Network Working Group Luca Martini
Internet Draft Eric C. Rosen
Expiration Date: March 2005 Cisco Systems, Inc.
Nasser El-Aawar Toby Smith
Level 3 Communications, LLC. Laurel Networks, Inc.
Giles Heron
Tellabs
September 2004
Pseudowire Setup and Maintenance using LDP
draft-ietf-pwe3-control-protocol-09.txt
Status of this Memo
By submitting this Internet-Draft, we certify that any applicable
patent or other IPR claims of which we are aware have been disclosed,
or will be disclosed, and any of which we become aware will be
disclosed, in accordance with RFC 3668.
This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC2026.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that other
groups may also distribute working documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
Abstract
Layer 2 services (such as Frame Relay, ATM, ethernet) can be
"emulated" over an IP and/or MPLS backbone by encapsulating the layer
2 PDUs and then transmitting them over "pseudowires". It is also
possible to use pseudowires to provide low-rate TDM and SONET circuit
Martini, et al. [Page 1]
Internet Draft draft-ietf-pwe3-control-protocol-09.txt September 2004
emulation over an IP and/or MPLS network. This document specifies a
protocol for establishing and maintaining the pseudowires, using
extensions to LDP. Procedures for encapsulating layer 2 PDUs are
specified in a set of companion documents.
Martini, et al. [Page 2]
Internet Draft draft-ietf-pwe3-control-protocol-09.txt September 2004
Table of Contents
1 Specification of Requirements .......................... 4
2 Intellectual Property Statement ........................ 4
3 Introduction ........................................... 5
4 The Pseudowire Label ................................... 7
5 Details Specific to Particular Emulated Services ....... 8
5.1 Frame Relay ............................................ 8
5.2 ATM .................................................... 9
5.2.1 ATM AAL5 SDU VCC Transport ............................. 9
5.2.2 ATM Transparent Cell Transport ......................... 9
5.2.3 ATM n-to-one VCC and VPC Cell Transport ................ 9
5.2.4 OAM Cell Support ....................................... 9
5.2.5 ILMI Support ........................................... 11
5.2.6 ATM AAL5 PDU VCC Transport ............................. 11
5.2.7 ATM one-to-one VCC and VPC Cell Transport .............. 11
5.3 Ethernet Tagged Mode ................................... 11
5.4 Ethernet ............................................... 12
5.5 HDLC and PPP ........................................... 12
5.6 IP Layer2 Transport .................................... 12
6 LDP .................................................... 12
6.1 The PWid FEC Element ................................... 13
6.2 The Generalized PW ID FEC Element ...................... 14
6.2.1 Attachment Identifiers ................................. 15
6.2.2 Encoding the Generalized ID FEC Element ................ 16
6.2.3 Signaling Procedures ................................... 19
6.3 Signaling of Pseudo Wire Status ........................ 20
6.3.1 Use of Label Mappings. ................................. 20
6.3.2 Signaling PW status. ................................... 20
6.3.3 Pseudowire Status Negotiation Procedures ............... 22
6.4 Interface Parameters Field ............................. 24
7 Control Word ........................................... 26
7.1 PW types for which the control word is REQUIRED ........ 26
7.2 PW types for which the control word is NOT mandatory ... 26
7.3 LDP label Withdrawal procedures ........................ 28
7.4 Sequencing Considerations .............................. 28
7.4.1 Label Mapping Advertisements ........................... 28
7.4.2 Label Mapping Release .................................. 29
8 IANA Considerations .................................... 29
8.1 FEC Type Name Space .................................... 29
8.2 Pseudowire Type ........................................ 29
8.3 Interface Parameters ................................... 30
8.4 Status codes ........................................... 30
8.5 Pseudowire Status Codes ................................ 30
9 Security Considerations ................................ 31
9.1 Data-plane Security .................................... 31
Martini, et al. [Page 3]
Internet Draft draft-ietf-pwe3-control-protocol-09.txt September 2004
9.2 Control Protocol Security .............................. 32
10 Acknowledgments ........................................ 33
11 Normative References ................................... 33
12 Informative References ................................. 34
13 Author Information ..................................... 34
14 Additional Contributing Authors ........................ 35
15 Full Copyright Statement ............................... 38
16 Appendix A - C-bit Handling Procedures Diagram ......... 38
1. Specification of Requirements
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119.
2. Intellectual Property Statement
The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be
found in BCP 78 and BCP 79.
Copies of IPR disclosures made to the IETF Secretariat and any
assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the use of
such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at ietf-
ipr@ietf.org.
Martini, et al. [Page 4]
Internet Draft draft-ietf-pwe3-control-protocol-09.txt September 2004
3. Introduction
In [FRAME], [ATM], and [ETH] it is explained how to encapsulate a
layer 2 Protocol Data Unit (PDU) for transmission over an IP and/or
MPLS network. Those documents specify that a "pseudowire header",
consisting of a demultiplexor field, will be prepended to the
encapsulated PDU. The pseudowire demultiplexor field is put on before
transmitting a packet on a pseudowire. When the packet arrives at
the remote endpoint of the pseudowire, the demultiplexor is what
enables the receiver to identify the particular pseudowire on which
the packet has arrived. To actually transmit the packet from one
pseudowire endpoint to another, the packet may need to travel through
a "PSN tunnel"; this will require an additional header to be
prepended to the packet.
Accompanying documents [CEP, SAToP, CESoPSN] describe methods for
transporting time division multiplexed (TDM) digital signals (TDM
circuit emulation) over a packet-oriented MPLS network. The
transmission system for circuit-oriented TDM signals is the
Synchronous Optical Network (SONET)[SDH]/Synchronous Digital
Hierarchy (SDH) [ITUG]. To support TDM traffic, which includes voice,
data, and private leased line service, the pseudowires must emulate
the circuit characteristics of SONET/SDH payloads. The TDM signals
and payloads are encapsulated for transmission over pseudowires. To
this encapsulation is prepended a pseudowire demultiplexor and a PSN
tunnel header.
[SAToP], and [CESoPSN] describe methods for transporting low-rate
time division multiplexed (TDM) digital signals (TDM circuit
emulation) over PSNs, while [CEP] similarly describes transport of
high-rate TDM (SONET/SDH). To support TDM traffic the pseudowires
must emulate the circuit characteristics of the original T1, E1, T3,
E3, SONET or SDH signals. [SAToP] does this by encapsulating an
arbitrary but constant amount of the TDM data in each packet, while
the other methods encapsulate TDM structures.
In this document, we specify the use of the MPLS Label Distribution
Protocol, LDP [RFC3036], as a protocol for setting up and maintaining
the pseudowires. In particular, we define new TLVs for LDP, which
enable LDP to identify pseudowires and to signal attributes of
pseudowires. We specify how a pseudowire endpoint uses these TLVs in
LDP to bind a demultiplexor field value to a pseudowire, and how it
informs the remote endpoint of the binding. We also specify
procedures for reporting pseudowire status changes, passing
additional information about the pseudowire as needed, and for
releasing the bindings.
In the protocol specified herein, the pseudowire demultiplexor field
Martini, et al. [Page 5]
Internet Draft draft-ietf-pwe3-control-protocol-09.txt September 2004
is an MPLS label. Thus the packets which are transmitted from one end
of the pseudowire to the other are MPLS packets. Unless the
pseudowire endpoints are immediately adjacent, these MPLS packets
must be transmitted through a PSN tunnel. Any sort of PSN tunnel can
be used, as long as it is possible to transmit MPLS packets through
it. The PSN tunnel can itself be an LSP, or any other sort of tunnel
which can carry MPLS packets. Procedures for setting up and
maintaining the PSN tunnels are outside the scope of this document.
This document deals only with the setup and maintenance of point-to-
point pseudowires. Neither point-to-multipoint nor multipoint-to-
point pseudowires are discussed.
QoS related issues are not discussed in this document.
