draft-ietf-teas-rsvp-ingress-protection-16.txt   draft-ietf-teas-rsvp-ingress-protection-17.txt 
Internet Engineering Task Force H. Chen, Ed. Internet Engineering Task Force H. Chen, Ed.
Internet-Draft Huawei Technologies Internet-Draft Huawei Technologies
Intended status: Experimental R. Torvi, Ed. Intended status: Experimental R. Torvi, Ed.
Expires: September 2, 2018 Juniper Networks Expires: September 19, 2018 Juniper Networks
March 1, 2018 March 18, 2018
Extensions to RSVP-TE for LSP Ingress FRR Protection Extensions to RSVP-TE for LSP Ingress FRR Protection
draft-ietf-teas-rsvp-ingress-protection-16.txt draft-ietf-teas-rsvp-ingress-protection-17.txt
Abstract Abstract
This document describes extensions to Resource Reservation Protocol - This document describes extensions to Resource Reservation Protocol -
Traffic Engineering (RSVP-TE) for locally protecting the ingress node Traffic Engineering (RSVP-TE) for locally protecting the ingress node
of a Point-to-Point (P2P) or Point-to-Multipoint (P2MP) Traffic of a Point-to-Point (P2P) or Point-to-Multipoint (P2MP) Traffic
Engineered (TE) Label Switched Path (LSP). It extends the fast- Engineered (TE) Label Switched Path (LSP). It extends the fast-
reroute (FRR) protection for transit nodes of an LSP to the ingress reroute (FRR) protection for transit nodes of an LSP to the ingress
node of the LSP. The procedures described in this document are node of the LSP. The procedures described in this document are
experimental. experimental.
skipping to change at page 1, line 37 skipping to change at page 1, line 37
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on September 2, 2018. This Internet-Draft will expire on September 19, 2018.
Copyright Notice Copyright Notice
Copyright (c) 2018 IETF Trust and the persons identified as the Copyright (c) 2018 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 13 skipping to change at page 2, line 13
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Ingress Local Protection Example . . . . . . . . . . . . . 4 1.1. Ingress Local Protection Example . . . . . . . . . . . . . 4
1.2. Ingress Local Protection Overview . . . . . . . . . . . . 5 1.2. Ingress Local Protection Overview . . . . . . . . . . . . 5
2. Ingress Failure Detection . . . . . . . . . . . . . . . . . . 5 2. Ingress Failure Detection . . . . . . . . . . . . . . . . . . 6
2.1. Source Detects Failure . . . . . . . . . . . . . . . . . . 6 2.1. Source Detects Failure . . . . . . . . . . . . . . . . . . 6
2.2. Backup and Source Detect Failure . . . . . . . . . . . . . 6 2.2. Backup and Source Detect Failure . . . . . . . . . . . . . 7
3. Backup Forwarding State . . . . . . . . . . . . . . . . . . . 7 3. Backup Forwarding State . . . . . . . . . . . . . . . . . . . 7
3.1. Forwarding State for Backup LSP . . . . . . . . . . . . . 7 3.1. Forwarding State for Backup LSP . . . . . . . . . . . . . 8
4. Protocol Extensions . . . . . . . . . . . . . . . . . . . . . 8 4. Protocol Extensions . . . . . . . . . . . . . . . . . . . . . 8
4.1. INGRESS_PROTECTION Object . . . . . . . . . . . . . . . . 8 4.1. INGRESS_PROTECTION Object . . . . . . . . . . . . . . . . 8
4.1.1. Subobject: Backup Ingress IPv4 Address . . . . . . . . 10 4.1.1. Class Number and Class Type . . . . . . . . . . . . . 9
4.1.2. Subobject: Backup Ingress IPv6 Address . . . . . . . . 10 4.1.2. Object Format . . . . . . . . . . . . . . . . . . . . 9
4.1.3. Subobject: Ingress IPv4 Address . . . . . . . . . . . 11 4.1.3. Subobject: Backup Ingress IPv4 Address . . . . . . . . 10
4.1.4. Subobject: Ingress IPv6 Address . . . . . . . . . . . 11 4.1.4. Subobject: Backup Ingress IPv6 Address . . . . . . . . 11
4.1.5. Subobject: Traffic Descriptor . . . . . . . . . . . . 12 4.1.5. Subobject: Ingress IPv4 Address . . . . . . . . . . . 11
4.1.6. Subobject: Label-Routes . . . . . . . . . . . . . . . 12 4.1.6. Subobject: Ingress IPv6 Address . . . . . . . . . . . 12
4.1.7. Subobject: Traffic Descriptor . . . . . . . . . . . . 12
4.1.8. Subobject: Label-Routes . . . . . . . . . . . . . . . 13
5. Behavior of Ingress Protection . . . . . . . . . . . . . . . . 13 5. Behavior of Ingress Protection . . . . . . . . . . . . . . . . 13
5.1. Overview . . . . . . . . . . . . . . . . . . . . . . . . . 13 5.1. Overview . . . . . . . . . . . . . . . . . . . . . . . . . 13
5.1.1. Relay-Message Method . . . . . . . . . . . . . . . . . 13 5.1.1. Relay-Message Method . . . . . . . . . . . . . . . . . 13
5.1.2. Proxy-Ingress Method . . . . . . . . . . . . . . . . . 14 5.1.2. Proxy-Ingress Method . . . . . . . . . . . . . . . . . 14
5.2. Ingress Behavior . . . . . . . . . . . . . . . . . . . . . 15 5.2. Ingress Behavior . . . . . . . . . . . . . . . . . . . . . 15
5.2.1. Relay-Message Method . . . . . . . . . . . . . . . . . 15 5.2.1. Relay-Message Method . . . . . . . . . . . . . . . . . 16
5.2.2. Proxy-Ingress Method . . . . . . . . . . . . . . . . . 16 5.2.2. Proxy-Ingress Method . . . . . . . . . . . . . . . . . 16
5.3. Backup Ingress Behavior . . . . . . . . . . . . . . . . . 17 5.3. Backup Ingress Behavior . . . . . . . . . . . . . . . . . 18
5.3.1. Backup Ingress Behavior in Off-path Case . . . . . . . 18 5.3.1. Backup Ingress Behavior in Off-path Case . . . . . . . 18
5.3.2. Backup Ingress Behavior in On-path Case . . . . . . . 20 5.3.2. Backup Ingress Behavior in On-path Case . . . . . . . 20
5.3.3. Failure Detection and Refresh PATH Messages . . . . . 21 5.3.3. Failure Detection and Refresh PATH Messages . . . . . 21
