Pseudowire Setup and Maintenance using the Label Distribution Protocol
draft-ietf-pals-rfc4447bis-02
The information below is for an old version of the document.
| Document | Type |
This is an older version of an Internet-Draft that was ultimately published as RFC 8077.
|
|
|---|---|---|---|
| Authors | Luca Martini , Giles Heron | ||
| Last updated | 2015-12-15 (Latest revision 2015-09-15) | ||
| Replaces | draft-ietf-pwe3-rfc4447bis | ||
| RFC stream | Internet Engineering Task Force (IETF) | ||
| Formats | |||
| Reviews | |||
| Additional resources | Mailing list discussion | ||
| Stream | WG state | Submitted to IESG for Publication | |
| Document shepherd | Stewart Bryant | ||
| Shepherd write-up | Show Last changed 2015-09-25 | ||
| IESG | IESG state | Became RFC 8077 (Internet Standard) | |
| Consensus boilerplate | Unknown | ||
| Telechat date | (None) | ||
| Responsible AD | Deborah Brungard | ||
| Send notices to | draft-ietf-pals-rfc4447bis.all@ietf.org |
draft-ietf-pals-rfc4447bis-02
quot; [RFC4446].
The Length field is defined as the length of the interface parameter
including the parameter id and length field itself. Processing of
the interface parameters should continue when unknown interface
parameters are encountered, and they MUST be silently ignored.
- Interface MTU sub-TLV type
A 2 octet value indicating the MTU in octets. This is the
Maximum Transmission Unit, excluding encapsulation overhead, of
the egress packet interface that will be transmitting the
decapsulated PDU that is received from the MPLS-enabled network.
This parameter is applicable only to PWs transporting packets and
is REQUIRED for these PW types. If this parameter does not match
in both directions of a specific PW, that PW MUST NOT be enabled.
- Optional Interface Description string sub-TLV type
This arbitrary, and OPTIONAL, interface description string is
used to send a human-readable administrative string describing
the interface to the remote. This parameter is OPTIONAL, and is
applicable to all PW types. The interface description parameter
string length is variable, and can be from 0 to 80 octets.
Human-readable text MUST be provided in the UTF-8 charset using
the Default Language [RFC2277].
Martini & Heron [Page 21]
Internet Draft draft-ietf-pals-rfc4447bis-02.txt September 15, 2015
6.5. LDP label Withdrawal procedures
As mentioned above, the Group ID field of the PWid FEC element, or
the PW Grouping ID TLV used with the Generalized PWid FEC element,
can be used to withdraw all PW labels associated with a particular PW
group. This procedure is OPTIONAL, and if it is implemented, the LDP
Label Withdraw message should be as follows: If the PWid FEC element
is used, the PW information length field is set to 0, the PW ID field
is not present, the interface parameter sub-TLVs are not present, and
the Label TLV is not present. If the Generalized FEC element is
used, the AGI, SAII, and TAII are not present, the PW information
length field is set to 0, the PW Grouping ID TLV is included, the
Interface Parameters TLV is not present, and the Label TLV is not
present. For the purpose of this document, this is called the "wild
card withdraw procedure", and all PEs implementing this design are
REQUIRED to accept such withdrawn message but are not required to
send it. Note that the PW Grouping ID TLV only applies to PWs using
the Generalized ID FEC element, while the Group ID only applies to
PWid FEC element.
The interface parameter sub-TLVs, or TLV, MUST NOT be present in any
LDP PW Label Withdraw or Label Release message. A wild card Label
Release message MUST include only the group ID, or Grouping ID TLV.
A Label Release message initiated by a PE router must always include
the PW ID.
7. Control Word
7.1. PW Types for which the Control Word is REQUIRED
The Label Mapping messages that are sent in order to set up these PWs
MUST have c=1. When a Label Mapping message for a PW of one of these
types is received and c=0, a Label Release message MUST be sent, with
an "Illegal C-bit" status code. In this case, the PW will not be
enabled.
7.2. PW Types for which the Control Word is NOT mandatory
If a system is capable of sending and receiving the control word on
PW types for which the control word is not mandatory, then each such
PW endpoint MUST be configurable with a parameter that specifies
whether the use of the control word is PREFERRED or NOT PREFERRED.
For each PW, there MUST be a default value of this parameter. This
specification does NOT state what the default value should be.
If a system is NOT capable of sending and receiving the control word
on PW types for which the control word is not mandatory, then it
behaves exactly as if it were configured for the use of the control
Martini & Heron [Page 22]
Internet Draft draft-ietf-pals-rfc4447bis-02.txt September 15, 2015
word to be NOT PREFERRED.
