Network Working Group Pradosh Mohapatra
Internet Draft Cisco Systems, Inc.
Expiration Date: August 2007
Eric Rosen
Cisco Systems, Inc.
February 2007
BGP Encapsulation SAFI and BGP Tunnel Encapsulation Attribute
draft-pmohapat-idr-info-safi-01.txt
Status of this Memo
By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
Abstract
This document specifies a new BGP SAFI, Encapsulation SAFI. A BGP
update message of this SAFI contains an NLRI which uniquely
identifies the BGP speaker that originated the update. The purpose of
such an update is to carry attributes that define how encapsulated
packets need to be delivered to the sender. For instance, if one BGP
speaker needs to use an IP-based encapsulation in order to deliver
traffic to a second, the second BGP speaker can use this SAFI to
specify information about the encapsulation header that it expects. A
BGP tunnel encapsulation attribute is specified for this purpose.
Mohapatra & Rosen [Page 1]
Internet Draft draft-pmohapat-idr-info-safi-01.txt February 2007
Other attributes, including communities and/or extended communities,
can also be included.
Table of Contents
1 Specification of requirements ...................... 2
2 Introduction ....................................... 2
3 Encapsulation NLRI Format .......................... 3
4 Tunnel Encapsulation Attribute ..................... 4
4.1 Encapsulation sub-TLV .............................. 6
4.2 Protocol Type sub-TLV .............................. 7
4.3 Tunnel Type Selection .............................. 7
5 Capability advertisement ........................... 8
6 Security Considerations ............................ 8
7 IANA Considerations ................................ 8
8 Acknowledgements ................................... 9
9 Normative References ............................... 9
10 Informative References ............................. 9
11 Authors' Addresses ................................. 9
12 Full Copyright Statement ........................... 10
13 Intellectual Property .............................. 10
1. Specification of requirements
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119].
2. Introduction
This document specifies a new BGP SAFI, Encapsulation SAFI. A BGP
update message of this SAFI contains an NLRI which uniquely
identifies the BGP speaker that originated the update. The purpose of
such an update is to carry attributes that define how encapsulated
packets need to be delivered to the sender. For instance, if one BGP
speaker needs to use an IP-based encapsulation in order to deliver
traffic to a second, the second BGP speaker can use this SAFI to
specify information about the encapsulation header that it expects. A
BGP tunnel encapsulation attribute is specified for this purpose.
Other attributes, including communities and/or extended communities,
Mohapatra & Rosen [Page 2]
Internet Draft draft-pmohapat-idr-info-safi-01.txt February 2007
can also be included. The tunnel attribute is especially useful for
multipoint-to-point tunnels to signal information from the receiving
speaker to transmitting speakers.
One application of the SAFI and the tunnel encapsulation attribute is
[SOFTWIRE] that specifies a requirement to connect IPv4 networks
across IPv6 core and IPv6 networks across IPv4 core.
The motivation behind introducing the new SAFI to send information
about the speaker is to advertise such information once, or as and
when it changes as opposed to attaching this information with each
and every prefix. That would require advertising redundant
information, and also, when the information changes, the speaker
would require to send all the prefixes again resulting in a network-
wide control plane churn.
The advantage of using the same SAFI to distribute encapsulation
information of different tunneling technologies is that the route
reflectors need not be upgraded each time there is a new
encapsulation protocol deployed in the network and also the edge
routers can send or receive encapsulation parameters for multiple
types over one BGP session. The tunnel encapsulation attribute is
optional transitive, thus a BGP speaker can transparently pass on the
information even if it does not support it.
3. Encapsulation NLRI Format
The BGP speaker identification is advertised in BGP UPDATE messages
using MP_REACH_NLRI and MP_UNREACH_NLRI attributes [RFC4760]. The
Encapsulation SAFI (value to be assigned by IANA) is set as the SAFI
value in these UPDATE messages. The AFI is set to be one of the
address family identifier values as defined in [IANA-AF] (refer to
the Address Family Numbers section).
The NLRI in the MP_REACH_NLRI or MP_UNREACH_NLRI is a variable length
field encoded in a format as defined in section 5 of [RFC4760] (a 2-
tuple of the form <length, value>). The value field is structured as
follows:
Mohapatra & Rosen [Page 3]
Internet Draft draft-pmohapat-idr-info-safi-01.txt February 2007
+-----------------------------------------------+
| Endpoint address (Variable) |
+-----------------------------------------------+
- Endpoint Address: This field identifies the BGP speaker
originating the update. It is typically one of the interface
addresses configured at the router. The length of the endpoint
address is dependent on the AFI being advertised. For example, if
the AFI is set to IPv4 (1), the the endpoint address is a 4-octet
IPv4 address whereas if the AFI is set to IPv6 (2), the endpoint
address is a 16-octet IPv6 address.
