . . . . . . . . . . . . . . . . . . . . . . . 6 2.3. LLS TLVs . . . . . . . . . . . . . . . . . . . . . . . . . 6
2.4. Extended Options TLV . . . . . . . . . . . . . . . . . . . 6 2.4. Extended Options TLV . . . . . . . . . . . . . . . . . . . 6
2.5. Cryptographic Authentication TLV (OSPFv2 ONLY) . . . . . . 7 2.5. Cryptographic Authentication TLV (OSPFv2 ONLY) . . . . . . 7
3. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9 3. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9
4. Compatibility Issues . . . . . . . . . . . . . . . . . . . . . 10 4. Compatibility Issues . . . . . . . . . . . . . . . . . . . . . 10
5. Security Considerations . . . . . . . . . . . . . . . . . . . 11 5. Security Considerations . . . . . . . . . . . . . . . . . . . 11
6. References . . . . . . . . . . . . . . . . . . . . . . . . . . 12 6. References . . . . . . . . . . . . . . . . . . . . . . . . . . 12
skipping to change at page 3, line 23 skipping to change at page 3, line 23
information. Throughout this document, OSPF will be used when the information. Throughout this document, OSPF will be used when the
specification is applicable to both OSPFv2 and OSPFv3. Similarly, specification is applicable to both OSPFv2 and OSPFv3. Similarly,
OSPFv2 or OSPFv3 will be used when the text is protocol specific. OSPFv2 or OSPFv3 will be used when the text is protocol specific.
One potential way of solving this task could be introducing a new One potential way of solving this task could be introducing a new
packet type. However, that would mean introducing extra packets on packet type. However, that would mean introducing extra packets on
the network which may not be desirable and may cause backward the network which may not be desirable and may cause backward
compatibility issues. This document describes how to exchange data compatibility issues. This document describes how to exchange data
using standard OSPF packet types. using standard OSPF packet types.
1.1. Conventions Used In This Document 1.1. Requirements notation
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [KEY]. document are to be interpreted as described in [KEY].
2. Proposed solution 2. Proposed solution
To perform link-local signaling (LLS), OSPF routers add a special To perform link-local signaling (LLS), OSPF routers add a special
data block at the end of OSPF packets or right after the data block to the end of OSPF packets or right after the
authentication data block when cryptographic authentication is used. authentication data block when cryptographic authentication is used.
The length of the LLS block is not included into the length of OSPF The length of the LLS block is not included into the length of OSPF
packet, but is included in the IPv4/IPv6 packet length. Figure 1 packet, but is included in the IPv4/IPv6 packet length. Figure 1
illustrates how the LLS data block is attached. illustrates how the LLS data block is attached.
+---------------------+ -- -- +---------------------+ +---------------------+ -- -- +---------------------+
| IP Header | ^ ^ | IPv6 Header | | IP Header | ^ ^ | IPv6 Header |
| Length = HL+X+Y+Z | | Header Length | | Length = HL+X+Y | | Length = HL+X+Y+Z | | Header Length | | Length = HL+X+Y |
| | v v | | | | v v | |
+---------------------+ -- -- +---------------------+ +---------------------+ -- -- +---------------------+
skipping to change at page 4, line 37 skipping to change at page 4, line 37
| Authentication Data | | Y | Y | LLS Data | | Authentication Data | | Y | Y | LLS Data |
| | v v | | | | v v | |
+---------------------+ -- -- +---------------------+ +---------------------+ -- -- +---------------------+
| | ^ | | ^
| LLS Data | | Z | LLS Data | | Z
| | v | | v
+---------------------+ -- +---------------------+ --
Figure 1: LLS Data Block in OSPFv2 and OSPFv3 Figure 1: LLS Data Block in OSPFv2 and OSPFv3
The LLS data block MAY be attached to OSPF hello and DD packets. The The LLS data block MAY be attached to OSPF Hello and DD packets. The
data included in LLS block attached to a Hello packet MAY be used for data included in LLS block attached to a Hello packet MAY be used for
dynamic signaling, since Hello packets may be sent at any moment in dynamic signaling since Hello packets may be sent at any time in
time. However, delivery of LLS data in Hello packets is not time. However, delivery of LLS data in Hello packets is not
guaranteed. The data sent with DBD packets is guaranteed to be guaranteed. The data sent with DD packets is guaranteed to be
delivered as part of the adjacency forming process. delivered as part of the adjacency forming process.
This memo does not specify how the data transmitted by the LLS This document does not specify how the data transmitted by the LLS
mechanism should be interpreted by OSPF routers. The interface mechanism should be interpreted by OSPF routers. The interface
between OSPF LLS component and its clients is implementation between the OSPF LLS component and its clients is implementation
specific. specific.