If a Label Mapping message for the PW has already been received but
no Label Mapping message for the PW has yet been sent, then the
procedure is as follows:
-i. If the received Label Mapping message has c=0, send a Label
Mapping message with c=0; the control word is not used.
-ii. If the received Label Mapping message has c=1, and the PW is
locally configured such that the use of the control word is
preferred, then send a Label Mapping message with c=1; the
control word is used.
-iii. If the received Label Mapping message has c=1, and the PW is
locally configured such that the use of the control word is
not preferred or the control word is not supported, then act
as if no Label Mapping message for the PW had been received
(That is: proceed to the next paragraph).
If a Label Mapping message for the PW has not already been received
(or if the received Label Mapping message had c=1 and either local
configuration says that the use of the control word is not preferred
or the control word is not supported), then send a Label Mapping
message in which the c bit is set to correspond to the locally
configured preference for use of the control word. (That is, set c=1
if locally configured to prefer the control word, and set c=0 if
locally configured to prefer not to use the control word or if the
control word is not supported).
The next action depends on what control message is next received for
that PW. The possibilities are as follows:
-i. A Label Mapping message with the same c bit value as
specified in the Label Mapping message that was sent. PW
setup is now complete, and the control word is used if c=1
but is not used if c=0.
-ii. A Label Mapping message with c=1, but the Label Mapping
message that was sent has c=0. In this case, ignore the
received Label Mapping message and continue to wait for the
next control message for the PW.
-iii. A Label Mapping message with c=0, but the Label Mapping
message that was sent has c=1. In this case, send a Label
Withdraw message with a "Wrong C-bit" status code, followed
by a Label Mapping message that has c=0. PW setup is now
complete, and the control word is not used.
Martini & Heron [Page 23]
Internet Draft draft-ietf-pals-rfc4447bis-02.txt September 15, 2015
-iv. A Label Withdraw message with the "Wrong c-bit" status code.
Treat as a normal Label Withdraw, but do not respond.
Continue to wait for the next control message for the PW.
If at any time after a Label Mapping message has been received a
corresponding Label Withdraw or Release is received, the action taken
is the same as for any Label Withdraw or Release that might be
received at any time.
If both endpoints prefer the use of the control word, this procedure
will cause it to be used. If either endpoint prefers not to use the
control word or does not support the control word, this procedure
will cause it not to be used. If one endpoint prefers to use the
control word but the other does not, the one that prefers not to use
it has no extra protocol to execute; it just waits for a Label
Mapping message that has c=0.
7.3. Control-Word Renegotiation by Label Request Message
It is possible that after the PW C-bit negotation procedure described
above is completed, the local PE is re-provisioned with a different
control word preference. Therefore once the Control-Word negotation
procedures are completed, the procedure can be restarted as follows:
-i. If local PE has previously sent a Label Mapping message, it
MUST send a Label Withdraw message to remote PE and wait
until it has received a Label Release message from the
remote PE.
-ii. the local PE MUST send a label release message to the remote
PE for the specific label associated with the FEC that was
advertized for this specific PW. Note: the above-mentioned
steps of the Label Release message and Label Withdraw
message are not required to be excuted in any specific
sequence.
-iii. The local PE MUST send a Label Request message to the peer
PE, and then MUST wait until it receives a Label Mapping
message containing the remote PE current configured
preference for use of control word.
Once the remote PE has successfully processed the Label Withdraw
message and Label Release messages, it will reset the C-Bit
negotation state machine and its use of control word with the locally
configured preference.
From this point on the local and remote PEs will follow the C-bit
negotaiation procedures defined in the previous section.
The above C-bit renegotation process SHOULD NOT be interupted until
Martini & Heron [Page 24]
Internet Draft draft-ietf-pals-rfc4447bis-02.txt September 15, 2015
it is completed, or unpredictable results might occur.
7.4. Sequencing Considerations
In the case where the router considers the sequence number field in
the control word, it is important to note the following details when
advertising labels.
7.4.1. Label Advertisements
After a label has been withdrawn by the output router and/or released
by the input router, care must be taken not to advertise (re-use) the
same released label until the output router can be reasonably certain
that old packets containing the released label no longer persist in
the MPLS-enabled network.