The following two figures describe the reference models which are
derived from [ARCH] to support the Ethernet PW emulated services.
|<-------------- Emulated Service ---------------->|
| |
| |<------- Pseudo Wire ------>| |
| | | |
| | |<-- PSN Tunnel -->| | |
| V V V V |
V AC +----+ +----+ AC V
+-----+ | | PE1|==================| PE2| | +-----+
| |----------|............PW1.............|----------| |
| CE1 | | | | | | | | CE2 |
| |----------|............PW2.............|----------| |
+-----+ ^ | | |==================| | | ^ +-----+
^ | +----+ +----+ | | ^
| | Provider Edge 1 Provider Edge 2 | |
| | | |
Customer | | Customer
Edge 1 | | Edge 2
| |
native service native service
Figure 1: PWE3 Reference Model
Martini, et al. [Page 6]
Internet Draft draft-ietf-pwe3-control-protocol-09.txt September 2004
+-------------+ +-------------+
| Layer2 | | Layer2 |
| Emulated | | Emulated |
| Services | Emulated Service | Services |
| |<==============================>| |
+-------------+ Pseudo Wire +-------------+
|Demultiplexor|<==============================>|Demultiplexor|
+-------------+ +-------------+
| PSN | PSN Tunnel | PSN |
| MPLS |<==============================>| MPLS |
+-------------+ +-------------+
| Physical | | Physical |
+-----+-------+ +-----+-------+
Figure 2: PWE3 Protocol Stack Reference Model
For the purpose of this document, PE1 will be defined as the ingress
router, and PE2 as the egress router. A layer 2 PDU will be received
at PE1, encapsulated at PE1, transported, decapsulated at PE2, and
transmitted out of PE2.
4. The Pseudowire Label
Suppose it is desired to transport layer 2 PDUs from ingress LSR PE1
to egress LSR PE2, across an intervening PSN. We assume that there is
a PSN tunnel from PE1 to PE2. That is, we assume that PE1 can cause a
packet to be delivered to PE2 by encapsulating the packet in a "PSN
tunnel header" and sending the result to one of its adjacencies. If
the PSN tunnel is an MPLS Label Switched Path (LSP), then putting on
a PSN tunnel encapsulation is a matter of pushing on an additional
MPLS label.
We presuppose that a large number of pseudowires can be carried
through a single PSN tunnel. Thus it is never necessary to maintain
state in the network core for individual pseudowires. We do not
presuppose that the PSN tunnels are point-to-point; although the
pseudowires are point-to-point, the PSN tunnels may be multipoint-
to-point. We do not presuppose that PE2 will even be able to
determine the PSN tunnel through which a received packet was
transmitted. (E.g., if the PSN tunnel is an LSP, and penultimate hop
popping is used, when the packet arrives at PE2 it will contain no
information identifying the tunnel.)
When PE2 receives a packet over a pseudowire, it must be able to
determine that the packet was in fact received over a pseudowire, and
it must be able to associate that packet with a particular
pseudowire. PE2 is able to do this by examining the MPLS label which
Martini, et al. [Page 7]
Internet Draft draft-ietf-pwe3-control-protocol-09.txt September 2004
serves as the pseudowire demultiplexor field shown in Figure 2. Call
this label the "PW label".
So when PE1 sends a layer 2 PDU to PE2, it first pushes a PW label on
its label stack, thereby creating an MPLS packet. It then (if PE1 is
not adjacent to PE2) encapsulates that MPLS packet in a PSN tunnel
header. (If the PSN tunnel is an LSP, this is just a matter of
pushing on a second label.) The PW label is not visible again until
the MPLS packet reaches PE2. PE2's disposition of the packet is based
on the PW label.
Note that the PW label must always be at the bottom of the packet's
label stack and labels MUST be allocated from the per-platform label
space.
This document specifies a protocol for assigning and distributing the
PW label. This protocol is LDP, extended as specified in the
remainder of this document. An LDP session must be set up between
the pseudowire endpoints. LDP MUST be used in its "downstream
unsolicited" mode. LDP's "liberal label retention" mode SHOULD be
used.
In addition to the protocol specified herein, static assignment of PW
labels MAY be used, and implementations of this protocol SHOULD
provide support for static assignment.
This document specifies all the procedures necessary to set up and
maintain the pseudowires needed to support "unswitched" point-to-
point services, where each endpoint of the pseudowire is provisioned
with the identify of the other endpoint. There are also protocol
mechanisms specified herein which can be used to support switched
services, and which can be used to support other provisioning models.
However, the use of the protocol mechanisms to support those other
models and services is not described in this document.
5. Details Specific to Particular Emulated Services
5.1. Frame Relay
When emulating a frame relay service, the Frame Relay PDUs are
encapsulated according to the procedures defined in [FRAME]. The PE
MUST provide Frame Relay PVC status signaling to the Frame Relay
network. If the PE detects a service-affecting condition for a
particular DLCI, as defined in [ITUQ] Q.933 Annex A.5 sited in IA
FRF1.1, PE MUST communicate to the remote PE the status of the PW
corresponds to the frame relay DLCI. The Egress PE SHOULD generate
Martini, et al. [Page 8]
Internet Draft draft-ietf-pwe3-control-protocol-09.txt September 2004
the corresponding errors and alarms as defined in [ITUQ] on the
egress Frame relay PVC.
5.2. ATM
5.2.1. ATM AAL5 SDU VCC Transport
ATM AAL5 CSPS-SDUs are encapsulated according to [ATM] ATM AAL5
CPCS-SDU mode. This mode allows the transport of ATM AAL5 CSPS-SDUs
traveling on a particular ATM PVC across the network to another ATM
PVC.
5.2.2. ATM Transparent Cell Transport
This mode is similar to the Ethernet port mode. Every cell that is
received at the ingress ATM port on the ingress PE, PE1, is
encapsulated according to [ATM], ATM cell mode n-to-one, and sent
across the PW to the egress PE, PE2. This mode allows an ATM port to
be connected to only one other ATM port. [ATM] ATM cell n-to-one
mode allows for concatenation ( grouping ) of multiple cells into a
single MPLS frame. Concatenation of ATM cells is OPTIONAL for
transmission at the ingress PE, PE1. If the Egress PE PE2 supports
cell concatenation the ingress PE, PE1, should only concatenate cells
up to the "Maximum Number of concatenated ATM cells" parameter
received as part of the FEC element.
5.2.3. ATM n-to-one VCC and VPC Cell Transport
This mode is similar to the ATM AAL5 VCC transport except that cells
are transported. Every cell that is received on a pre-defined ATM
PVC, or ATM PVP, at the ingress ATM port on the ingress PE, PE1, is
encapsulated according to [ATM], ATM n-to-one cell mode, and sent
across the LSP to the egress PE PE2. Grouping of ATM cells is
OPTIONAL for transmission at the ingress PE, PE1. If the Egress PE
PE2 supports cell concatenation the ingress PE, PE1, MUST only
concatenate cells up to the "Maximum Number of concatenated ATM cells
in a frame" parameter received as part of the FEC element.
5.2.4. OAM Cell Support
OAM cells MAY be transported on the PW LSP. When the PE is operating
in AAL5 CPCS-SDU transport mode if it does not support transport of
ATM cells, the PE MUST discard incoming MPLS frames on an ATM PW LSP
that contain a PW label with the T bit set [ATM]. When operating in
Martini, et al. [Page 9]
Internet Draft draft-ietf-pwe3-control-protocol-09.txt September 2004
AAL5 SDU transport mode an PE that supports transport of OAM cells
using the T bit defined in [ATM], or an PE operating in any of the
cell transport modes MUST follow the procedures outlined in [ATM] in
addition to the applicable procedures specified in [ITUG].
5.2.4.1. SDU/PDU OAM Cell Emulation Mode
A PE operating in ATM SDU, or PDU transport mode, that does not
support transport of OAM cells across an LSP MAY provide OAM support
on ATM PVCs using the following procedures:
- Loopback cells response
If an F5 end-to-end OAM cell is received from a ATM VC, by either
PE that is transporting this ATM VC, with a loopback indication
value of 1, and the PE has a label mapping for the ATM VC, then
the PE MUST decrement the loopback indication value and loop back
the cell on the ATM VC. Otherwise the loopback cell MUST be
discarded by the PE.