An update message that carries the MP_REACH_NLRI or MP_UNREACH_NLRI
with Encapsulation SAFI MUST also carry the BGP mandatory attributes:
ORIGIN, AS_PATH, and LOCAL_PREF (for IBGP neighbors) as defined in
[RFC4271]. In addition, such an update message can also contain any
of the BGP optional attributes, like Community or Extended Community
attribute to influence an action on the receiving speaker.
When a BGP speaker advertises the Encapsulation NLRI via BGP, it uses
its own address as the BGP nexthop in the MP_REACH_NLRI or
MP_UNREACH_NLRI attribute. The nexthop address is set based on the
AFI in the attribute. For example, if the AFI is set to IPv4 (1),
the nexthop is encoded as a 4-byte IPv4 address. If the AFI is set to
IPv6 (2), the nexthop is encoded as a 16-byte IPv6 address of the
router. On the receiving router, the BGP nexthop of such an update
message is validated by performing a recursive route lookup operation
in the routing table.
Bestpath selection of Encapsulation NLRIs is governed by the decision
process outlined in section 9.1 of [RFC4271]. The encapsulation data
carried through other attributes in the message are to be used by the
receiving router only if the NLRI has a bestpath.
4. Tunnel Encapsulation Attribute
Tunnel Encapsulation attribute is an optional transitive attribute
that is composed of a set of TLVs. The type code of the attribute is
to be assigned by IANA. Each TLV contains information corresponding
to a particular tunnel technology. The TLV is structured as follows:
Mohapatra & Rosen [Page 4]
Internet Draft draft-pmohapat-idr-info-safi-01.txt February 2007
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Tunnel Type (2 Octets) | Length (2 Octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
| Value |
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Tunnel Type (2 octets): It identifies the type of the tunneling
technology being signaled. This document defines the following types:
- L2TPv3: Tunnel Type = 1
- GRE: Tunnel Type = 2
Unknown types are to be ignored and skipped upon receipt.
Length (2 octets): the total number of octets of the Value field.
Value (variable): The value is comprised of multiple sub-TLV's. Each
sub-TLV consists of three fields: a one-octet type, one-octet length,
and zero or more octets of value. The sub-TLV is structured as
follows:
+-----------------------------------+
| Sub-TLV Type (1 Octet) |
+-----------------------------------+
| Sub-TLV Length (1 Octet) |
+-----------------------------------+
| Sub-TLV Value (Variable) |
| |
+-----------------------------------+
Sub-TLV Type (1 octet): Each sub-TLV type defines a certain property
about the tunnel TLV that contains this sub-TLV. The following are
the types defined in this document:
- Encapsulation: sub-TLV type = 1
- Protocol type: sub-TLV type = 2
Unknown sub-TLV types are to be ignored and skipped upon receipt.
Sub-TLV Length (1 octet): the total number of octets of the sub-TLV
value field.
Mohapatra & Rosen [Page 5]
Internet Draft draft-pmohapat-idr-info-safi-01.txt February 2007
Sub-TLV Value (variable): Encodings of the value field depend on the
sub-TLV type as enumerated above. The following sub-sections define
the encoding in detail.
4.1. Encapsulation sub-TLV
The syntax and semantics of the encapsulation sub-TLV is determined
by the tunnel type of the TLV that contains this sub-TLV.
When the tunnel type of the TLV is L2TPv3, the following is the
structure of the value field of the encapsulation sub-TLV:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Session ID (4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
| Cookie (Variable) |
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* Session ID: a 4-octet value locally assigned by the advertising
router that serves as a lookup key in the incoming packet's
context.
* Cookie: an optional, variable length (0 to 64 bits) value used by
L2TPv3 to check the association of a received data message with
the session identified by the Session ID. The Cookie value is
tightly coupled with the Session ID.
The length of the cookie is not encoded explicitly, but can be
calculated as: (sub-TLV length - 4)
When the tunnel type of the TLV is GRE, the following is the
structure of the value field of the encapsulation sub-TLV:
Mohapatra & Rosen [Page 6]
Internet Draft draft-pmohapat-idr-info-safi-01.txt February 2007
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| GRE Key (4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* GRE Key: A 4 Octet field that is generated by the advertising
router. The actual method by which the key is obtained is beyond
the scope of the document. The key is inserted into the GRE
encapsulation header of the payload packets sent by ingress
routers to the advertising router. It is intended to be used for
identifying extra context information about the received payload.
Note that the key is optional. Unless a key value is being
advertised, the GRE encapsulation sub-TLV MUST NOT be present.
4.2. Protocol Type sub-TLV
The protocol type sub-TLV encodes the type of the payload packets
that will be encapsulated with the tunnel parameters being signaled
in the TLV. The value field of the sub-TLV contains a 2-octet
protocol type that is one of the types defined in [IANA-AF] as ETHER
TYPEs.