2.1. Options Field 2.1. Options Field
A new bit, called L (L stands for LLS) is introduced to OSPF Options A new L bit (L stands for LLS) is introduced to OSPF Options field
field (see Figure 2a/2b). Routers set L bit in Hello and DBD packets (see Figure 2a/2b). Routers set the L bit in Hello and DD packets to
to indicate that the packet contains LLS data block. In other words, indicate that the packet contains LLS data block. In other words,
LLS data block is only examined if L bit is set. LLS data block is only examined if the L bit is set.
+---+---+---+---+---+---+---+---+ +---+---+---+---+---+---+---+---+
| * | O | DC| L |N/P| MC| E | * | | * | O | DC| L |N/P| MC| E | * |
+---+---+---+---+---+---+---+-+-+ +---+---+---+---+---+---+---+-+-+
Figure 2a: OSPFv2 Options field Figure 2a: OSPFv2 Options field
0 1 2 0 1 2
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+--+-+-+--+--+--+--+--+--+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+--+-+-+--+--+--+--+--+--+
| | | | | | | | | | | | | | |L|AF|*|*|DC| R| N|MC| E|V6| | | | | | | | | | | | | | | |L|AF|*|*|DC| R| N|MC| E|V6|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+--+-+-+--+--+--+--+--+--+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+--+-+-+--+--+--+--+--+--+
Figure 2b: OSPFv3 Options field Figure 2b: OSPFv3 Options field
The L-bit is only set in Hello and DBD packets. The L bit is only set in Hello and DD packets.
2.2. LLS Data Block 2.2. LLS Data Block
The data block used for link-local signaling is formatted as The data block used for link-local signaling is formatted as
described below (see Figure 3 for illustration). described below (see Figure 3 for illustration).
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Checksum | LLS Data Length | | Checksum | LLS Data Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | | |
| LLS TLVs | | LLS TLVs |
. . . .
. . . .
. . . .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 3: Format of LLS Data Block Figure 3: Format of LLS Data Block
The Checksum field contains the standard IP checksum of the entire The Checksum field contains the standard IP checksum for the entire
contents of the LLS block. contents of the LLS block.
The 16-bit LLS Data Length field contains the length (in 32-bit The 16-bit LLS Data Length field contains the length (in 32-bit
words) of the LLS block including the header and payload. words) of the LLS block including the header and payload.
Implementations MUST NOT use the Length field in the IP packet header Implementations MUST NOT use the Length field in the IP packet header
to determine the length of the LLS data block. to determine the length of the LLS data block.
Note that if the OSPF packet is cryptographically authenticated, the Note that if the OSPF packet is cryptographically authenticated, the
LLS data block MUST also be cryptographically authenticated. In this LLS data block MUST also be cryptographically authenticated. In this
case the regular LLS checksum is not calculated and the LLS block case, the regular LLS checksum is not calculated and the LLS block
will contain a cryptographic authentication TLV (see Section 2.5). will contain a cryptographic authentication TLV (see Section 2.5).
The rest of the block contains a set of Type/Length/Value (TLV) The rest of the block contains a set of Type/Length/Value (TLV)
triplets as described in Section 2.3. All TLVs MUST be 32-bit triplets as described in Section 2.3. All TLVs MUST be 32-bit
aligned (with padding if necessary). aligned (with padding if necessary).
2.3. LLS TLVs 2.3. LLS TLVs
The contents of LLS data block is constructed using TLVs. See Figure The contents of LLS data block is constructed using TLVs. See Figure
4 for the TLV format. 4 for the TLV format.
The type field contains the TLV ID which is unique for each type of The type field contains the TLV ID which is unique for each type of
TLVs. The Length field contains the length of the Value field (in TLVs. The Length field contains the length of the Value field (in
bytes) that is variable and contains arbitrary data. bytes). The value field is variable and contains arbitrary data.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | | Type | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | | |
. . . .
. Value . . Value .
. . . .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 4: Format of LLS TLVs Figure 4: Format of LLS TLVs
Note that TLVs are always padded to 32-bit boundary, but padding Note that TLVs are always padded to 32-bit boundary, but padding
bytes are not included in TLV Length field (though it is included in bytes are not included in TLV Length field (though they are included
the LLS Data Length field of the LLS block header). in the LLS Data Length field in the LLS block header).
2.4. Extended Options TLV 2.4. Extended Options TLV
This subsection describes a TLV called Extended Options (EO) TLV. This subsection describes a TLV called the Extended Options (EO) TLV.
The format of EO-TLV is shown in Figure 5. The format of EO-TLV is shown in Figure 5.
