Network Working Group Pradosh Mohapatra
Internet Draft Cisco Systems, Inc.
Expiration Date: March 2007
Eric Rosen
Cisco Systems, Inc.
September 2006
BGP Information SAFI and BGP Tunnel Encapsulation Attribute
draft-pmohapat-idr-info-safi-00.txt
Status of this Memo
By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
Abstract
This document specifies a new BGP SAFI, Information SAFI. A BGP
update message of this SAFI contains an NLRI which uniquely
identifies the BGP speaker that originated the update. The purpose of
such an update is to carry attributes that impart information about
the BGP speaker which may be of interest to other BGP speakers. For
instance, if one BGP speaker needs to use an IP-based encapsulation
in order to deliver traffic to a second, the second BGP speaker can
use this SAFI to specify information about the encapsulation header
that it expects. A BGP tunnel attribute is specified for this
Pmohapat & Rosen [Page 1]
Internet Draft draft-pmohapat-idr-info-safi-00.txt September 2006
purpose. Other attributes, including communities and/or extended
communities, can also be included.
Table of Contents
1 Specification of requirements ...................... 2
2 Introduction ....................................... 2
3 Information NLRI Format ............................ 3
4 Tunnel Attribute ................................... 4
4.1 Encapsulation sub-TLV .............................. 5
4.2 Protocol Type sub-TLV .............................. 6
4.3 Tunnel Type Selection .............................. 7
5 Capability advertisement ........................... 7
6 Security Considerations ............................ 8
7 IANA Considerations ................................ 8
8 Acknowledgements ................................... 8
9 Normative References ............................... 8
10 Informative References ............................. 9
11 Authors' Addresses ................................. 9
12 Full Copyright Statement ........................... 9
13 Intellectual Property .............................. 10
1. Specification of requirements
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119].
2. Introduction
This document specifies a new BGP SAFI, Information SAFI. A BGP
update message of this SAFI contains an NLRI which uniquely
identifies the BGP speaker that originated the update. The purpose of
such an update is to carry attributes that impart information about
the BGP speaker which may be of interest to other BGP speakers. For
instance, if one BGP speaker needs to use an IP-based encapsulation
in order to deliver traffic to a second, the second BGP speaker can
use this SAFI to specify information about the encapsulation header
that it expects. A BGP tunnel attribute is specified for this
purpose. Other attributes, including communities and/or extended
Pmohapat & Rosen [Page 2]
Internet Draft draft-pmohapat-idr-info-safi-00.txt September 2006
communities, can also be included. The tunnel attribute is especially
useful for multipoint-to-point tunnels to signal information from the
receiving speaker to transmitting speakers. Other attributes,
including communities and/or extended communities, can also be
included.
One application of the SAFI and the tunnel attribute is [SOFTWIRE]
that specifies a requirement to connect IPv4 networks across IPv6
core and IPv6 networks across IPv4 core.
3. Information NLRI Format
The BGP speaker identification is advertised in BGP UPDATE messages
using MP_REACH_NLRI and MP_UNREACH_NLRI attributes [MULTI-BGP]. The
Information SAFI (value to be assigned by IANA) is set as the SAFI
value in these UPDATE messages. The AFI is set to be one of the
address family identifier values as defined in [RFC1700] (refer to
the Address Family Numbers section).
The NLRI in the MP_REACH_NLRI or MP_UNREACH_NLRI is a variable length
field encoded in a format as defined in section 5 of [MULTI-BGP] (a
2-tuple of the form <length, value>). The value field is structured
as follows:
+-----------------------------------------------+
| Endpoint address (Variable) |
+-----------------------------------------------+
| Distinguisher (2 octets) |
+-----------------------------------------------+
- Endpoint Address: This field identifies the BGP speaker
originating the update. It is typically one of the interface
addresses configured at the router. The length of the endpoint
address is dependent on the AFI being advertised. For example, if
the AFI is set to IPv4 (1), the the endpoint address is a 4-octet
IPv4 address whereas if the AFI is set to IPv6 (2), the endpoint
address is a 16-octet IPv6 address.
- Distinguisher: The distinguisher field provides a way for a
single BGP speaker to generate multiple Information SAFI updates
and is of local significance only.
An update message that carries the MP_REACH_NLRI or MP_UNREACH_NLRI
with information SAFI MUST also carry the BGP mandatory attributes:
ORIGIN, AS_PATH, and LOCAL_PREF (for IBGP neighbors) as defined in
[RFC4271].
Pmohapat & Rosen [Page 3]
Internet Draft draft-pmohapat-idr-info-safi-00.txt September 2006
When a BGP speaker advertises the information NLRI via BGP, it uses
its own address as the BGP nexthop in the MP_REACH_NLRI or
MP_UNREACH_NLRI attribute. The nexthop address is set based on the
AFI in the attribute. For example, if the AFI is set to IPv4 (1),
the nexthop is encoded as a 4-byte IPv4 address. If the AFI is set to
IPv6 (2), the nexthop is encoded as a 16-byte IPv6 address of the
router. On the receiving router, the BGP nexthop of such an update
message is validated by performing a recursive route lookup operation
in the routing table.