- AIS Alarm.
If an ingress PE, PE1, receives an AIS F4/F5 OAM cell, it MUST
notify the remote PE of the failure. The remote PE , PE2, MUST in
turn send F5 OAM AIS cells on the respective PVCs. Note that if
the PE supports forwarding of OAM cells, then the received OAM
AIS alarm cells MUST be forwarded along the PW as well.
- Interface failure.
If the PE detects a physical interface failure, or the interface
is administratively disabled, the PE MUST notify the remote PE
for all VCs associated with the failure.
- PSN/PW failure detection.
If the PE detects a failure in the PW, by receiving a label
withdraw for a specific PW ID, or the targeted LDP session fails,
or a PW status TLV notification is received, then a proper AIS F5
OAM cell MUST be generated for all the affected atm PVCs. The AIS
OAM alarm will be generated on the ATM output port of the PE that
detected the failure.
Martini, et al. [Page 10]
Internet Draft draft-ietf-pwe3-control-protocol-09.txt September 2004
5.2.5. ILMI Support
An MPLS edge PE MAY provide an ATM ILMI to the ATM edge switch. If an
ingress PE receives an ILMI message indicating that the ATM edge
switch has deleted a VC, or if the physical interface goes down, it
MUST send a PW status notification message for all PWs associated
with the failure. When a PW label mapping is withdrawn, or PW status
notification message is received the egress PE SHOULD notify its
client of this failure by deleting the VC using ILMI.
5.2.6. ATM AAL5 PDU VCC Transport
ATM AAL5 CSPS-PDUs are encapsulated according to [ATM] ATM AAL5
CPCS-PDU mode. This mode allows the transport of ATM AAL5 CSPS-PDUs
traveling on a particular ATM PVC across the network to another ATM
PVC. This mode supports fragmentation of the ATM AAL5 CPCS-PDU in
order to maintain the position of the OAM cells with respect to the
user cells. Fragmentation may also be performed to maintain the size
of the packet carrying the AAL5 PDU within the MTU of the link.
5.2.7. ATM one-to-one VCC and VPC Cell Transport
This mode is similar to the ATM AAL5 n-to-one cell transport except
an encapsulation method that maps one ATM VCC or one ATM VPC to one
Pseudo-Wire is used. Every cell that is received on a pre-defined ATM
PVC, or ATM PVP, at the ingress ATM port on the ingress PE, PE1, is
encapsulated according to [ATM], ATM one-to-one cell mode, and sent
across the LSP to the egress PE PE2. Grouping of ATM cells is
OPTIONAL for transmission at the ingress PE, PE1. If the Egress PE
PE2 supports cell concatenation the ingress PE, PE1, MUST only
concatenate cells up to the "Maximum Number of concatenated ATM cells
in a frame" parameter received as part of the FEC element.
5.3. Ethernet Tagged Mode
The Ethernet frame will be encapsulated according to the procedures
in [ETH] tagged mode. It should be noted that if the VLAN identifier
is modified by the egress PE, according to the procedures outlined
above, the Ethernet spanning tree protocol might fail to work
properly. If the PE detects a failure on the Ethernet physical port,
or the port is administratively disabled, it MUST send PW status
notification message for all PWs associated with the port. This mode
uses service-delimiting tags to map input ethernet frames to
respective PWs.
Martini, et al. [Page 11]
Internet Draft draft-ietf-pwe3-control-protocol-09.txt September 2004
5.4. Ethernet
The Ethernet frame will be encapsulated according to the procedures
in [ETH] "ethernet raw mode". If the PE detects a failure on the
Ethernet input port, or the port is administratively disabled, the PE
MUST send a corresponding PW status notification message.
5.5. HDLC and PPP
HDLC and PPP frames are encapsulated according to the procedures in
[PPPHDLC]. If the MPLS edge PE detects that the physical link has
failed, or the port is administratively disabled, it MUST send a PW
status notification message that corresponds to the HDLC or PPP PW.
5.6. IP Layer2 Transport
This mode switches IP packets into a Peudo-Wire. the encapsulation
used is according to [RFC3032]. IP interworking is implementation
specific, part of the NSP function [ARCH], and is outside the scope
of this document. The control word MUST NOT be used.
6. LDP
The PW label bindings are distributed using the LDP downstream
unsolicited mode described in [LDP]. The PEs will establish an LDP
session using the Extended Discovery mechanism described in [1,
section 2.4.2 and 2.5].
An LDP Label Mapping message contains a FEC TLV, a Label TLV, and
zero or more optional parameter TLVs.
The FEC TLV is used to indicate the meaning of the label. In the
current context, the FEC TLV would be used to identify the particular
pseudowire that a particular label is bound to. In this
specification, we define two new FEC TLVs to be used for identifying
pseudowires. When setting up a particular pseudowire, only one of
these FEC TLVs is used. The one to be used will depend on the
particular service being emulated and on the particular provisioning
model being supported.
LDP allows each FEC TLV to consist of a set of FEC elements. For
setting up and maintaining pseudowires, however, each FEC TLV MUST
contain exactly one FEC element.
LDP has several kinds of label TLVs. For setting up and maintaining
Martini, et al. [Page 12]
Internet Draft draft-ietf-pwe3-control-protocol-09.txt September 2004
pseudowires, the Generic Label TLV MUST be used.
6.1. The PWid FEC Element
The PWid FEC element may be used whenever both pseudowire endpoints
have been provisioned with the same 32-bit identifier for the
pseudowire.
For this purpose a new type of FEC element is defined. The FEC
element type is 128 [note1], and is defined as follows:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| PW tlv |C| PW type |PW info Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Group ID |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| PW ID |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Interface parameters |
| " |
| " |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- PW type
A 15 bit quantity containing a value which represents the type of
PW. Assigned Values are specified in "IANA Allocations for pseudo
Wire Edge to Edge Emulation (PWE3)" [IANA].
- Control word bit (C)
The bit (C) is used to flag the presence of a control word as
follows:
C = 1 control word present on this PW.
C = 0 no control word present on this PW.
Please see the section "C-Bit Handling Procedures" for further
explanation.
- PW information length
Length of the PW ID field and the interface parameters field in
octets. If this value is 0, then it references all PWs using the
Martini, et al. [Page 13]
Internet Draft draft-ietf-pwe3-control-protocol-09.txt September 2004
specified group ID and there is no PW ID present, nor any
interface parameters.
- Group ID
An arbitrary 32 bit value which represents a group of PWs that is
used to create groups in the PW space. The group ID is intended
to be used as a port index, or a virtual tunnel index. To
simplify configuration a particular PW ID at ingress could be
part of the virtual tunnel for transport to the egress router.
The Group ID is very useful to send wild card label withdrawals,
or PW wild card status notification messages to remote PEs upon
physical port failure.
- PW ID
A non-zero 32-bit connection ID that together with the PW type,
identifies a particular PW. Note that the PW ID and the PW type
must be the same at both endpoints.
- Interface parameters
This variable length field is used to provide interface specific
parameters, such as CE-facing interface MTU.
Note that as the "interface parameters" are part of the FEC, the
rules of LDP make it impossible to change the interface
parameters once the pseudowire has been set up. Thus the
interface parameters field must not be used to pass information,
such as status information, which may change during the life of
the pseudowire. Optional parameter TLVs should be used for that
purpose.
Using the PWid FEC, each of the two pseudowire endpoints
independently initiates the set up of a unidirectional LSP. An
outgoing LSP and an incoming LSP are bound together into a single
pseudowire if they have the same PW ID and PW type.
6.2. The Generalized PW ID FEC Element
The PWid FEC element can be used if a unique 32-bit value has been
assigned to the PW, and if each endpoint has been provisioned with
that value. The Generalized ID FEC element requires that the PW
endpoints be uniquely identified; the PW itself is identified as a
pair of endpoints. In addition the endpoint identifiers are
structured to support applications where the identity of the remote
endpoints needs to be auto-discovered rather than statically
Martini, et al. [Page 14]
Internet Draft draft-ietf-pwe3-control-protocol-09.txt September 2004
configured.