5.4. Revertive Behavior . . . . . . . . . . . . . . . . . . . . 21 5.4. Revertive Behavior . . . . . . . . . . . . . . . . . . . . 21
5.4.1. Revert to Primary Ingress . . . . . . . . . . . . . . 21 5.4.1. Revert to Primary Ingress . . . . . . . . . . . . . . 22
5.4.2. Global Repair by Backup Ingress . . . . . . . . . . . 22 5.4.2. Global Repair by Backup Ingress . . . . . . . . . . . 22
6. Security Considerations . . . . . . . . . . . . . . . . . . . 22 6. Security Considerations . . . . . . . . . . . . . . . . . . . 22
7. Compatibility . . . . . . . . . . . . . . . . . . . . . . . . 22 7. Compatibility . . . . . . . . . . . . . . . . . . . . . . . . 22
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 22 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 23
9. Co-authors and Contributors . . . . . . . . . . . . . . . . . 23 9. Co-authors and Contributors . . . . . . . . . . . . . . . . . 23
10. Acknowledgement . . . . . . . . . . . . . . . . . . . . . . . 25 10. Acknowledgement . . . . . . . . . . . . . . . . . . . . . . . 25
11. References . . . . . . . . . . . . . . . . . . . . . . . . . . 26 11. References . . . . . . . . . . . . . . . . . . . . . . . . . . 25
11.1. Normative References . . . . . . . . . . . . . . . . . . . 26 11.1. Normative References . . . . . . . . . . . . . . . . . . . 25
11.2. Informative References . . . . . . . . . . . . . . . . . . 26 11.2. Informative References . . . . . . . . . . . . . . . . . . 26
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 26 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 26
1. Introduction 1. Introduction
For a MPLS TE LSP, protecting the failures of its transit nodes using For a MPLS TE LSP, protecting the failures of its transit nodes using
fast-reroute (FRR) is covered in RFC 4090 for P2P LSP and RFC 4875 fast-reroute (FRR) is covered in RFC 4090 for P2P LSP and RFC 4875
for P2MP LSP. However, protecting the failure of its ingress node for P2MP LSP. However, protecting the failure of its ingress node
using FRR is not covered in either RFC 4090 or RFC 4875. The MPLS using FRR is not covered in either RFC 4090 or RFC 4875. The MPLS
Transport Profile (MPLS-TP) Linear Protection described in RFC 6378 Transport Profile (MPLS-TP) Linear Protection described in RFC 6378
skipping to change at page 4, line 21 skipping to change at page 4, line 21
will be used exchangeably. will be used exchangeably.
Note that this document is experimental. Two different approaches Note that this document is experimental. Two different approaches
are proposed to transfer the information for ingress protection. are proposed to transfer the information for ingress protection.
They both use the same new INGRESS_PROTECTION object, which is sent They both use the same new INGRESS_PROTECTION object, which is sent
in both PATH and RESV messages between a primary ingress and a backup in both PATH and RESV messages between a primary ingress and a backup
ingress. One approach is Relay-Message Method (refer to section ingress. One approach is Relay-Message Method (refer to section
5.1.1 and 5.2.1), the other is Proxy-Ingress Method (refer to section 5.1.1 and 5.2.1), the other is Proxy-Ingress Method (refer to section
5.1.2 and 5.2.2). Each of them has its advantages and disadvantages. 5.1.2 and 5.2.2). Each of them has its advantages and disadvantages.
It is hard to decide which one is used as a standard approach now. It is hard to decide which one is used as a standard approach now.
After one approach is selected, the document will be revised to It is expected that the experiment on the ingress local protection
reflect that selection and any other items learned from the with these two approaches provides quantities to help choose one.
experiment. The revised document is expected to be submitted for The quantities include the numbers on control traffic, states, codes
and operations. After one approach is selected, the document will be
revised to reflect that selection and any other items learned from
the experiment. The revised document is expected to be submitted for
publication on the standards track. publication on the standards track.
1.1. Ingress Local Protection Example 1.1. Ingress Local Protection Example
Figure 1 shows an example of using a backup P2MP LSP to locally Figure 1 shows an example of using a backup P2MP LSP to locally
protect the ingress of a primary P2MP LSP, which is from ingress Ia protect the ingress of a primary P2MP LSP, which is from ingress Ia
to three egresses: L1, L2 and L3. The backup LSP is from backup to three egresses: L1, L2 and L3. The backup LSP is from backup
ingress Ib to the next hops R2 and R4 of ingress Ia. ingress Ib to the next hops R2 and R4 of ingress Ia.
******* ******* S Source ******* ******* S Source
skipping to change at page 5, line 30 skipping to change at page 5, line 50
o Setting up the necessary backup LSP forwarding state based on the o Setting up the necessary backup LSP forwarding state based on the
information received for ingress local protection; information received for ingress local protection;
o Detecting the primary ingress failure and providing the fast o Detecting the primary ingress failure and providing the fast
repair (as discussed in Sections 2 and 3); repair (as discussed in Sections 2 and 3);
o Maintaining the RSVP-TE control plane state until a global repair o Maintaining the RSVP-TE control plane state until a global repair
is done; and is done; and
o Performing the global repair(see Section 5.4). o Performing the global repair(see Section 5.4.2).