Bits in the Value field do not have any semantics from the point of Bits in the Value field do not have any semantics from the point of
view of LLS mechanism. This field MAY be used to announce some OSPF view of the LLS mechanism. This field MAY be used to announce some
capabilities that are link-specific. Also, other OSPF extensions MAY OSPF capabilities that are link-specific. Also, other OSPF
allocate bits in the bit vector to perform boolean link-local extensions MAY allocate bits in the bit vector to perform boolean
signaling. link-local signaling.
The length of the Value field in EO-TLV is 4 bytes. The length of the Value field in the EO-TLV is 4 bytes.
The value of the type field in EO-TLV is 1. The value of the type field in the EO-TLV is 1.
EO-TLV MUST only appear once in the LLS data block. The EO-TLV MUST only appear once in the LLS data block.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| 1 | 4 | | 1 | 4 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Extended Options | | Extended Options |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 5: Format of EO TLV Figure 5: Format of EO TLV
skipping to change at page 7, line 35 skipping to change at page 7, line 35
The Extended Options bits are defined in Section 3. The Extended Options bits are defined in Section 3.
2.5. Cryptographic Authentication TLV (OSPFv2 ONLY) 2.5. Cryptographic Authentication TLV (OSPFv2 ONLY)
This document defines a special TLV that is used for cryptographic This document defines a special TLV that is used for cryptographic
authentication (CA-TLV) of the LLS data block. This TLV MUST be authentication (CA-TLV) of the LLS data block. This TLV MUST be
included in the LLS block when the cryptographic (MD5) authentication included in the LLS block when the cryptographic (MD5) authentication
is enabled on the corresponding interface. The message digest of the is enabled on the corresponding interface. The message digest of the
LLS block MUST be calculated using the same key and authentication LLS block MUST be calculated using the same key and authentication
algorithm, as that used for the main OSPFv2 packet. The algorithm as used for the OSPFv2 packet. The cryptographic sequence
cryptographic sequence number is included in the TLV and MUST be the number is included in the TLV and MUST be the same as the one in the
same as the one in the main OSPFv2 packet for the LLS block to be OSPFv2 authentication data for the LLS block to be considered
considered authentic. authentic.
The TLV is constructed as shown Figure 6. The TLV is constructed as shown in Figure 6.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| 2 | AuthLen | | 2 | AuthLen |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Sequence number | | Sequence number |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | | |
. . . .
. AuthData . . AuthData .
. . . .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 6: Format of Cryptographic Authentication TLV Figure 6: Format of Cryptographic Authentication TLV
The value of the Type field for CA-TLV is 2. The value of the Type field for the CA-TLV is 2.
The Length field in the header contains the length of the data The Length field in the header contains the length of the data
portion of the TLV that includes 4 bytes for the Sequence Number and portion of the TLV including 4 bytes for Sequence Number and the
the length of the message digest (MD5) block for the whole LLS block length of the message digest (MD5) block for the whole LLS block in
in bytes (this will always be 16 bytes for MD5). So AuthLen field bytes (this will always be 16 bytes for MD5). Hence, the AuthLen
will have value of 20. field will be 20 for MD5 cryptographic authentication.
The Sequence Number field contains the cryptographic sequence number The Sequence Number field contains the cryptographic sequence number
that is used to prevent simple replay attacks. For the LLS block to that is used to prevent simple replay attacks. For the LLS block to
be considered authentic, the Sequence Number in the CA-TLV MUST match be considered authentic, the Sequence Number in the CA-TLV MUST match
the Sequence Number in the OSPFv2 packet. the Sequence Number in the OSPFv2 packet header Authentication field.
In the event of Sequence Number mismatch or Authentication failure,
the whole LLS block MUST be ignored.
The AuthData contains the message digest calculated for the LLS data The AuthData contains the message digest calculated for the LLS data
block. block.
The CA-TLV MUST only appear once in the the LLS block. Also, when The CA-TLV MUST only appear once in the the LLS block. Also, when
present, this TLV SHOULD be the last TLV in the LLS block. present, this TLV SHOULD be the last TLV in the LLS block.
3. IANA Considerations 3. IANA Considerations
LLS TLV types are maintained by the IANA. Extensions to OSPF which LLS TLV types are maintained by the IANA. Extensions to OSPF which
skipping to change at page 10, line 8 skipping to change at page 10, line 8
Extended Options Bit Name Reference Extended Options Bit Name Reference
0x00000001 LSDB Resynchronization (LR) [OOB] 0x00000001 LSDB Resynchronization (LR) [OOB]
0x00000002 Restart Signal (RS-bit) [RESTART] 0x00000002 Restart Signal (RS-bit) [RESTART]
Other Extended Options bits will be allocated through an IETF Other Extended Options bits will be allocated through an IETF
consensus action. consensus action.