The "Generalized ID FEC Element" is FEC type 129 (provisionally,
subject to assignment by IANA).
The Generalized ID FEC Element not contain anything corresponding to
the "group id" of the PWid FEC element. The functionality of the
latter is provided by a separate optional LDP TLV, the "PW Grouping
TLV", described below. The Interface Parameters field of the PWid FEC
element is also absent; its functionality is replaced by the optional
Interface Parameters TLV, described below.
6.2.1. Attachment Identifiers
As discussed in [ARCH], a pseudowire can be thought of as connecting
two "forwarders". The protocol used to setup a pseudowire must allow
the forwarder at one end of a pseudowire to identify the forwarder at
the other end. We use the term "attachment identifier", or "AI", to
refer to the field which the protocol uses to identify the
forwarders. In the PWid FEC, the PWid field serves as the AI. In
this section we specify a more general form of AI which is structured
and of variable length.
Every Forwarder in a PE must be associated with an Attachment
Identifier (AI), either through configuration or through some
algorithm. The Attachment Identifier must be unique in the context
of the PE router in which the Forwarder resides. The combination <PE
router, AI> must be globally unique.
It is frequently convenient to regard a set of Forwarders as being
members of a particular "group", where PWs may only be set up among
members of a group. In such cases, it is convenient to identify the
Forwarders relative to the group, so that an Attachment Identifier
would consist of an Attachment Group Identifier (AGI) plus an
Attachment Individual Identifier (AII).
An Attachment Group Identifier may be thought of as a VPN-id, or
a VLAN identifier, some attribute which is shared by all the
Attachment PWs (or pools thereof) which are allowed to be connected.
The details of how to construct the AGI and AII fields identifying
the pseudowire endpoints are outside the scope of this specification.
Different pseudowire application, and different provisioning models,
will require different sorts of AGI and AII fields. The
specification of each such application and/or model must include the
rules for constructing the AGI and AII fields.
Martini, et al. [Page 15]
Internet Draft draft-ietf-pwe3-control-protocol-09.txt September 2004
As previously discussed, a (bidirectional) pseudowire consists of a
pair of unidirectional LSPs, one in each direction. If a particular
pseudowire connects PE1 with PE2, the LSP in the PE1-->PE2 direction
can be identified as:
<PE1, <AGI, AII1>, PE2, <AGI, AII2>>,
and the LSP in the PE2--PE1 direction can be identified by:
<PE2, <AGI, AII2>, PE1, <AGI, AII1>>.
Note that the AGI must be the same at both endpoints, but the AII
will in general be different at each endpoint. Thus from the
perspective of a particular PE, each pseudowire has a local or
"Source AII", and a remote or "Target AII". The pseudowire setup
protocol can carry all three of these quantities:
- Attachment Group Identifier (AGI).
- Source Attachment Individual Identifier (SAII)
- Target Attachment Individual Identifier (TAII)
If the AGI is non-null, then the Source AI (SAI) consists of the AGI
together with the SAII, and the Target AI (TAI) consists of the TAII
together with the AGI. If the AGI is null, then the SAII and TAII
are the SAI and TAI respectively.
The interpretation of the SAI and TAI is a local matter at the
respective endpoint.
The association of two unidirectional LSPs into a single
bidirectional pseudowire depends on the SAI and the TAI. Each
application and/or provisioning model which uses the Generalized ID
FEC element must specify the rules for performing this association.
6.2.2. Encoding the Generalized ID FEC Element
FEC element type 129 [note1] is used. The FEC element is encoded as
follows:
Martini, et al. [Page 16]
Internet Draft draft-ietf-pwe3-control-protocol-09.txt September 2004
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| 129 |C| PW Type |PW info Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AGI | Length | Value |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
~ Value (contd.) ~
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| SAII | Length | Value |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
~ Value (contd.) ~
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| TAII | Length | Value |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
~ Value (contd.) ~
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
This document does not specify the SAII,TAII,AGI type field values;
specification of the type field values to use for a particular
application is part of the specification of that application. IANA
will assign these values based on IETF consensus.
The SAII, TAII, and AGI are simply carried as octet strings. The
length byte specifies the size of the Value field. The null string
can be sent by setting the length byte to 0.
If a particular application does not need all three of these sub-
elements, it MUST send all the sub-elements, but set the length to 0
for the unused sub-elements.
The PW information length field, contains the length of the SAII,
TAII, AGI combined, and the interface parameters field in octets. If
this value is 0, then it references all PWs using the specified
grouping ID. In this case there are no other FEC element fields
(AGI,SAII, etc. ) present, nor any interface parameters.
Note that the interpretation of a particular field as AGI, SAII, or
TAII depends on the order of its occurrence. The type field
identifies the type of the AGI, SAII, or TAII. When comparing two
occurrences of an AGI (or SAII or TAII), the two occurrences are
considered to be identical if the type, length, and value fields of
one are identical, respectively, to those of the other.
Martini, et al. [Page 17]
Internet Draft draft-ietf-pwe3-control-protocol-09.txt September 2004
6.2.2.1. Interface Parameters TLV
This TLV MUST only be used when sending the Generalized PW FEC. It
specifies interface specific parameters. Specific parameters, when
applicable, MUST be used to validate that the PEs, and the ingress
and egress ports at the edges of the circuit, have the necessary
capabilities to interoperate with each other.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|0|0| PW Intf P. TLV (0x096B) | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Parameter ID | Length | Variable Length Value |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Variable Length Value |
| " |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
[ note: TLV type 0x096B as defined in [IANA] pending IANA allocation
]
A more detailed description of this field can be found in the section
"Interface Parameters Field" below.
6.2.2.2. PW Grouping TLV
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|0|0|PW Grouping ID TLV (0x096C)| Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Value |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
[ note: TLV type 0x096C as defined in [IANA] pending IANA allocation
]
The PW Grouping ID is an arbitrary 32 bit value which represents an
arbitrary group of PWs. It is used create groups PWs; for example, a
PW Grouping ID can be used as a port index, and assigned to all PWs
that lead to that port. Use of the PW Grouping ID enables one to
send "wild card" label withdrawals, or "wild card" status
notification messages to remote PEs upon physical port failure.
Note Well: The PW Grouping ID is different than, and has no relation
to, the Attachment Group Identifier.
Martini, et al. [Page 18]
Internet Draft draft-ietf-pwe3-control-protocol-09.txt September 2004
The PW Grouping ID TLV is not part of the FEC, and will not be
advertised except in the initial PW FEC advertisement. The
advertising PE MAY use the wild card withdraw semantics, but the
remote PEs MUST implement support for wildcard messages. If the PW
Grouping ID is not going to be used for wild card messages, it MAY be
omitted. This TLV MAY only be used when sending the Generalized PW ID
FEC.
To issue a wildcard command ( status or withdraw ):
-i. Set the PW Info Length to 0 in the Generalized ID FEC
Element.
-ii. Send only the PW Grouping ID TLV with the FEC ( No
AGI/SAII/TAII is sent ).
6.2.3. Signaling Procedures
In order for PE1 to begin signaling PE2, PE1 must know the address of
the remote PE2, and a TAI. This information may have been configured
at PE1, or it may have been learned dynamically via some
autodiscovery procedure.
To begin the signaling procedure, a PE (PE1) that has knowledge of
the other endpoint (PE2) initiates the setup of the LSP in the
incoming (PE2-->PE1) direction by sending a Label Mapping message
containing the FEC type 129. The FEC element includes the SAII, AGI,
and TAII.
What happens when PE2 receives such a Label Mapping message?
PE2 interprets the message as a request to set up a PW whose endpoint
(at PE2) is the Forwarder identified by the TAI. From the
perspective of the signaling protocol, exactly how PE2 maps AIs to
Forwarders is a local matter. In some VPWS provisioning models, the
TAI might, e.g., be a string which identifies a particular Attachment
Circuit, such as "ATM3VPI4VCI5", or it might, e.g., be a string such
as "Fred" which is associated by configuration with a particular
Attachment Circuit. In VPLS, the AGI could be a VPN-id, identifying
a particular VPLS instance.