The primary ingress of a primary LSP sends the backup ingress the The primary ingress of a primary LSP sends the backup ingress the
information for ingress protection in a PATH message with a new information for ingress protection in a PATH message with a new
INGRESS_PROTECTION object. The backup ingress sets up the backup INGRESS_PROTECTION object. The backup ingress sets up the backup
LSP(s) and forwarding state after receiving the necessary information LSP(s) and forwarding state after receiving the necessary information
for ingress protection. And then it sends the primary ingress the for ingress protection. And then it sends the primary ingress the
status of ingress protection in a RESV message with a new status of ingress protection in a RESV message with a new
INGRESS_PROTECTION object. INGRESS_PROTECTION object.
When the primary ingress fails, the backup ingress sends or refreshes When the primary ingress fails, the backup ingress sends or refreshes
skipping to change at page 6, line 34 skipping to change at page 7, line 5
refreshes the PATH message to the next hop through the backup LSP as refreshes the PATH message to the next hop through the backup LSP as
needed. The method may verify the failure of the primary ingress needed. The method may verify the failure of the primary ingress
slowly such as in seconds. slowly such as in seconds.
After the primary ingress fails, it will not be reachable after After the primary ingress fails, it will not be reachable after
routing convergence. Thus checking whether the primary ingress routing convergence. Thus checking whether the primary ingress
(address) is reachable is a possible method. (address) is reachable is a possible method.
When the previously failed primary ingress of a primary LSP becomes When the previously failed primary ingress of a primary LSP becomes
available again and the primary LSP has recovered from its primary available again and the primary LSP has recovered from its primary
ingress, the source may switches the traffic to the primary ingress ingress, the source may switch the traffic to the primary ingress
from the backup ingress. A operator may control the traffic switch from the backup ingress. A operator may control the traffic switch
through using a command on the source node after seeing that the through using a command on the source node after seeing that the
primary LSP has recovered. primary LSP has recovered.
2.2. Backup and Source Detect Failure 2.2. Backup and Source Detect Failure
Backup and Source Detect Failure or Backup-Source-Detect for short Backup and Source Detect Failure or Backup-Source-Detect for short
means that both the backup ingress and the source are concurrently means that both the backup ingress and the source are concurrently
responsible for fast detecting the failure of the primary ingress. responsible for fast detecting the failure of the primary ingress.
skipping to change at page 8, line 31 skipping to change at page 9, line 4
o Desire options on ingress protection such as P2MP option o Desire options on ingress protection such as P2MP option
indicating a desire to use a backup P2MP LSP to protect the indicating a desire to use a backup P2MP LSP to protect the
primary ingress of a primary P2MP LSP. primary ingress of a primary P2MP LSP.
The backup ingress sends the primary ingress this object in a RESV The backup ingress sends the primary ingress this object in a RESV
message. In this case, the object contains the information about the message. In this case, the object contains the information about the
status on the ingress protection. status on the ingress protection.
4.1. INGRESS_PROTECTION Object 4.1. INGRESS_PROTECTION Object
4.1.1. Class Number and Class Type
The Class Number for the INGRESS_PROTECTION object MUST be of the
form 0bbbbbbb to enable implementations that do not recognize the
object to reject the entire message and return an "Unknown Object
Class" error [RFC2205]. It is suggested that a Class Number value
from the Private Use range (124-127) [RFC3936] specified for the
0bbbbbbb octet be chosen for this experiment. It is also suggested
that a Class Type value of 1 be used for this object in this
experiment.
The INGRESS_PROTECTION object with the FAST_REROUTE object in a PATH The INGRESS_PROTECTION object with the FAST_REROUTE object in a PATH
message is used to control the backup for protecting the primary message is used to control the backup for protecting the primary
ingress of a primary LSP. The primary ingress MUST insert this ingress of a primary LSP. The primary ingress MUST insert this
object into the PATH message to be sent to the backup ingress for object into the PATH message to be sent to the backup ingress for
protecting the primary ingress. It has the following format: protecting the primary ingress.
4.1.2. Object Format
The INGRESS_PROTECTION object has the following format:
Class-Num = TBD C-Type = 1 for INGRESS_PROTECTION_IP
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Length (bytes) | Class-Num | C-Type | | Length (bytes) | Class-Num | C-Type |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Reserved (zero) | NUB | Flags | Options | | Reserved (zero) | NUB | Flags | Options |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
~ (Subobjects) ~ ~ (Subobjects) ~
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
NUB Number of Unprotected Branches NUB Number of Unprotected Branches
skipping to change at page 10, line 13 skipping to change at page 10, line 33
behavior to the backup ingress. behavior to the backup ingress.
o Revert to Ingress: The primary ingress sets this option indicating o Revert to Ingress: The primary ingress sets this option indicating
that the traffic for the primary LSP successfully re-signaled will that the traffic for the primary LSP successfully re-signaled will
be switched back to the primary ingress from the backup ingress be switched back to the primary ingress from the backup ingress
when the primary ingress is restored. when the primary ingress is restored.
o P2MP Backup: This option is set to ask for the backup ingress to o P2MP Backup: This option is set to ask for the backup ingress to
use backup P2MP LSP to protect the primary ingress. use backup P2MP LSP to protect the primary ingress.
The INGRESS_PROTECTION object may contain some sub objects of The INGRESS_PROTECTION object may contain some subobjects of
following format: following format:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length |Reserved (zero)| | Type | Length |Reserved (zero)|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Contents/Body of subobject | | Contents/Body of subobject |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
where Type is the type of a sub object, Length is the total size of where Type is the type of a subobject, Length is the total size of
the sub object in bytes, including Type, Length and Contents fields. the subobject in bytes, including Type, Length and Contents fields.