This precaution is required to prevent the imposition router from
restarting packet forwarding with a sequence number of 1 when it
receives a Label Mapping message that binds the same FEC to the same
label if there are still older packets in the network with a sequence
number between 1 and 32768. For example, if there is a packet with a
sequence number=n, where n is in the interval [1,32768] traveling
through the network, it would be possible for the disposition router
to receive that packet after it re-advertises the label. Since the
label has been released by the imposition router, the disposition
router SHOULD be expecting the next packet to arrive with a sequence
number of 1. Receipt of a packet with a sequence number equal to n
will result in n packets potentially being rejected by the
disposition router until the imposition router imposes a sequence
number of n+1 into a packet. Possible methods to avoid this are for
the disposition router always to advertise a different PW label, or
for the disposition router to wait for a sufficient time before
attempting to re-advertise a recently released label. This is only
an issue when sequence number processing is enabled at the
disposition router.
7.4.2. Label Release
In situations where the imposition router wants to restart forwarding
of packets with sequence number 1, the router shall 1) send to the
disposition router a Label Release Message, and 2) send to the
disposition router a Label Request message. When sequencing is
supported, advertisement of a PW label in response to a Label Request
message MUST also consider the issues discussed in the section on
Label Advertisements.
Martini & Heron [Page 25]
Internet Draft draft-ietf-pals-rfc4447bis-02.txt September 15, 2015
8. IANA Considerations
In general IANA needs to update any references in the registries
referring to RFC4447 to this document.
8.1. LDP TLV TYPE
This document uses several new LDP TLV types; IANA already maintains
a registry of name "TLV TYPE NAME SPACE" defined by RFC 5036. Any
references to RFC4447 need to be updated to reference this document.
8.2. LDP Status Codes
This document uses several new LDP status codes; IANA already
maintains a registry of name "STATUS CODE NAME SPACE" defined by RFC
5036. Any references to RFC4447 need to be updated to reference this
document.
8.3. FEC Type Name Space
This document uses two new FEC element types, 0x80 and 0x81, from the
registry "FEC Type Name Space" for the Label Distribution Protocol
(LDP RFC 5036). Any references to RFC4447 need to be updated to
reference this document.
9. Security Considerations
This document specifies the LDP extensions that are needed for
setting up and maintaining pseudowires. The purpose of setting up
pseudowires is to enable Layer 2 frames to be encapsulated in MPLS
and transmitted from one end of a pseudowire to the other. Therefore
we treat the security considerations for both the data plane and the
control plane.
9.1. Data-Plane Security
With regard to the security of the data plane, the following areas
must be considered:
- MPLS PDU inspection.
- MPLS PDU spoofing.
Martini & Heron [Page 26]
Internet Draft draft-ietf-pals-rfc4447bis-02.txt September 15, 2015
- MPLS PDU alteration.
- MPLS PSN protocol security.
- Access Circuit security.
- Denial of service prevention on the PE routers.
When an MPLS PSN is used to provide pseudowire service, there is a
perception that security MUST be at least equal to the currently
deployed Layer 2 native protocol networks that the MPLS/PW network
combination is emulating. This means that the MPLS-enabled network
SHOULD be isolated from outside packet insertion in such a way that
it SHOULD NOT be possible to insert an MPLS packet into the network
directly. To prevent unwanted packet insertion, it is also important
to prevent unauthorized physical access to the PSN, as well as
unauthorized administrative access to individual network elements.
As mentioned above, an MPLS-enabled network should not accept MPLS
packets from its external interfaces (i.e., interfaces to CE devices
or to other providers' networks) unless the top label of the packet
was legitimately distributed to the system from which the packet is
being received. If the packet's incoming interface leads to a
different SP (rather than to a customer), an appropriate trust
relationship must also be present, including the trust that the other
SP also provides appropriate security measures.
The three main security problems faced when using an MPLS-enabled
network to transport PWs are spoofing, alteration, and inspection.
First, there is a possibility that the PE receiving PW PDUs will get
a PDU that appears to be from the PE transmitting the PW into the
PSN, but that was not actually transmitted by the PE originating the
PW. (That is, the specified encapsulations do not by themselves
enable the decapsulator to authenticate the encapsulator.) A second
problem is the possibility that the PW PDU will be altered between
the time it enters the PSN and the time it leaves the PSN (i.e., the
specified encapsulations do not by themselves assure the decapsulator
of the packet's integrity.) A third problem is the possibility that
the PDU's contents will be seen while the PDU is in transit through
the PSN (i.e., the specification encapsulations do not ensure
privacy.) How significant these issues are in practice depends on
the security requirements of the applications whose traffic is being
sent through the tunnel, and how secure the PSN itself is.
Martini & Heron [Page 27]
Internet Draft draft-ietf-pals-rfc4447bis-02.txt September 15, 2015
9.2. Control-Plane Security
General security considerations with regard to the use of LDP are
specified in section 5 of RFC 5036. Those considerations also apply
to the case where LDP is used to set up pseudowires.