If PE2 cannot map the TAI to one of its Forwarders, then PE2 sends a
Label Release message to PE1, with a Status Code meaning "invalid
TAI" ,[ note: Status Code 0x00000029 as defined in [IANA] pending
IANA allocation ] and the processing of the Mapping message is
complete.
The FEC TLV sent in a Label Release is the same as the FEC TLV
Martini, et al. [Page 19]
Internet Draft draft-ietf-pwe3-control-protocol-09.txt September 2004
received in the Label Mapping being released (but without the
interface parameters). More generally, the FEC TLV is the same in
all LDP messages relating to the same LSP. In a Label Release this
means that the SAII is the remote peer's AII and the TAII is the
sender's local AII.
If the Label Mapping Message has a valid TAI, PE2 must decide whether
to accept it or not. The procedures for so deciding will depend on
the particular type of Forwarder identified by the TAI. Of course,
the Label Mapping message may be rejected due to standard LDP error
conditions as detailed in [LDP].
If PE2 decides to accept the Label Mapping message, then it has to
make sure that an LSP is set up in the opposite (PE1-->PE2)
direction. If it has already signaled for the corresponding LSP in
that direction, nothing more need be done. Otherwise, it must
initiate such signaling by sending a Label Mapping message to PE1.
This is very similar to the Label Mapping message PE2 received, but
with the SAI and TAI reversed.
Thus a bidirectional PW consists of two LSPs, where the FEC of one is
the "reverse" of the FEC of the other.
6.3. Signaling of Pseudo Wire Status
6.3.1. Use of Label Mappings.
The PEs MUST send PW label mapping messages to their peers as soon as
the PW is configured and administratively enabled, regardless of the
CE-facing interface state. The PW label should not be withdrawn
unless the user administratively configures the CE-facing interface
down (or the PW configuration is deleted entirely). Using the
procedures outlined in this section a simple label withdraw method
MAY also be supported as a primitive means of signaling PW status. It
is strongly RECOMMENDED that the PW status signaling procedures below
be fully implemented. In any case if the Label mapping is not
available the PW MUST be considered in the down state.
6.3.2. Signaling PW status.
The PE devices use an LDP TLV to indicate status to their remote
peers. This PW Status TLV contains more information than the
alternative simple Label Withdraw message.
The format of the PW Status TLV is:
Martini, et al. [Page 20]
Internet Draft draft-ietf-pwe3-control-protocol-09.txt September 2004
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|1|0| PW Status (0x096A) | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Status Code |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
[ note: TLV type 0x096A as defined in [IANA] pending IANA allocation
]
Where the status code is a 4 octet bit field is specified in the PW
IANA Allocations document [IANA]. The length specifies the length of
the Status Code field in octets ( equal to 4 ).
Each bit in the status code field can be set individually to indicate
more then a single failure at once. Each fault can be cleared by
sending an appropriate status message with the respective bit
cleared. The presence of the lowest bit (PW Not Forwarding) acts only
as a generic failure indication when there is a link-down event for
which none of the other bits apply.
The Status TLV is transported to the remote PW peer via the LDP
notification message. The general format of the Notification Message
is:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|0| Notification (0x0001) | Message Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Message ID |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Status (TLV) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| PW Status TLV |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| PWId FEC or Generalized ID FEC |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
The Status TLV status code is set to 0x00000028 "PW status", to
indicate that PW status follows. Since this notification does not
refer to any particular message the Message Id, and Message Type
fields are set to 0. [ note: Status Code 0x00000028 as defined in
[IANA] pending IANA allocation ] A more detailed diagram is shown in
Appendix B.
Martini, et al. [Page 21]
Internet Draft draft-ietf-pwe3-control-protocol-09.txt September 2004
The PW FEC TLV SHOULD not include the interface parameters as they
are ignored in the context of this message. When a PE's CE-facing
interface encounters an error, use of the PW status message allows
the PE to send a single "wild card" status message, using a PW FEC
TLV with only the group ID set, to denote this change in status for
all affected PW connections. This status message contains either the
PW FEC TLV with only the group ID set, or else it contains the
Generalized FEC TLV and the PW Grouping ID TLV.
As mentioned above the Group ID field of the PWid FEC element, or the
PW Grouping ID TLV used with the Generalized ID FEC element, can be
used to send a status notification for all arbitrary sets of PWs.
This procedure is OPTIONAL, and if it is implemented the LDP
Notification message should be as follows: If the PWid FEC element is
used, the PW information length field is set to 0, the PW ID field is
not present, and the interface parameters field is not present. If
the Generalized FEC element is used, the AGI, SAII, and TAII are not
present,the PW information length field is set to 0, the PW Grouping
ID TLV is included, and the Interface Parameters TLV is omitted. For
the purpose of this document this is called the "wild card PW status
notification procedure", and all PEs implementing this design are
REQUIRED to accept such a notification message, but are not required
to send it.
6.3.3. Pseudowire Status Negotiation Procedures
When a PW is first set up the PEs MUST attempt to negotiate the usage
of the PW status TLV. This is accomplished as follows: A PE that
supports the PW Status TLV MUST include it the initial label mapping
signaling following label mapping TLV, the PW FEC, and the interface
parameters field. The PW Status TLV will then be used for the
lifetime of the Pseudowire. This is shown in the following diagram:
Martini, et al. [Page 22]
Internet Draft draft-ietf-pwe3-control-protocol-09.txt September 2004
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ PWId FEC or Generalized ID FEC +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Interface parameters |
| " |
| " |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|0|0| Generic Label (0x0200) | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Label |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|1|0| PW Status (0x0???) | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Status Code |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
If PW status TLV is sent following the label mapping TLV in the
initial PW FEC Message, but the remote PE corresponding FEC
advertisement does not include a PW status TLV, or the remote PE does
not support the PW Status TLV and the PW will revert to the label
withdraw method to signal PW status. Note that if the PW Status TLV
is not supported, by the remote peer, it will automatically be
ignored, since the LDP ignore bit is set. The PW Status TLV,
therefore, will not be present in the corresponding FEC advertisement
from the remote LDP peer resulting in exactly the above behavior.
If the PW Status TLV is not present following the label mapping TLV
in the initial PW FEC Message received by a PE, then the PW Status
TLV will not be used and both PEs supporting the pseudowire will
revert to the label withdraw procedure for signaling status changes.
If the negotiation process results in the usage of the PW status TLV,
then the actual PW status is determined by the PW status TLV that was
sent within the initial PW label mapping. Subsequent updates of PW
status are conveyed through the notification message
Martini, et al. [Page 23]
Internet Draft draft-ietf-pwe3-control-protocol-09.txt September 2004
6.4. Interface Parameters Field
This field specifies interface specific parameters. When applicable,
it MUST be used to validate that the PEs, and the ingress and egress
ports at the edges of the circuit, have the necessary capabilities to
interoperate with each other. The field structure is defined as
follows:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Parameter ID | Length | Variable Length Value |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Variable Length Value |
| " |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
The parameter ID Values are specified in "IANA Allocations for pseudo
Wire Edge to Edge Emulation (PWE3)" [IANA].
The Length field is defined as the length of the interface parameter
including the parameter id and length field itself. Processing of the
interface parameters should continue when encountering unknown
interface parameters and they MUST be silently ignored.
- Interface MTU
A 2 octet value indicating the MTU in octets. This is the Maximum
Transmission Unit, excluding encapsulation overhead, of the
egress packet interface that will be transmitting the
decapsulated PDU that is received from the MPLS network. This
parameter is applicable only to PW types 1, 2, 4, 5, 6, 7,14, and
15 and is REQUIRED for these PW types. If this parameter does not
match in both directions of a specific PW, that PW MUST NOT be
enabled.
- Maximum Number of concatenated ATM cells
A 2 octet value specifying the maximum number of concatenated ATM
cells that can be processed as a single PDU by the egress PE. An
ingress PE transmitting concatenated cells on this PW can
concatenate a number of cells up to the value of this parameter,
but MUST NOT exceed it. This parameter is applicable only to PW
types 3, 9, 0x0a, 0xc, and 0xd and is REQUIRED for these PWC
types. This parameter does not need to match in both directions
of a specific PW.