4.1.1. Subobject: Backup Ingress IPv4 Address 4.1.3. Subobject: Backup Ingress IPv4 Address
When the primary ingress of a protected LSP sends a PATH message with When the primary ingress of a protected LSP sends a PATH message with
an INGRESS_PROTECTION object to the backup ingress, the object MUST an INGRESS_PROTECTION object to the backup ingress, the object MUST
have a Backup Ingress IPv4 Address sub object containing an IPv4 have a Backup Ingress IPv4 Address subobject containing an IPv4
address belonging to the backup ingress if IPv4 is used. The Type of address belonging to the backup ingress if IPv4 is used. The Type of
the sub object is TBD1 (the exact number to be assigned by IANA), and the subobject is 1, and the body of the subobject is given below:
the body of the sub object is given below:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Backup ingress IPv4 address (4 bytes) | | Backup ingress IPv4 address (4 bytes) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Backup ingress IPv4 address: An IPv4 host address of backup ingress Backup ingress IPv4 address: An IPv4 host address of backup ingress
4.1.2. Subobject: Backup Ingress IPv6 Address 4.1.4. Subobject: Backup Ingress IPv6 Address
When the primary ingress of a protected LSP sends a PATH message with When the primary ingress of a protected LSP sends a PATH message with
an INGRESS_PROTECTION object to the backup ingress, the object MUST an INGRESS_PROTECTION object to the backup ingress, the object MUST
have a Backup Ingress IPv6 Address sub object containing an IPv6 have a Backup Ingress IPv6 Address subobject containing an IPv6
address belonging to the backup ingress if IPv6 is used. The Type of address belonging to the backup ingress if IPv6 is used. The Type of
the sub object is TBD2, the body of the sub object is given below: the subobject is 2, the body of the subobject is given below:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Backup ingress IPv6 address (16 bytes) | | Backup ingress IPv6 address (16 bytes) |
~ ~ ~ ~
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Backup ingress IPv6 address: An IPv6 host address of backup ingress Backup ingress IPv6 address: An IPv6 host address of backup ingress
4.1.3. Subobject: Ingress IPv4 Address 4.1.5. Subobject: Ingress IPv4 Address
The INGRESS_PROTECTION object may have an Ingress IPv4 Address sub The INGRESS_PROTECTION object may have an Ingress IPv4 Address
object containing an IPv4 address belonging to the primary ingress if subobject containing an IPv4 address belonging to the primary ingress
IPv4 is used. The Type of the sub object is TBD3. The sub object if IPv4 is used. The Type of the subobject is 3. The subobject has
has the following body: the following body:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Ingress IPv4 address (4 bytes) | | Ingress IPv4 address (4 bytes) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Ingress IPv4 address: An IPv4 host address of ingress Ingress IPv4 address: An IPv4 host address of ingress
4.1.4. Subobject: Ingress IPv6 Address 4.1.6. Subobject: Ingress IPv6 Address
The INGRESS_PROTECTION object may have an Ingress IPv6 Address sub The INGRESS_PROTECTION object may have an Ingress IPv6 Address
object containing an IPv6 address belonging to the primary ingress if subobject containing an IPv6 address belonging to the primary ingress
IPv6 is used. The Type of the sub object is TBD4. The sub object if IPv6 is used. The Type of the subobject is 4. The subobject has
has the following body: the following body:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Ingress IPv6 address (16 bytes) | | Ingress IPv6 address (16 bytes) |
~ ~ ~ ~
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Ingress IPv6 address: An IPv6 host address of ingress Ingress IPv6 address: An IPv6 host address of ingress
4.1.5. Subobject: Traffic Descriptor 4.1.7. Subobject: Traffic Descriptor
The INGRESS_PROTECTION object may have a Traffic Descriptor sub The INGRESS_PROTECTION object may have a Traffic Descriptor subobject
object describing the traffic to be mapped to the backup LSP on the describing the traffic to be mapped to the backup LSP on the backup
backup ingress for locally protecting the primary ingress. The Type ingress for locally protecting the primary ingress. The subobject
of the sub object is TBD5, TBD6, TBD7 or TBD8 for Interface, IPv4 types for Interface, IPv4 Prefix, IPv6 Prefix and Application
Prefix, IPv6 Prefix or Application Identifier respectively. The sub Identifier are 5, 6, 7 and 8 respectively. The subobject has the
object has the following body: following body:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Traffic Element 1 | | Traffic Element 1 |
~ ~ ~ ~
| Traffic Element n | | Traffic Element n |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
The Traffic Descriptor sub object may contain multiple Traffic The Traffic Descriptor subobject may contain multiple Traffic
Elements of same type as follows: Elements of same type as follows:
o Interface Traffic (Type TBD5): Each of the Traffic Elements is a o Interface Traffic: Each of the Traffic Elements is a 32 bit index
32 bit index of an interface, from which the traffic is imported of an interface, from which the traffic is imported into the
into the backup LSP. backup LSP.
o IPv4 Prefix Traffic (Type TBD6): Each of the Traffic Elements is o IPv4 Prefix Traffic: Each of the Traffic Elements is an IPv4
an IPv4 prefix, containing an 8-bit prefix length followed by an prefix, containing an 8-bit prefix length followed by an IPv4
IPv4 address prefix, whose length, in bits, is specified by the address prefix, whose length, in bits, is specified by the prefix
prefix length, padded to a byte boundary. length, padded to a byte boundary.
o IPv6 Prefix Traffic (Type TBD7): Each of the Traffic Elements is o IPv6 Prefix Traffic: Each of the Traffic Elements is an IPv6
an IPv6 prefix, containing an 8-bit prefix length followed by an prefix, containing an 8-bit prefix length followed by an IPv6
IPv6 address prefix, whose length, in bits, is specified by the address prefix, whose length, in bits, is specified by the prefix
prefix length, padded to a byte boundary. length, padded to a byte boundary.
o Application Traffic (Type TBD8): Each of the Traffic Elements is a o Application Traffic: Each of the Traffic Elements is a 32 bit
32 bit identifier of an application, from which the traffic is identifier of an application, from which the traffic is imported
imported into the backup LSP. into the backup LSP.