4. Compatibility Issues 4. Compatibility Issues
The modifications to OSPF packet formats are compatible with standard The modifications to OSPF packet formats are compatible with standard
OSPF because LLS-incapable routers will not consider the extra data OSPF since OSPF router not supporting LLS will ignore the LLS data
after the packet; i.e., the LLS data block will be ignored by routers block after the OSPF packet or cryptographic message digest.
which do not support the LLS extension.
5. Security Considerations 5. Security Considerations
The described technique provides the same level of security as OSPF The described technique provides the same level of security as OSPFv2
protocol by allowing LLS data to be authenticated (see Section 2.5 protocol by allowing LLS data to be authenticated using the same
for more details). cryptographic authentication that OSPFv2 uses (see Section 2.5 for
more details).
OSPFv3 has IPSec authentication built in. There are AH/ESP OSPFv3 utilizes IPSec for authentication and encryption [OSPFV3AUTH].
techniques which operate on the whole OSPFv3 payload. So we do not With IPsec, the AH (Authentication Header), ESP (Encapsulating
need a separate cryptographic TLV for OSPFv3. Security Payload), or both are applied to the entire OSPFv3 payload
including the LLS block.
6. References 6. References
6.1. Normative References 6.1. Normative References
[IANA] Narten, T. and H. Alvestrand, "Guidelines for Writing an [IANA] Narten, T. and H. Alvestrand, "Guidelines for Writing an
IANA Considerations Section in RFCs", RFC 2334, IANA Considerations Section in RFCs", RFC 2334,
October 1998. October 1998.
[KEY] Bradner, S., "Key words for use in RFC's to Indicate [KEY] Bradner, S., "Key words for use in RFC's to Indicate
Requirement Levels", RFC 2119, March 1997. Requirement Levels", RFC 2119, March 1997.
[OSPFV2] Moy, J., "OSPF Version 2", RFC 2328, April 1998. [OSPFV2] Moy, J., "OSPF Version 2", RFC 2328, April 1998.
[OSPFV3] Coltun, R., Ferguson, D., and J. Moy, "OSPF for IPv6", [OSPFV3] Coltun, R., Ferguson, D., and J. Moy, "OSPF for IPv6",
RFC 2740, December 1999. RFC 2740, December 1999.
[OSPFV3AUTH]
Gupta, M. and N. Melam, "Authentication/Confidentiality
for OSPFv3", RFC 4552, June 2006.
6.2. Informative References 6.2. Informative References
[OOB] Zinin, A., Roy, A., and L. Nguyen, "OSPF Out-of-band LSDB [OOB] Zinin, A., Roy, A., and L. Nguyen, "OSPF Out-of-band LSDB
resynchronization", draft-nguyen-ospf-oob-resync-06.txt resynchronization", RFC 4811, March 2007.
(work in progress), October 2006.
[RESTART] Zinin, A., Roy, A., and L. Nguyen, "OSPF Restart [RESTART] Zinin, A., Roy, A., and L. Nguyen, "OSPF Restart
Signaling", draft-nguyen-ospf-restart-06.txt (work in Signaling", RFC 4812, March 2007.
progress), October 2006.
Appendix A. Acknowledgements Appendix A. Acknowledgements
The authors would like to acknowledge Russ White and Acee Lindem for The authors would like to acknowledge Russ White and Acee Lindem for
their thoughtful review of this document. their thoughtful review of this document.
Authors' Addresses Authors' Addresses
Alex Zinin Alex Zinin
Alcatel Alcatel
skipping to change at page 14, line 31 skipping to change at page 14, line 31
Liem Nguyen Liem Nguyen
Cisco Systems Cisco Systems
170 West Tasman Drive 170 West Tasman Drive
San Jose, CA 95134 San Jose, CA 95134
USA USA
Email: lhnguyen@cisco.com Email: lhnguyen@cisco.com
Barry Friedman Barry Friedman
300 Holger Way Redback Networks
100 Headquarters Drive
San Jose, CA 95134 San Jose, CA 95134
USA USA
Email: friedman@redback.com Email: friedman@redback.com
Derek Young Derek Young
Email: derekmyeung@yahoo.com Email: derekmyeung@yahoo.com
Full Copyright Statement Full Copyright Statement
Copyright (C) The IETF Trust (2007). Copyright (C) The IETF Trust (2008).
This document is subject to the rights, licenses and restrictions This document is subject to the rights, licenses and restrictions
contained in BCP 78, and except as set forth therein, the authors contained in BCP 78, and except as set forth therein, the authors
retain all their rights. retain all their rights.
This document and the information contained herein are provided on an This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
 End of changes. 40 change blocks. 
60 lines changed or deleted 67 lines changed or added

This html diff was produced by rfcdiff 1.34. The latest version is available from http://tools.ietf.org/tools/rfcdiff/