Martini, et al. [Page 24]
Internet Draft draft-ietf-pwe3-control-protocol-09.txt September 2004
- Optional Interface Description string
This arbitrary, OPTIONAL, interface description string is used to
send a human-readable administrative string describing the
interface to the remote. This parameter is OPTIONAL, and is
applicable to all PW types. The interface description parameter
string length is variable, and can be from 0 to 80 octets.
Human-readable text MUST be provided in the UTF-8 charset using
the Default Language [RFC2277].
- Payload Bytes
A 2 octet value indicating the number of TDM payload octets
contained in all packets on the CEM stream, from 48 to 1,023
octets. All of the packets in a given CEM stream have the same
number of payload bytes. Note that there is a possibility that
the packet size may exceed the SPE size in the case of an STS-1
SPE, which could cause two pointers to be needed in the CEM
header, since the payload may contain two J1 bytes for
consecutive SPEs. For this reason, the number of payload bytes
must be less than or equal to 783 for STS-1 SPEs.
- CEP Options.
An optional 16 Bit value of CEM Flags. See [8] for the definition
of the bit values.
- Requested VLAN ID.
An Optional 16 bit value indicating the requested VLAN ID. This
parameter MAY be used by an PE that is incapable of rewriting the
802.1Q ethernet VLAN tag on output. If the ingress PE receives
this request it MAY rewrite the VLAN ID tag in input to match the
requested VLAN ID. If this is not possible, and the VLAN ID does
not already match configured ingress VLAN ID the PW should not be
enabled.This parameter is applicable only to PW type 4.
- CEP/TDM bit rate.
This 32-bit integer is mandatory for CEP. For other PWs carrying
TDM traffic it is mandatory if the bit-rate cannot be directly
inferred from the service type. If present, it expresses the bit
rate of the attachment circuit as known to the advertizing PE in
"units" of 64 kbit/s. I.e., the value 26 must be used for CEP
carrying VT1.5 SPE, 35 - for CEP carrying a VT2 SPE, 107 - for
VT6 SPE, 783 - for STS-1 SPE and n*783 - for STS-nc, n = 3, 12,
48, 192. Attempts to establish a PWC between a pair of TDM ports
with different bit-rates MUST be rejected with the appropriate
Martini, et al. [Page 25]
Internet Draft draft-ietf-pwe3-control-protocol-09.txt September 2004
status code (see section "Status codes" in [IANA]).
- Frame-Relay DLCI length.
An optional 16 bit value indicating the lenght of the frame-relay
DLCI field. This OPTIONAL interface paremeter can have value of 2
, or 4, with the default being equal to 2. If this interface
parameter is not present the default value of 2 is assumed.
7. Control Word
7.1. PW types for which the control word is REQUIRED
The Label Mapping messages which are sent in order to set up these
PWs MUST have c=1. When a Label Mapping message for a PW of one of
these types is received, and c=0, a Label Release MUST be sent, with
an "Illegal C-bit" status code. In this case, the PW will not be
enabled.
7.2. PW types for which the control word is NOT mandatory
If a system is capable of sending and receiving the control word on
PW types for which the control word is not mandatory, then each such
PW endpoint MUST be configurable with a parameter that specifies
whether the use of the control word is PREFERRED or NOT PREFERRED.
For each PW, there MUST be a default value of this parameter. This
specification does NOT state what the default value should be.
If a system is NOT capable of sending and receiving the control word
on PWC types for which the control word is not mandatory, then it
behaves as exactly as if it were configured for the use of the
control word to be NOT PREFERRED.
If a Label Mapping message for the PW has already been received, but
no Label Mapping message for the PW has yet been sent, then the
procedure is the following:
-i. If the received Label Mapping message has c=0, send a Label
Mapping message with c=0, and the control word is not used.
-ii. If the received Label Mapping message has c=1, and the PW is
locally configured such that the use of the control word is
preferred, then send a Label Mapping message with c=1, and
the control word is used.
Martini, et al. [Page 26]
Internet Draft draft-ietf-pwe3-control-protocol-09.txt September 2004
-iii. If the received Label Mapping message has c=1, and the PW is
locally configured such that the use of the control word is
not preferred or the control word is not supported, then act
as if no Label Mapping message for the PW had been received
(i.e., proceed to the next paragraph).
If a Label Mapping message for the PW has not already been received
(or if the received Label Mapping message had c=1 and either local
configuration says that the use of the control word is not preferred
or the control word is not supported), then send a Label Mapping
message in which the c bit is set to correspond to the locally
configured preference for use of the control word. (I.e., set c=1 if
locally configured to prefer the control word, set c=0 if locally
configured to prefer not to use the control word or if the control
word is not supported).
The next action depends on what control message is next received for
that PW. The possibilities are:
-i. A Label Mapping message with the same c bit value as
specified in the Label Mapping message that was sent. PW
setup is now complete, and the control word is used if c=1
but not used if c=0.
-ii. A Label Mapping message with c=1, but the Label Mapping
message that was sent has c=0. In this case, ignore the
received Label Mapping message, and continue to wait for the
next control message for the PW.
-iii. A Label Mapping message with c=0, but the Label Mapping
message that was sent has c=1. In this case, send a Label
Withdraw message with a "Wrong c-bit" status code, followed
by a Label Mapping message that has c=0. PW setup is now
complete, and the control word is not used.
-iv. A Label Withdraw message with the "Wrong c-bit" status code.
Treat as a normal Label Withdraw, but do not respond.
Continue to wait for the next control message for the PW.
If at any time after a Label Mapping message has been received, a
corresponding Label Withdraw or Release is received, the action taken
is the same as for any Label Withdraw or Release that might be
received at any time.
If both endpoints prefer the use of the control word, this procedure
will cause it to be used. If either endpoint prefers not to use the
control word, or does not support the control word, this procedure
will cause it not to be used. If one endpoint prefers to use the
control word but the other does not, the one that prefers not to use
it is has no extra protocol to execute, it just waits for a Label
Mapping message that has c=0.
Martini, et al. [Page 27]
Internet Draft draft-ietf-pwe3-control-protocol-09.txt September 2004
The diagram in Appendix A illustrates the above procedure.
7.3. LDP label Withdrawal procedures
As mentioned above the Group ID field of the PWid FEC element, or the
PW Grouping ID TLV used with the Generalized ID FEC element, can be
used to withdraw all PW labels associated with a particular PW group.
This procedure is OPTIONAL, and if it is implemented the LDP label
withdraw message should be as follows: If the PWid FEC element is
used, the PW information length field is set to 0, the PW ID field is
not present, and the interface parameters field is not present. If
the Generalized FEC element is used, the AGI, SAII, and TAII are not
present,the PW information length field is set to 0, the PW Grouping
ID TLV is included, and the Interface Parameters TLV is omitted. For
the purpose of this document this is called the "wild card withdraw
procedure", and all PEs implementing this design are REQUIRED to
accept such withdrawn message, but are not required to send it.
The interface parameters field, or TLV, MUST NOT be present in any
LDP PW label withdrawal message or release message. A wildcard
release message MUST include only the group ID. A Label Release
message initiated from the imposition router must always include the
PW ID.
7.4. Sequencing Considerations
In the case where the router considers the sequence number field in
the control word, it is important to note the following when
advertising labels
7.4.1. Label Mapping Advertisements
After a label has been withdrawn by the disposition router and/or
released by the imposition router, care must be taken to not re-
advertise (re-use) the released label until the disposition router
can be reasonably certain that old packets containing the released
label no longer persist in the MPLS network.
This precaution is required to prevent the imposition router from
restarting packet forwarding with sequence number of 1 when it
receives the same label mapping if there are still older packets
persisting in the network with sequence number between 1 and 32768.
For example, if there is a packet with sequence number=n where n is
in the interval[1,32768] traveling through the network, it would be
possible for the disposition router to receive that packet after it
Martini, et al. [Page 28]
Internet Draft draft-ietf-pwe3-control-protocol-09.txt September 2004
re-advertises the label. Since the label has been released by the
imposition router, the disposition router SHOULD be expecting the
next packet to arrive with sequence number to be 1. Receipt of a
packet with sequence number equal to n will result in n packets
potentially being rejected by the disposition router until the
imposition router imposes a sequence number of n+1 into a packet.