4.1.6. Subobject: Label-Routes 4.1.8. Subobject: Label-Routes
The INGRESS_PROTECTION object in a PATH message from the primary The INGRESS_PROTECTION object in a PATH message from the primary
ingress to the backup ingress may have a Label-Routes sub object ingress to the backup ingress may have a Label-Routes subobject
containing the labels and routes that the next hops of the ingress containing the labels and routes that the next hops of the ingress
use. The Type of the sub object is TBD9. The sub object has the use. The Type of the subobject is 9. The subobject has the
following body: following body:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
~ Subobjects ~ ~ Subobjects ~
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
The Subobjects in the Label-Routes are copied from those in the The Subobjects in the Label-Routes are copied from those in the
RECORD_ROUTE objects in the RESV messages that the primary ingress RECORD_ROUTE objects in the RESV messages that the primary ingress
skipping to change at page 13, line 37 skipping to change at page 14, line 8
The primary ingress relays the information for ingress protection of The primary ingress relays the information for ingress protection of
an LSP to the backup ingress via PATH messages. Once the LSP is an LSP to the backup ingress via PATH messages. Once the LSP is
created, the ingress of the LSP sends the backup ingress a PATH created, the ingress of the LSP sends the backup ingress a PATH
message with an INGRESS_PROTECTION object with Label-Routes message with an INGRESS_PROTECTION object with Label-Routes
subobject, which is populated with the next-hops and labels. This subobject, which is populated with the next-hops and labels. This
provides sufficient information for the backup ingress to create the provides sufficient information for the backup ingress to create the
appropriate forwarding state and backup LSP(s). appropriate forwarding state and backup LSP(s).
The ingress also sends the backup ingress all the other PATH messages The ingress also sends the backup ingress all the other PATH messages
for the LSP with an empty INGRESS_PROTECTION object. An for the LSP with an empty INGRESS_PROTECTION object. An
INGRESS_PROTECTION object without any Traffic-Descriptor sub-object INGRESS_PROTECTION object without any Traffic-Descriptor subobject is
is called an empty INGRESS_PROTECTION object. Thus, the backup called an empty INGRESS_PROTECTION object. Thus, the backup ingress
ingress has access to all the PATH messages needed for modification has access to all the PATH messages needed for modification to
to refresh control-plane state after a failure. refresh control-plane state after a failure.
The empty INGRESS_PROTECTION object is for efficient processing of The empty INGRESS_PROTECTION object is for efficient processing of
ingress protection for a P2MP LSP. For a P2MP LSP, its primary ingress protection for a P2MP LSP. For a P2MP LSP, its primary
ingress may have more than one PATH messages, each of which is sent ingress may have more than one PATH messages, each of which is sent
to a next hop along a branch of the P2MP LSP. The PATH message along to a next hop along a branch of the P2MP LSP. The PATH message along
a branch will be selected and sent to the backup ingress with an a branch will be selected and sent to the backup ingress with an
INGRESS_PROTECTION object containing the Traffic-Descriptor sub- INGRESS_PROTECTION object containing the Traffic-Descriptor
object; all the PATH messages along the other branches will be sent subobject; all the PATH messages along the other branches will be
to the backup ingress containing an INGRESS_PROTECTION object without sent to the backup ingress containing an INGRESS_PROTECTION object
any Traffic-Descriptor sub-object (empty INGRESS_PROTECTION object). without any Traffic-Descriptor subobject (empty INGRESS_PROTECTION
object). For a P2MP LSP, the backup ingress only needs one Traffic-
For a P2MP LSP, the backup ingress only needs one Traffic-Descriptor. Descriptor.
5.1.2. Proxy-Ingress Method 5.1.2. Proxy-Ingress Method
Conceptually, a proxy ingress is created that starts the RSVP Conceptually, a proxy ingress is created that starts the RSVP
signaling. The explicit path of the LSP goes from the proxy ingress signaling. The explicit path of the LSP goes from the proxy ingress
to the backup ingress and then to the real ingress. The behavior and to the backup ingress and then to the real ingress. The behavior and
signaling for the proxy ingress is done by the real ingress; the use signaling for the proxy ingress is done by the real ingress; the use
of a proxy ingress address avoids problems with loop detection. Note of a proxy ingress address avoids problems with loop detection. Note
that the proxy ingress MUST reside within the same router as the real that the proxy ingress MUST reside within the same router as the real
ingress. ingress.
skipping to change at page 15, line 24 skipping to change at page 15, line 41
o Proxy-Ingress-Id (only needed for Proxy-Ingress Method): The o Proxy-Ingress-Id (only needed for Proxy-Ingress Method): The
Proxy-Ingress-Id is only used in the Record Route Object for Proxy-Ingress-Id is only used in the Record Route Object for
recording the proxy-ingress. If no proxy-ingress-id is specified, recording the proxy-ingress. If no proxy-ingress-id is specified,
then a local interface address that will not otherwise be included then a local interface address that will not otherwise be included
in the Record Route Object can be used. A similar technique is in the Record Route Object can be used. A similar technique is
used in [RFC4090 Sec 6.1.1]. used in [RFC4090 Sec 6.1.1].