Bestpath selection of information NLRIs is governed by the decision
process outlined in section 9.1 of [RFC4271]. The information carried
through other attributes in the message are to be used by the
receiving router only if the NLRI has a bestpath.
4. Tunnel Attribute
Tunnel Attribute is an optional transitive attribute that is composed
of a set of TLVs. The type code of the attribute is to be assigned by
IANA. Each TLV contains information corresponding to a particular
tunnel technology. The TLV is structured as follows:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Tunnel Type (2 Octets) | Length (2 Octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
| Value |
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Tunnel Type (2 octets): It identifies the type of the tunneling
technology being signaled. This document defines the following types:
- L2TPv3: Tunnel Type = 1
- GRE: Tunnel Type = 2
Unknown types are to be ignored and skipped upon receipt.
Length (2 octets): the total number of octets of the Value field.
Value (variable): The value is comprised of multiple sub-TLV's. Each
sub-TLV consists of three fields: a one-octet type, one-octet length,
and zero or more octets of value. The sub-TLV is structured as
Pmohapat & Rosen [Page 4]
Internet Draft draft-pmohapat-idr-info-safi-00.txt September 2006
follows:
+-----------------------------------+
| Sub-TLV Type (1 Octet) |
+-----------------------------------+
| Sub-TLV Length (1 Octet) |
+-----------------------------------+
| Sub-TLV Value (Variable) |
| |
+-----------------------------------+
Sub-TLV Type (1 octet): Each sub-TLV type defines a certain property
about the tunnel TLV that contains this sub-TLV. The following are
the types defined in this document:
- Encapsulation: sub-TLV type = 1
- Protocol type: sub-TLV type = 2
Unknown sub-TLV types are to be ignored and skipped upon receipt.
Sub-TLV Length (1 octet): the total number of octets of the sub-TLV
value field.
Sub-TLV Value (variable): Encodings of the value field depend on the
sub-TLV type as enumerated above. The following sub-sections define
the encoding in detail.
4.1. Encapsulation sub-TLV
The syntax and semantics of the encapsulation sub-TLV is determined
by the tunnel type of the TLV that contains this sub-TLV.
When the tunnel type of the TLV is L2TPv3, the following is the
structure of the value field of the encapsulation sub-TLV:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Session ID (4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
| Cookie (Variable) |
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Pmohapat & Rosen [Page 5]
Internet Draft draft-pmohapat-idr-info-safi-00.txt September 2006
* Session ID: a 4-octet value locally assigned by the advertising
router that serves as a lookup key in the incoming packet's
context.
* Cookie: an optional, variable length (0 to 64 bits) value used by
L2TPv3 to check the association of a received data message with
the session identified by the Session ID. The Cookie value is
tightly coupled with the Session ID.
The length of the cookie is not encoded explicitly, but can be
calculated as: (sub-TLV length - 4)
When the tunnel type of the TLV is GRE, the following is the
structure of the value field of the encapsulation sub-TLV:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| GRE Key (4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* GRE Key: A 4 Octet field that is generated by the advertising
router. The actual method by which the key is obtained is beyond
the scope of the document. The key is inserted into the GRE
encapsulation header of the payload packets sent by ingress
routers to the advertising router. It is intended to be used for
identifying extra context information about the received payload.
Note that the key is optional. Unless a key value is being
advertised, the GRE encapsulation sub-TLV MUST NOT be present.
4.2. Protocol Type sub-TLV
The protocol type sub-TLV encodes the type of the payload packets
that will be encapsulated with the tunnel parameters being signaled
in the TLV. The value field of the sub-TLV contains a 2-octet
protocol type that is one of the types defined in [RFC1700] as ETHER
TYPEs.
As an example, if we want to use three L2TPv3 sessions, one
carrying IPv4 packets, one carrying IPv6 packets, and one carrying
MPLS packets, the egress router will include three TLVs of L2TPv3
encapsulation type, each specifying a different session id and a
different payload type. The protocol type sub-TLV for these will be
IPv4 (protocol type = 0x0800), IPv6 (protocol type = 0x86dd), and
Pmohapat & Rosen [Page 6]
Internet Draft draft-pmohapat-idr-info-safi-00.txt September 2006
MPLS (protocol type = 0x8847) respectively. This informs the ingress
routers of the appropriate encapsulation information to use with each
of the given protocol types. Insertion of the specified session id at
the ingress routers allows the egress to process the incoming packets
correctly, according to their protocol type.