A pseudowire connects two attachment circuits. It is important to
make sure that LDP connections are not arbitrarily accepted from
anywhere, or else a local attachment circuit might get connected to
an arbitrary remote attachment circuit. Therefore, an incoming LDP
session request MUST NOT be accepted unless its IP source address is
known to be the source of an "eligible" LDP peer. The set of
eligible peers could be pre-configured (either as a list of IP
addresses, or as a list of address/mask combinations), or it could be
discovered dynamically via an auto-discovery protocol that is itself
trusted. (Obviously, if the auto-discovery protocol were not
trusted, the set of "eligible peers" it produces could not be
trusted.)
Even if an LDP connection request appears to come from an eligible
peer, its source address may have been spoofed. Therefore, some
means of preventing source address spoofing must be in place. For
example, if all the eligible peers are in the same network, source
address filtering at the border routers of that network could
eliminate the possibility of source address spoofing.
The LDP MD5 authentication key option, as described in section 2.9 of
RFC 5036, MUST be implemented, and for a greater degree of security,
it must be used. This provides integrity and authentication for the
LDP messages and eliminates the possibility of source address
spoofing. Use of the MD5 option does not provide privacy, but
privacy of the LDP control messages is not usually considered
important. As the MD5 option relies on the configuration of pre-
shared keys, it does not provide much protection against replay
attacks. In addition, its reliance on pre-shared keys may make it
very difficult to deploy when the set of eligible neighbors is
determined by an auto-configuration protocol.
When the Generalized PWid FEC Element is used, it is possible that a
particular LDP peer may be one of the eligible LDP peers but may not
be the right one to connect to the particular attachment circuit
identified by the particular instance of the Generalized PWid FEC
element. However, given that the peer is known to be one of the
eligible peers (as discussed above), this would be the result of a
configuration error, rather than a security problem. Nevertheless,
it may be advisable for a PE to associate each of its local
attachment circuits with a set of eligible peers rather than have
just a single set of eligible peers associated with the PE as a
Martini & Heron [Page 28]
Internet Draft draft-ietf-pals-rfc4447bis-02.txt September 15, 2015
whole.
10. Acknowledgments
The authors wish to acknowledge the contributions of Vach Kompella,
Vanson Lim, Wei Luo, Himanshu Shah, and Nick Weeds.
11. Normative References
[RFC2119] Bradner S., "Key words for use in RFCs to Indicate
Requirement Levels", RFC 2119, March 1997
[RFC5036] "LDP Specification." L. Andersson, P. Ed.
Minei, I. Ed. B. Thomas. January 2001. RFC5036
[RFC3032] "MPLS Label Stack Encoding", E. Rosen, Y. Rekhter,
D. Tappan, G. Fedorkow, D. Farinacci, T. Li, A. Conta.
RFC3032
[RFC4446] "IANA Allocations for pseudo Wire Edge to Edge Emulation
(PWE3)" L. Martini RFC4446 , April 2006
[RFC7358] "Label Advertisement Discipline for LDP Forwarding
Equivalence Classes (FECs)", K. Raza, S. Boutros, L. Martini,
RFC7358, October 2014
12. Informative References
[RFC4842] "Synchronous Optical Network/Synchronous Digital Hierarchy
(SONET/SDH) Circuit Emulation over Packet (CEP)", A. Malis,
P. Pate, R. Cohen, Ed., D. Zelig, RFC4842, April 2007
[RFC4553] "Structure-Agnostic Time Division Multiplexing (TDM) over
Packet (SAToP)", Vainshtein A. Ed. Stein, Ed. YJ. RFC4553,
June 2006
[RFC4619] "Encapsulation Methods for Transport of Frame Relay over
Multiprotocol Label Switching (MPLS) Networks", Martini L. Ed.
C. Kawa Ed. A. Malis Ed. RFC4619, September 2006
[RFC4717] "Encapsulation Methods for Transport of Asynchronous
Transfer Mode (ATM) over MPLS Networks", Martini L. Jayakumar J.
Bocci M. El-Aawar N. Brayley J. Koleyni G. RFC4717,
December 2006
Martini & Heron [Page 29]
Internet Draft draft-ietf-pals-rfc4447bis-02.txt September 15, 2015
[RFC4618] "Encapsulation Methods for Transport of PPP/High-Level
Data Link Control (HDLC) Frames over MPLS Networks", Martini L.
Rosen E. Heron G. Malis A. RFC4618, September 2006
[RFC4448] "Encapsulation Methods for Transport of Ethernet over
MPLS Networks", Martini L. Ed. Rosen E. El-Aawar N. Heron G.