As an example, if we want to use three L2TPv3 sessions, one carrying
IPv4 packets, one carrying IPv6 packets, and one carrying MPLS
packets, the egress router will include three TLVs of L2TPv3
encapsulation type, each specifying a different session id and a
different payload type. The protocol type sub-TLV for these will be
IPv4 (protocol type = 0x0800), IPv6 (protocol type = 0x86dd), and
MPLS (protocol type = 0x8847) respectively. This informs the ingress
routers of the appropriate encapsulation information to use with each
of the given protocol types. Insertion of the specified session id at
the ingress routers allows the egress to process the incoming packets
correctly, according to their protocol type.
4.3. Tunnel Type Selection
A BGP speaker may include multiple tunnel TLVs in the tunnel
attribute. The receiving speaker MAY have local policies defined to
choose different tunnel types for different sets/types of payload
prefixes received from the same BGP speaker. For instance, if a BGP
speaker includes both L2TPv3 and GRE tunnel types in the tunnel
attribute and it also advertises IPv4 and IPv6 prefixes, the ingress
router may have local policy defined to choose L2TPv3 for IPv4
Mohapatra & Rosen [Page 7]
Internet Draft draft-pmohapat-idr-info-safi-01.txt February 2007
prefixes (provided the protocol type received in the tunnel attribute
matches) and GRE for IPv6 prefixes.
Additionally, the Encapsulation SAFI UPDATE message can contain a
community or extended-community as a way to color the corresponding
tunnel TLV(s). The same community or extended community can then be
attached to the UPDATE messages that contain payload prefixes. This
way, the BGP speaker can express the fact that it expects the packets
corresponding to these payload prefixes to be received with a
particular tunnel encapsulation header.
In a multi-vendor deployment that has routers supporting different
tunneling technologies, attaching community and/or extended-community
to the Encapsulation SAFI UPDATE message can serve as a
classification mechanism (for example, set A of routers for GRE and
set B of routers for L2TPv3). The ingress router can then choose the
encapsulation data appropriately while sending packets to an egress
router.
These communities/extended communities, if used, will be user defined
and configured locally on the routers.
5. Capability advertisement
A BGP speaker that wishes to exchange tunnel endpoint information
must use the Multiprotocol Extensions Capability Code as defined in
[RFC4760], to advertise the corresponding (AFI, SAFI) pair.
6. Security Considerations
If a third party is able to modify any of the information that is
used to form encapsulation headers, or to choose a tunnel type, or to
choose a particular tunnel for a particular payload type, user data
packets may end up getting misrouted, misdelivered, and/or dropped.
7. IANA Considerations
This document defines a new NLRI format, called Encapsulation NLRI,
to be carried in BGP using multiprotocol extensions. It is to be
assigned its own SAFI.
This document defines a new BGP optional transitive attribute, called
Tunnel attribute.
This document introduces Tunnel TLVs and sub-TLVs. The type space for
Mohapatra & Rosen [Page 8]
Internet Draft draft-pmohapat-idr-info-safi-01.txt February 2007
both of these should be set up by IANA as a registry of 2-octet
tunnel types and 1-octet sub-TLV types. These should be assigned on a
first-come- first-serve basis.
8. Acknowledgements
This specification builds on prior work by Gargi Nalawade, Ruchi
Kapoor, Dan Tappan, David Ward, Scott Wainner, Simon Barber, and
Chris Metz. The current authors wish to thank all these authors for
their contribution.
The authors would like to thank John Scudder, Robert Raszuk, Keyur
Patel, and Chris Metz for their valuable comments and suggestions.
9. Normative References
[RFC4271] Rekhter, Y., Li T., and Hares S.(editors), "A Border
Gateway Protocol 4 (BGP-4)," RFC 4271, January 2006.
[RFC4760] Bates et al, "Multiprotocol Extensions for BGP-4," RFC
4760, January 2007.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels," March 1997.
[IANA-AF] "Address Family Numbers," Reachable from
http://www.iana.org/numbers.html
10. Informative References
[SOFTWIRE] Dawkins S. (editor), "Softwire Problem Statement," draft-
ietf-softwire-problem-statement-02.txt, May 2006.
11. Authors' Addresses
Pradosh Mohapatra
Cisco Systems, Inc.
170 Tasman Drive
San Jose, CA, 95134
Email: pmohapat@cisco.com
Mohapatra & Rosen [Page 9]
Internet Draft draft-pmohapat-idr-info-safi-01.txt February 2007
Eric Rosen
Cisco Systems, Inc.
1414 Massachusetts Avenue
Boxborough, MA, 01719
E-mail: erosen@cisco.com
12. Full Copyright Statement
Copyright (C) The IETF Trust (2007).
This document is subject to the rights, licenses and restrictions
contained in BCP 78, and except as set forth therein, the authors
retain all their rights.
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
13. Intellectual Property
The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be
found in BCP 78 and BCP 79.
Copies of IPR disclosures made to the IETF Secretariat and any
assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the use of
such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at ietf-
Mohapatra & Rosen [Page 10]
Internet Draft draft-pmohapat-idr-info-safi-01.txt February 2007
ipr@ietf.org.
Mohapatra & Rosen [Page 11]