4.3. Tunnel Type Selection
A BGP speaker may include multiple tunnel TLVs in the tunnel
attribute. The receiving speaker MAY have local policies defined to
choose different tunnel types for different sets/types of payload
prefixes received from the same BGP speaker. For instance, if a BGP
speaker includes both L2TPv3 and GRE tunnel types in the tunnel
attribute and it also advertises IPv4 and IPv6 prefixes, the ingress
router may have local policy defined to choose L2TPv3 for IPv4
prefixes (provided the protocol type received in the tunnel attribute
matches) and GRE for IPv6 prefixes.
Additionally, the information SAFI UPDATE message can contain a
community or extended-community as a way to color the corresponding
tunnel TLV(s). The same community or extended community can then be
attached to the UPDATE messages that contain payload prefixes. This
way, the BGP speaker can express the fact that it expects the packets
corresponding to these payload prefixes to be received with a
particular tunnel encapsulation header.
In a multi-vendor deployment that has routers supporting different
tunneling technologies, attaching community/extended-community to the
information SAFI UPDATE message can serve as a classification
mechanism (for example, set A of routers for GRE and set B of routers
for L2TPv3). The ingress router can then choose the tunneling
technology appropriately while sending packets to an egress router.
These communities/extended communities, if used, will be user
defined and configured locally on the routers.
5. Capability advertisement
A BGP speaker that wishes to exchange tunnel endpoint information
must use the Multiprotocol Extensions Capability Code as defined in
[MULTI-BGP], to advertise the corresponding (AFI, SAFI) pair.
Pmohapat & Rosen [Page 7]
Internet Draft draft-pmohapat-idr-info-safi-00.txt September 2006
6. Security Considerations
If a third party is able to modify any of the information that is
used to form encapsulation headers, or to choose a tunnel type,
or to choose a particular tunnel for a particular payload type,
user data packets may end up getting misrouted, misdelivered, and/or
dropped.
7. IANA Considerations
This document defines a new NLRI format, called Information NLRI, to
be carried in BGP using multiprotocol extensions. It is assigned its
own SAFI.
This document defines a new BGP optional transitive attribute, called
Tunnel attribute.
This document introduces Tunnel TLVs and sub-TLVs. The type space for
both of these should be set up by IANA as a registry of 2-octet
tunnel types and 1-octet sub-TLV types. These should be assigned on a
first-come- first-serve basis.
8. Acknowledgements
This specification builds on prior work by Gargi Nalawade, Ruchi
Kapoor, Dan Tappan, David Ward, Scott Wainner, Simon Barber, and
Chris Metz. The current authors wish to thank all these authors for
their contribution.
The authors would like to thank John Scudder, Robert Raszuk, Keyur
Patel, and Chris Metz for their valuable comments and suggestions.
9. Normative References
[RFC4271] Rekhter, Y., Li T., and Hares S.(editors), "A Border
Gateway Protocol 4 (BGP-4)", RFC 4271, January 2006.
[MULTI-BGP] Bates et al, Multiprotocol Extensions for BGP-4, draft-
ietf-idr-rfc2858bis-10.txt, September 2006.
[RFC3392] Chandra, R., Scudder, J., "Capabilities Advertisement with
BGP-4", RFC 3392, November 2002.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels.", March 1997.
Pmohapat & Rosen [Page 8]
Internet Draft draft-pmohapat-idr-info-safi-00.txt September 2006
[RFC1700] Reynolds, J. and J. Postel, "Assigned Numbers", STD 2, RFC
1700, October 1994.
10. Informative References
[6PE] De Clercq et al., Connecting IPv6 Islands across IPv4 MPLS
using IPv6 Provider Edge Routers, draft-ooms-v6ops-bgp-tunnel-06.txt,
January 2006.
[RFC4364] Rosen E. and Rekhter Y., "BGP/MPLS IP Virtual Private
Networks (VPNs)", RFC4364, February 2006
[6VPN] De Clercq et al.,"BGP-MPLS IP VPN extension for IPv6 VPN,",
draft-ietf-l3vpn-bgp-ipv6-07.txt, July 2005.
[SOFTWIRE] Dawkins S. (editor), "Softwire Problem Statement," draft-
ietf-softwire-problem-statement-02.txt, May 2006.
11. Authors' Addresses
Pradosh Mohapatra
Cisco Systems, Inc.
170 Tasman Drive
San Jose, CA, 95134
Email: pmohapat@cisco.com
Eric Rosen
Cisco Systems, Inc.
1414 Massachusetts Avenue
Boxborough, MA, 01719
E-mail: erosen@cisco.com
12. Full Copyright Statement
Copyright (C) The Internet Society (2006).
This document is subject to the rights, licenses and restrictions
contained in BCP 78, and except as set forth therein, the authors
retain all their rights.
This document and the information contained herein are provided on an
Pmohapat & Rosen [Page 9]
Internet Draft draft-pmohapat-idr-info-safi-00.txt September 2006
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
13. Intellectual Property
The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be
found in BCP 78 and BCP 79.
Copies of IPR disclosures made to the IETF Secretariat and any
assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the use of
such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at ietf-
ipr@ietf.org.
Pmohapat & Rosen [Page 10]