RFC4448, April 2006.
[RFC4447] "Pseudowire Setup and Maintenance Using the Label
Distribution Protocol (LDP)", Martini L. Ed. Rosen E.
El-Aawar N. Smith T. Heron G. RFC4447, April 2006
[ANSI] American National Standards Institute, "Synchronous Optical
Network Formats," ANSI T1.105-1995.
[ITUG] ITU Recommendation G.707, "Network Node Interface For The
Synchronous Digital Hierarchy", 1996.
[RFC3985] "PWE3 Architecture" Bryant, et al., RFC3985.
[RFC2277] Alvestrand, H., "IETF Policy on Character Sets and
Languages", BCP 18, RFC 2277, January 1998.
13. Author Information
Luca Martini
Cisco Systems, Inc.
9155 East Nichols Avenue, Suite 400
Englewood, CO, 80112
e-mail: lmartini@cisco.com
Giles Heron
Cisco Systems
10 New Square
Bedfont Lakes
Feltham
Middlesex
TW14 8HA
UK
e-mail: giheron@cisco.com
Martini & Heron [Page 30]
Internet Draft draft-ietf-pals-rfc4447bis-02.txt September 15, 2015
14. Additional Historical Contributing Authors
This historical list is from the original RFC, and is not updated. It
is intended for recognition of their work on RFC4447.
Nasser El-Aawar
Level 3 Communications, LLC.
1025 Eldorado Blvd.
Broomfield, CO, 80021
e-mail: nna@level3.net
Eric C. Rosen
Cisco Systems, Inc.
1414 Massachusetts Avenue
Boxborough, MA 01719
e-mail: erosen@cisco.com
Dan Tappan
Cisco Systems, Inc.
1414 Massachusetts Avenue
Boxborough, MA 01719
e-mail: tappan@cisco.com
Toby Smith
Google
6425 Penn Ave. #700
Pittsburgh, PA 15206
e-mail: tob@google.com
Dimitri Vlachos
Riverbed Technology
e-mail: dimitri@riverbed.com
Jayakumar Jayakumar,
Cisco Systems Inc.
3800 Zanker Road, MS-SJ02/2,
San Jose, CA, 95134
e-mail: jjayakum@cisco.com
Martini & Heron [Page 31]
Internet Draft draft-ietf-pals-rfc4447bis-02.txt September 15, 2015
Alex Hamilton,
Cisco Systems Inc.
485 East Tasman Drive, MS-SJC07/3,
San Jose, CA, 95134
e-mail: tahamilt@cisco.com
Steve Vogelsang
ECI Telecom
Omega Corporate Center
1300 Omega Drive
Pittsburgh, PA 15205
e-mail: stephen.vogelsang@ecitele.com
John Shirron
ECI Telecom
Omega Corporate Center
1300 Omega Drive
Pittsburgh, PA 15205
e-mail: john.shirron@ecitele.com
Andrew G. Malis
Verizon
60 Sylvan Rd.
Waltham, MA 02451
e-mail: andrew.g.malis@verizon.com
Vinai Sirkay
Reliance Infocomm
Dhirubai Ambani Knowledge City
Navi Mumbai 400 709
e-mail: vinai@sirkay.com
Vasile Radoaca
Nortel Networks
600 Technology Park
Billerica MA 01821
e-mail: vasile@nortelnetworks.com
Martini & Heron [Page 32]
Internet Draft draft-ietf-pals-rfc4447bis-02.txt September 15, 2015
Chris Liljenstolpe
149 Santa Monica Way
San Francisco, CA 94127
e-mail: ietf@cdl.asgaard.org
Dave Cooper
Global Crossing
960 Hamlin Court
Sunnyvale, CA 94089
e-mail: dcooper@gblx.net
Kireeti Kompella
Juniper Networks
1194 N. Mathilda Ave
Sunnyvale, CA 94089
e-mail: kireeti@juniper.net
Martini & Heron [Page 33]
Internet Draft draft-ietf-pals-rfc4447bis-02.txt September 15, 2015
Copyright Notice
Copyright (c) 2015 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
This document may contain material from IETF Documents or IETF
Contributions published or made publicly available before November
10, 2008. The person(s) controlling the copyright in some of this
material may not have granted the IETF Trust the right to allow
modifications of such material outside the IETF Standards Process.
Without obtaining an adequate license from the person(s) controlling
the copyright in such materials, this document may not be modified
outside the IETF Standards Process, and derivative works of it may
not be created outside the IETF Standards Process, except to format
it for publication as an RFC or to translate it into languages other
than English.
Expiration Date: March 2016
Martini & Heron [Page 34]