Possible methods to avoid this is for the disposition router to
always advertise a different PW label, or for the disposition router
to wait for a sufficient time before attempting to re-advertised a
recently released label. This is only an issue when sequence number
processing at the disposition router is enabled.
7.4.2. Label Mapping Release
In situations where the imposition router wants to restart forwarding
of packets with sequence number 1, the router shall 1) Send to
disposition router a label mapping release, and 2) Send to
disposition router a label mapping request. When sequencing is
supported, advertisement of a PW label in response to a label mapping
request MUST also consider the issues discussed in the section on
Label Mapping Advertisements.
8. IANA Considerations
8.1. FEC Type Name Space
This document uses two new FEC element types, 128 and 129. IANA
already maintains a registry of values of the "FEC Type Name Space"
for the Label Distribution Protocol (LDP). In that registry, values
in the range 128-191 are assignable on a First Come, First Served
basis. IANA should assign values 128 and 129 from that space as
specified in this document.
8.2. Pseudowire Type
IANA needs to set up a registry of "Pseudowire Types". These are
15-bit values. PW Type values 1 through 63 are to be assigned by
IANA using the "IETF Consensus" policy defined in RFC2434. PW Type
values 64 through 127 are to be assigned by IANA, using the "First
Come First Served" policy defined in RFC2434. VC Type values 128
through 32767 are vendor-specific, and values in this range are not
to be assigned by IANA.
Initial PW type value allocations are specified in "IANA Allocations
for pseudo Wire Edge to Edge Emulation (PWE3)" [IANA], and should be
Martini, et al. [Page 29]
Internet Draft draft-ietf-pwe3-control-protocol-09.txt September 2004
incorporated by IANA into the registry.
8.3. Interface Parameters
IANA needs to set up a registry of "Pseudowire Interface Parameter
Identifiers". Parameter ID values 1 through 63 are to be assigned by
IANA using the "IETF Consensus" policy defined in RFC2434. Parameter
ID values 64 through 127 are to be assigned by IANA, using the "First
Come First Served" policy defined in RFC2434. Parameter ID values 128
through 255 are vendor- specific, and values in this range are not to
be assigned by IANA.
Initial Pseudowire Interface Parameter Identifier value allocations
are specified in "IANA Allocations for pseudo Wire Edge to Edge
Emulation (PWE3)" [IANA], and should be incorporated by IANA into the
registry.
8.4. Status codes
RFC 3036 has a range of Status Code values which are assigned by IANA
on a First Come, First Served basis. These additional status codes,
and assigned Values are specified in "IANA Allocations for pseudo
Wire Edge to Edge Emulation (PWE3)" [IANA].
8.5. Pseudowire Status Codes
IANA needs to set up a registry of "Pseudowire Status Codes". These
are bitstrings of length 32. Status bits 1-15 are to be assigned by
IANA using the "IETF Consensus" policy defined in RFC2434. Initial
bit allocations are specified in "IANA Allocations for pseudo Wire
Edge to Edge Emulation (PWE3)" [IANA], and should be incorporated by
IANA into the registry. PW Status Bits 16 through 23 are to be
assigned by IANA, using the "First Come First Served" policy defined
in RFC2434. PW Status Bits 24 through 31 are vendor-specific, and
values in this range are not to be assigned by IANA.
Martini, et al. [Page 30]
Internet Draft draft-ietf-pwe3-control-protocol-09.txt September 2004
9. Security Considerations
This document specifies the LDP extensions that are needed for
setting up and maintaining Pseudowires. The purpose of setting up
Pseudowires is to enable layer 2 frames to be encapsulated in MPLS
[8,9,10,11] and transmitted from one end of a Pseudowire to the
other. Therefore we treat the security considerations for both the
data plane and the control plane.
9.1. Data-plane Security
With regard to the security of the data plane, the following areas
must be considered:
- MPLS PDU inspection.
- MPLS PDU spoofing.
- MPLS PDU alteration.
- MPLS PSN protocol security.
- Access Circuit security.
- Denial of service prevention on the PE routers.
When a MPLS PSN is used to provide pseudowire service, there is a
perception that security MUST be at least equal to the currently
deployed layer2 native protocol networks that the MPLS/PW network
combination is emulating. This means that the MPLS network SHOULD
be isolated from outside packet insertion in such a way that it
SHOULD not be possible to directly insert an MPLS packet into the
network. To prevent unwanted packet insertion, it is also
important to prevent unauthorized physical access to the PSN as
well as unauthorized administrative access to individual network
elements. The PSN transporting the PWs is an MPLS backbone, it
should not accept MPLS packets from its external interfaces (i.e.
interfaces to CE devices or to other providers' networks) unless
the top label of the packet was legitimately distributed to the
system from which the packet is being received. If the packet's
incoming interface leads to a different SP (rather than to a
customer), an appropriate trust relationship must also be
present, including the trust that the other SP also provides
appropriate security measures.
The three main security problem faced when using an MPLS network
to transport PWs are spoofing, alteration, and inspection. First
there is a possibility that the PW receive endpoint will get a
PDU which appears to be from the PE encapsulating the PW into the
PSN, but which was not actually transmitted by the PE originating
the PW. (I.e., the specified encapsulations do not by themselves
enable the decapsulator to authenticate the encapsulator.) A
Martini, et al. [Page 31]
Internet Draft draft-ietf-pwe3-control-protocol-09.txt September 2004
second problem is the possibility that the PW PDU will be altered
between the time it enters PSN and the time it leaves the PSN.
(I.e., the specified encapsulations do not by themselves assure
the decapsulator of the packet's integrity.) A third problem is
the possibility that the PDU's contents will be seen while the
PDU is in transit through the PSN. (I.e., the specification
encapsulations do not ensure privacy.) How significant these
issues are in practice depends on the security requirements of
the applications whose traffic is being sent through the tunnel,
and how secure is the PSN itself. E.g. if the PSN is an MPLS
backbone, with no external MPLS interfaces, then it might be
secured enought to transport PW PDUs.
9.2. Control Protocol Security
General security considerations with regard to the use of LDP are
specified in section 5 of RFC 3036. Those considerations apply as
well to the case where LDP is used to set up Pseudowires.
A Pseudowire connects two attachment circuits. It is important to
make sure that LDP connections are not arbitrarily accepted from
anywhere, or else a local attachment circuit might get connected to
an arbitrary remote attachment circuit. Therefore an incoming LDP
session request MUST NOT be accepted unless its IP source address is
known to be the source of an "eligible" LDP peer. The set of
eligible peers could be pre-configured (either as a list of IP
addresses, or as a list of address/mask combinations), or it could be
discovered dynamically via an auto-discovery protocol which is itself
trusted. (Obviously if the auto-discovery protocol were not trusted,
the set of "eligible peers" it produces could not be trusted.)
Even if an LDP connection request appears to come from an eligible
peer, its source address may have been spoofed. So some means of
preventing source address spoofing must be in place. For example, if
all the eligible peers are in the same network, source address
filtering at the border routers of that network could eliminate the
possibility of source address spoofing.
For a greater degree of security, the LDP MD5 authentication key
option, as described in section 2.9 of RFC 3036, MAY be used. This
provides integrity and authentication for the LDP messages, and
eliminates the possibility of source address spoofing. Use of the
MD5 option does not provide privacy, but privacy of the LDP control
messages is not usually considered to be important. As the MD5
option relies on the configuration of pre-shared keys, it does not
provide much protection against replay attacks. In addition, its
reliance on pre-shared keys may make it very difficult to deploy when
Martini, et al. [Page 32]
Internet Draft draft-ietf-pwe3-control-protocol-09.txt September 2004
the set of eligible neighbors is determined by an auto-configuration
protocol.