o Application Traffic Identifier: The primary ingress and backup o Application Traffic Identifier: The primary ingress and backup
ingress MUST both know what application traffic should be directed ingress MUST both know what application traffic should be directed
into the LSP. If a list of prefixes in the Traffic Descriptor into the LSP. If a list of prefixes in the Traffic Descriptor
sub-object will not suffice, then a commonly understood subobject will not suffice, then a commonly understood Application
Application Traffic Identifier can be sent between the primary Traffic Identifier can be sent between the primary ingress and
ingress and backup ingress. The exact meaning of the identifier backup ingress. The exact meaning of the identifier should be
should be configured similarly at both the primary ingress and configured similarly at both the primary ingress and backup
backup ingress. The Application Traffic Identifier is understood ingress. The Application Traffic Identifier is understood within
within the unique context of the primary ingress and backup the unique context of the primary ingress and backup ingress.
ingress.
o A connection between backup ingress and primary ingress: If there o A connection between backup ingress and primary ingress: If there
is not any direct link between the primary ingress and the backup is not any direct link between the primary ingress and the backup
ingress, a tunnel MUST be configured between them. ingress, a tunnel MUST be configured between them.
With this additional information, the primary ingress can create and With this additional information, the primary ingress can create and
signal the necessary RSVP extensions to support ingress protection. signal the necessary RSVP extensions to support ingress protection.
5.2.1. Relay-Message Method 5.2.1. Relay-Message Method
skipping to change at page 15, line 52 skipping to change at page 16, line 21
the following after the LSP is up. the following after the LSP is up.
1. Select a PATH message P0 for the LSP. 1. Select a PATH message P0 for the LSP.
2. If the backup ingress is off-path (the backup ingress is not the 2. If the backup ingress is off-path (the backup ingress is not the
next hop of the primary ingress for P0), then send it a PATH next hop of the primary ingress for P0), then send it a PATH
message P0' with the content from P0 and an INGRESS_PROTECTION message P0' with the content from P0 and an INGRESS_PROTECTION
object; else (the backup ingress is a next hop, i.e., on-path object; else (the backup ingress is a next hop, i.e., on-path
case) add an INGRESS_PROTECTION object into the existing PATH case) add an INGRESS_PROTECTION object into the existing PATH
message to the backup ingress (i.e., the next hop). The object message to the backup ingress (i.e., the next hop). The object
contains the Traffic-Descriptor sub-object, the Backup Ingress contains the Traffic-Descriptor subobject, the Backup Ingress
Address sub-object and the Label-Routes sub-object. The options Address subobject and the Label-Routes subobject. The options is
is set to indicate whether a Backup P2MP LSP is desired. The set to indicate whether a Backup P2MP LSP is desired. The Label-
Label-Routes sub-object contains the next-hops of the primary Routes subobject contains the next-hops of the primary ingress
ingress and their labels. Note that for on-path case, there is and their labels. Note that for on-path case, there is an
an existing PATH message to the backup ingress (i.e., the next existing PATH message to the backup ingress (i.e., the next hop),
hop), and we just add an INGRESS_PROTECTION object into the and we just add an INGRESS_PROTECTION object into the existing
existing PATH message to be sent to the backup ingress. We do PATH message to be sent to the backup ingress. We do not send a
not send a separate PATH message to the backup ingress for this separate PATH message to the backup ingress for this existing
existing PATH message. PATH message.
3. For each Pi of the other PATH messages for the LSP, send the 3. For each Pi of the other PATH messages for the LSP, send the
backup ingress a PATH message Pi' with the content copied from Pi backup ingress a PATH message Pi' with the content copied from Pi
and an empty INGRESS_PROTECTION object. and an empty INGRESS_PROTECTION object.
For every PATH message Pj' (i.e., P0'/Pi') to be sent to the backup For every PATH message Pj' (i.e., P0'/Pi') to be sent to the backup
ingress, it has the same SESSION as Pj (i.e., P0/Pi). If the backup ingress, it has the same SESSION as Pj (i.e., P0/Pi). If the backup
ingress is off-path, the primary ingress updates Pj' according to the ingress is off-path, the primary ingress updates Pj' according to the
backup ingress as its next hop before sending it. It adds the backup backup ingress as its next hop before sending it. It adds the backup
ingress to the beginning of the ERO, and sets RSVP_HOP based on the ingress to the beginning of the ERO, and sets RSVP_HOP based on the
skipping to change at page 16, line 46 skipping to change at page 17, line 18
path (for all sub-LSPs), then insert at the beginning of the ERO path (for all sub-LSPs), then insert at the beginning of the ERO
first the backup ingress node and then the ingress node. first the backup ingress node and then the ingress node.
3. In the PATH RRO, instead of recording the ingress node's address, 3. In the PATH RRO, instead of recording the ingress node's address,
replace it with the Proxy-Ingress-Id. replace it with the Proxy-Ingress-Id.
4. Leave the HOP object populated as usual with information for the 4. Leave the HOP object populated as usual with information for the
ingress-node. ingress-node.
5. Add the INGRESS_PROTECTION object to the PATH message. Include 5. Add the INGRESS_PROTECTION object to the PATH message. Include
the Backup Ingress Address (IPv4 or IPv6) sub-object and the the Backup Ingress Address (IPv4 or IPv6) subobject and the
Traffic-Descriptor sub-object. Set or clear the options Traffic-Descriptor subobject. Set or clear the options
indicating that a Backup P2MP LSP is desired. indicating that a Backup P2MP LSP is desired.
6. Optionally, add the FAST-REROUTE object [RFC4090] to the Path 6. Optionally, add the FAST-REROUTE object [RFC4090] to the Path
message. Indicate whether one-to-one backup is desired. message. Indicate whether one-to-one backup is desired.
Indicate whether facility backup is desired. Indicate whether facility backup is desired.
7. The RSVP PATH message is sent to the backup node as normal. 7. The RSVP PATH message is sent to the backup node as normal.
If the ingress detects that it can't communicate with the backup If the ingress detects that it can't communicate with the backup
ingress, then the ingress SHOULD instead send the PATH message to the ingress, then the ingress SHOULD instead send the PATH message to the
next-hop indicated in the ERO computed in step 1. Once the ingress next-hop indicated in the ERO computed in step 1. Once the ingress
detects that it can communicate with the backup ingress, the ingress detects that it can communicate with the backup ingress, the ingress
SHOULD follow the steps 1-7 to obtain ingress failure protection. SHOULD follow the steps 1-7 to obtain ingress failure protection.
skipping to change at page 17, line 46 skipping to change at page 18, line 16
not appear after the backup ingress in the RRO. The ingress node not appear after the backup ingress in the RRO. The ingress node
SHOULD set up ingress forwarding state, just as is done if the LSP SHOULD set up ingress forwarding state, just as is done if the LSP
weren't ingress-node protected. weren't ingress-node protected.
5.3. Backup Ingress Behavior 5.3. Backup Ingress Behavior
An LER determines that the ingress local protection is requested for An LER determines that the ingress local protection is requested for
an LSP if the INGRESS_PROTECTION object is included in the PATH an LSP if the INGRESS_PROTECTION object is included in the PATH
message it receives for the LSP. The LER can further determine that message it receives for the LSP. The LER can further determine that
it is the backup ingress if one of its addresses is in the Backup it is the backup ingress if one of its addresses is in the Backup
Ingress Address sub-object of the INGRESS_PROTECTION object. The LER Ingress Address subobject of the INGRESS_PROTECTION object. The LER
as the backup ingress will assume full responsibility of the ingress as the backup ingress will assume full responsibility of the ingress
after the primary ingress fails. In addition, the LER determines after the primary ingress fails. In addition, the LER determines
that it is off-path if it is not any node of the LSP. The LER that it is off-path if it is not any node of the LSP. The LER
determines whether it uses Relay-Message Method or Proxy-Ingress determines whether it uses Relay-Message Method or Proxy-Ingress
Method according to configurations. Method according to configurations.
5.3.1. Backup Ingress Behavior in Off-path Case 5.3.1. Backup Ingress Behavior in Off-path Case
The backup ingress considers itself as a PLR and the primary ingress The backup ingress considers itself as a PLR and the primary ingress
as its next hop and provides a local protection for the primary as its next hop and provides a local protection for the primary
skipping to change at page 19, line 28 skipping to change at page 19, line 46
ingress for locally protecting the primary ingress of a protected ingress for locally protecting the primary ingress of a protected
LSP, it MUST check to see if any critical information has been LSP, it MUST check to see if any critical information has been
changed. If the next hops of the primary ingress are changed, the changed. If the next hops of the primary ingress are changed, the
backup ingress SHALL update its backup LSP(s) accordingly. backup ingress SHALL update its backup LSP(s) accordingly.
5.3.1.1. Relay-Message Method 5.3.1.1. Relay-Message Method
When the backup ingress receives a PATH message with an non empty When the backup ingress receives a PATH message with an non empty
INGRESS_PROTECTION object, it examines the object to learn what INGRESS_PROTECTION object, it examines the object to learn what
traffic associated with the LSP. It determines the next-hops to be traffic associated with the LSP. It determines the next-hops to be
merged to by examining the Label-Routes sub-object in the object. merged to by examining the Label-Routes subobject in the object.
The backup ingress MUST store the PATH message received from the The backup ingress MUST store the PATH message received from the
primary ingress, but NOT forward it. primary ingress, but NOT forward it.
The backup ingress responds with a RESV message to the PATH message The backup ingress responds with a RESV message to the PATH message
received from the primary ingress. If the backup ingress is off- received from the primary ingress. If the backup ingress is off-
path, the LABEL object in the RESV message contains IMPLICIT-NULL. path, the LABEL object in the RESV message contains IMPLICIT-NULL.
If the INGRESS_PROTECTION object is not "empty", the backup ingress If the INGRESS_PROTECTION object is not "empty", the backup ingress
SHALL send the RESV message with the state indicating protection is SHALL send the RESV message with the state indicating protection is
available after the backup LSP(s) are successfully established. available after the backup LSP(s) are successfully established.
5.3.1.2. Proxy-Ingress Method 5.3.1.2. Proxy-Ingress Method
The backup ingress determines the next-hops to be merged to by The backup ingress determines the next-hops to be merged to by
collecting the set of the pair of (IPv4/IPv6 sub-object, Label sub- collecting the set of the pair of (IPv4/IPv6 subobject, Label
object) from the Record Route Object of each RESV that are closest to subobject) from the Record Route Object of each RESV that are closest
the top and not the Ingress router; this should be the second to the to the top and not the Ingress router; this should be the second to
top pair. If a Label-Routes sub-object is included in the the top pair. If a Label-Routes subobject is included in the
INGRESS_PROTECTION object, the included IPv4/IPv6 sub-objects are INGRESS_PROTECTION object, the included IPv4/IPv6 subobjects are used
used to filter the set down to the specific next-hops where to filter the set down to the specific next-hops where protection is
protection is desired. A RESV message MUST have been received before desired. A RESV message MUST have been received before the Backup
the Backup Ingress can create or select the appropriate backup LSP. Ingress can create or select the appropriate backup LSP.
When the backup ingress receives a PATH message with the When the backup ingress receives a PATH message with the
INGRESS_PROTECTION object, the backup ingress examines the object to INGRESS_PROTECTION object, the backup ingress examines the object to
learn what traffic associated with the LSP. The backup ingress learn what traffic associated with the LSP. The backup ingress
forwards the PATH message to the ingress node with the normal RSVP forwards the PATH message to the ingress node with the normal RSVP
changes. changes.