When the Generalized ID FEC Element is used, it is possible that a
particular LDP peer may be one of the eligible LDP peers, but may not
be the right one to connect to the particular attachment circuit
identified by the particular instance of the Generalized ID FEC
element. However, given that the peer is known to be one of the
eligible peers (as discussed above), this would be the result of a
configuration error, rather than a security problem. Nevertheless,
it may be advisable for a PE to associate each of its local
attachment circuits with a set of eligible peers, rather than having
just a single set of eligible peers associated with the PE as a
whole.
10. Acknowledgments
The authors wish to acknowledge the contributions of Vach Kompella,
Vanson Lim, Wei Luo, Himanshu Shah, and Nick Weeds.
11. Normative References
[LDP] "LDP Specification." L. Andersson, P. Doolan, N. Feldman, A.
Fredette, B. Thomas. January 2001. RFC3036
[CEP] "SONET/SDH Circuit Emulation Service Over Packet (CEP)",
draft-ietf-pwe3-sonet-09.txt (work in progress)
[SAToP] "Structure-Agnostic TDM over Packet (SAToP)",
draft-ietf-pwe3-satop-01.txt (work in progress)
[FRAME] "Frame Relay over Pseudo-Wires", draft-ietf-pwe3-frame-relay-02.txt
(work in progress )
[ATM] "Encapsulation Methods for Transport of ATM Cells/Frame Over IP and
MPLS Networks", draft-ietf-pwe3-atm-encap-05.txt (work in progress)
[PPPHDLC] "Encapsulation Methods for Transport of PPP/HDLC Frames Over IP and
MPLS Networks", draft-ietf-pwe3-hdlc-ppp-encap-03.txt (work in progress)
[ETH] "Encapsulation Methods for Transport of Ethernet Frames Over IP/MPLS
Networks", draft-ietf-pwe3-ethernet-encap-06.txt. (work in progress)
[RFC3032] "MPLS Label Stack Encoding", E. Rosen, Y. Rekhter, D. Tappan, G.
Fedorkow, D. Farinacci, T. Li, A. Conta. RFC3032
Martini, et al. [Page 33]
Internet Draft draft-ietf-pwe3-control-protocol-09.txt September 2004
[IANA] "IANA Allocations for pseudo Wire Edge to Edge Emulation (PWE3)"
Martini, Townsley, draft-ietf-pwe3-iana-allocation-04.txt (work in
progress), April 2004
12. Informative References
[ITUQ] ITU-T Recommendation Q.933, and Q.922 Specification for Frame Mode Basic
call control, ITU Geneva 1995
[802.3] "IEEE 802.3ac-1998" IEEE standard specification.
[SDH] American National Standards Institute, "Synchronous Optical Network
Formats," ANSI T1.105-1995.
[ITUG] ITU Recommendation G.707, "Network Node Interface For The Synchronous
Digital Hierarchy", 1996.
[ARCH] "PWE3 Architecture" Bryant, et al., draft-ietf-pwe3-arch-07.txt (work
in progress), March 2004
[RFC2434] Narten, T. and H. Alvestrand, "Guidelines for Writing an IANA
Considerations section in RFCs", BCP 26, RFC 2434, October 1998.
[RFC2277] Alvestrand, H., "IETF Policy on Character Sets and
Languages", BCP 18, RFC 2277, January 1998.
[CESoPSN] "Structure-aware TDM Circuit Emulation Service over Packet
Switched", draft-ietf-pwe3-cesopsn-01.txt (work in progress)
[note1] FEC element type 128,129 is pending IANA approval.
13. Author Information
Luca Martini
Cisco Systems, Inc.
9155 East Nichols Avenue, Suite 400
Englewood, CO, 80112
e-mail: lmartini@cisco.com
Nasser El-Aawar
Level 3 Communications, LLC.
1025 Eldorado Blvd.
Broomfield, CO, 80021
e-mail: nna@level3.net
Martini, et al. [Page 34]
Internet Draft draft-ietf-pwe3-control-protocol-09.txt September 2004
Giles Heron
Tellabs
Abbey Place
24-28 Easton Street
High Wycombe
Bucks
HP11 1NT
UK
e-mail: giles.heron@tellabs.com
Eric C. Rosen
Cisco Systems, Inc.
1414 Massachusetts Avenue
Boxborough, MA 01719
e-mail: erosen@cisco.com
Dan Tappan
Cisco Systems, Inc.
1414 Massachusetts Avenue
Boxborough, MA 01719
e-mail: tappan@cisco.com
Toby Smith
Omega Corporate Center
1300 Omega Drive
Pittsburgh, PA 15205
Laurel Networks, Inc.
e-mail: tob@laurelnetworks.com
14. Additional Contributing Authors
Dimitri Stratton Vlachos
Mazu Networks, Inc.
125 Cambridgepark Drive
Cambridge, MA 02140
e-mail: d@mazunetworks.com
Martini, et al. [Page 35]
Internet Draft draft-ietf-pwe3-control-protocol-09.txt September 2004
Jayakumar Jayakumar,
Cisco Systems Inc.
225, E.Tasman, MS-SJ3/3,
San Jose, CA, 95134
e-mail: jjayakum@cisco.com
Alex Hamilton,
Cisco Systems Inc.
285 W. Tasman, MS-SJCI/3/4,
San Jose, CA, 95134
e-mail: tahamilt@cisco.com
Steve Vogelsang
Laurel Networks, Inc.
Omega Corporate Center
1300 Omega Drive
Pittsburgh, PA 15205
e-mail: sjv@laurelnetworks.com
John Shirron
Omega Corporate Center
1300 Omega Drive
Pittsburgh, PA 15205
Laurel Networks, Inc.
e-mail: jshirron@laurelnetworks.com
Andrew G. Malis
Tellabs
90 Rio Robles Dr.
San Jose, CA 95134
e-mail: Andy.Malis@tellabs.com
Vinai Sirkay
Reliance Infocomm
Dhirubai Ambani Knowledge City
Navi Mumbai 400 709
e-mail: vinai@sirkay.com
Martini, et al. [Page 36]
Internet Draft draft-ietf-pwe3-control-protocol-09.txt September 2004
Vasile Radoaca
Nortel Networks
600 Technology Park
Billerica MA 01821
e-mail: vasile@nortelnetworks.com
Chris Liljenstolpe
Cable & Wireless
11700 Plaza America Drive
Reston, VA 20190
e-mail: chris@cw.net
Dave Cooper
Global Crossing
960 Hamlin Court
Sunnyvale, CA 94089
e-mail: dcooper@gblx.net
Kireeti Kompella
Juniper Networks
1194 N. Mathilda Ave
Sunnyvale, CA 94089
e-mail: kireeti@juniper.net
Martini, et al. [Page 37]
Internet Draft draft-ietf-pwe3-control-protocol-09.txt September 2004
15. Full Copyright Statement
Copyright (C) The Internet Society (2004). This document is subject
to the rights, licenses and restrictions contained in BCP 78 and
except as set forth therein, the authors retain all their rights.
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
16. Appendix A - C-bit Handling Procedures Diagram
------------------
Y | Received Label | N
-------| Mapping Msg? |--------------
| ------------------ |
-------------- |
| | |
------- ------- |
| C=0 | | C=1 | |
------- ------- |
| | |
| ---------------- |
| | Control Word | N |
| | Capable? |----------- |
| ---------------- | |
| Y | | |
| | | |
| ---------------- | |
| | Control Word | N | |
| | Preferred? |---- | |
| ---------------- | | |
| Y | | | |
| | | | ----------------
| | | | | Control Word |
| | | | | Preferred? |
| | | | ----------------
| | | | N | Y |
| | | | | |
Send Send Send Send Send Send
C=0 C=1 C=0 C=0 C=0 C=1
| | | |
----------------------------------
Martini, et al. [Page 38]
Internet Draft draft-ietf-pwe3-control-protocol-09.txt September 2004
| If receive the same as sent, |
| PW setup is complete. If not: |
----------------------------------
| | | |
------------------- -----------
| Receive | | Receive |
| C=1 | | C=0 |
------------------- -----------
| |
Wait for the Send
next message Wrong C-Bit
|
Send Label
Mapping Message
Martini, et al. [Page 39]