When the backup ingress receives a RESV message with the When the backup ingress receives a RESV message with the
INGRESS_PROTECTION object, the backup ingress records an IMPLICIT- INGRESS_PROTECTION object, the backup ingress records an IMPLICIT-
NULL label in the RRO. Then the backup ingress forwards the RESV NULL label in the RRO. Then the backup ingress forwards the RESV
skipping to change at page 20, line 25 skipping to change at page 20, line 43
An LER as the backup ingress determines that it is on-path if one of An LER as the backup ingress determines that it is on-path if one of
its addresses is a next hop of the primary ingress (and for Proxy- its addresses is a next hop of the primary ingress (and for Proxy-
Ingress Method the primary ingress is not its next hop via checking Ingress Method the primary ingress is not its next hop via checking
the PATH message with the INGRESS_PROTECTION object received from the the PATH message with the INGRESS_PROTECTION object received from the
primary ingress). The LER on-path MUST send the corresponding PATH primary ingress). The LER on-path MUST send the corresponding PATH
messages without any INGRESS_PROTECTION object to its next hops. It messages without any INGRESS_PROTECTION object to its next hops. It
creates a number of backup P2P LSPs or a backup P2MP LSP from itself creates a number of backup P2P LSPs or a backup P2MP LSP from itself
to the other next hops (i.e., the next hops other than the backup to the other next hops (i.e., the next hops other than the backup
ingress) of the primary ingress. The other next hops are from the ingress) of the primary ingress. The other next hops are from the
Label-Routes sub object. Label-Routes subobject.
It also creates a forwarding entry, which sends/multicasts the It also creates a forwarding entry, which sends/multicasts the
traffic from the source to the next hops of the backup ingress along traffic from the source to the next hops of the backup ingress along
the protected LSP when the primary ingress fails. The traffic is the protected LSP when the primary ingress fails. The traffic is
described by the Traffic-Descriptor. described by the Traffic-Descriptor.
After the forwarding entry is created, all the backup P2P LSPs or the After the forwarding entry is created, all the backup P2P LSPs or the
backup P2MP LSP is up and associated with the protected LSP, the backup P2MP LSP is up and associated with the protected LSP, the
backup ingress MUST send the primary ingress the RESV message with backup ingress MUST send the primary ingress the RESV message with
the INGRESS_PROTECTION object containing the state of the local the INGRESS_PROTECTION object containing the state of the local
skipping to change at page 22, line 30 skipping to change at page 22, line 49
6. Security Considerations 6. Security Considerations
In principle this document does not introduce new security issues. In principle this document does not introduce new security issues.
The security considerations pertaining to RFC 4090, RFC 4875, RFC The security considerations pertaining to RFC 4090, RFC 4875, RFC
2205 and RFC 3209 remain relevant. 2205 and RFC 3209 remain relevant.
7. Compatibility 7. Compatibility
This extension reuses and extends semantics and procedures defined in This extension reuses and extends semantics and procedures defined in
RFC 2205, RFC 3209, RFC 4090 and RFC 4875 to support ingress RFC 2205, RFC 3209, RFC 4090 and RFC 4875 to support ingress
protection. One new object is defined to indicate ingress protection protection. The new object defined to indicate ingress protection
with class numbers in the form 0bbbbbbb. Per RFC 2205, a node not has a class number of the form 0bbbbbbb. Per RFC 2205, a node not
supporting this extension will not recognize the new class number and supporting this extension will not recognize the new class number and
should respond with an "Unknown Object Class" error. The error should respond with an "Unknown Object Class" error. The error
message will propagate to the ingress, which can then take action to message will propagate to the ingress, which can then take action to
avoid the incompatible node as a backup ingress or may simply avoid the incompatible node as a backup ingress or may simply
terminate the session. terminate the session.
8. IANA Considerations 8. IANA Considerations
This document defines one new object to indicate ingress protection. This document does not request any IANA actions.
- INGRESS_PROTECTION
The assignment of a new Class Name and corresponding 8-bit Class
Number data object in an RSVP message is defined in ([RFC3936]) with
ranges for Standards Action, Expert Review, and Reserved for Private
Use. The Private Use ranges can be used for experimental use, they
will not be registered with IANA and MUST NOT be mentioned by RFCs.
It is suggested to use the following Private Use range:
o 124-127 Reserved for Private Use
It is for an experimental implementation to choose a value from the
Private Use range, and to agree with cooperating implementations
participating in the same experiments what values to use.
Within each object class, there is an 8-bit Class Type (also known as
a C-Type). The following list is a suggested registry for use by
experiments:
Value Name Definition
----- ---- ----------
0 Reserved
1 BACKUP_INGRESS_IPv4_ADDRESS Section 4.1.1
2 BACKUP_INGRESS_IPv6_ADDRESS Section 4.1.2
3 INGRESS_IPv4_ADDRESS Section 4.1.3
4 INGRESS_IPv6_ADDRESS Section 4.1.4
5 TRAFFIC_DESCRIPTOR_INTERFACE Section 4.1.5
6 TRAFFIC_DESCRIPTOR_IPv4_PREFIX Section 4.1.5
7 TRAFFIC_DESCRIPTOR_IPv6_PREFIX Section 4.1.5
8 TRAFFIC_DESCRIPTOR_APPLICATION Section 4.1.5
9 LABEL_ROUTES Section 4.1.6
10-127 Unassigned
128-255 Reserved
9. Co-authors and Contributors 9. Co-authors and Contributors
1. Co-authors 1. Co-authors
Autumn Liu Autumn Liu
Ciena Ciena
USA USA
Email: hliu@ciena.com Email: hliu@ciena.com
 End of changes. 52 change blocks. 
150 lines changed or deleted 130 lines changed or added

This html diff was produced by rfcdiff 1.46. The latest version is available from http://tools.ietf.org/tools/rfcdiff/