IS-IS Extended Sequence Number TLV
RFC 7602

Document Type RFC - Proposed Standard (July 2015; No errata)
Last updated 2015-10-14
Stream IETF
Formats plain text pdf html bibtex
Reviews
Stream WG state Submitted to IESG for Publication
Document shepherd Christian Hopps
Shepherd write-up Show (last changed 2015-02-06)
IESG IESG state RFC 7602 (Proposed Standard)
Consensus Boilerplate Yes
Telechat date
Responsible AD Alia Atlas
Send notices to (None)
IANA IANA review state Version Changed - Review Needed
IANA action state RFC-Ed-Ack
Internet Engineering Task Force (IETF)                       U. Chunduri
Request for Comments: 7602                                         W. Lu
Category: Standards Track                                        A. Tian
ISSN: 2070-1721                                            Ericsson Inc.
                                                                 N. Shen
                                                     Cisco Systems, Inc.
                                                               July 2015

                   IS-IS Extended Sequence Number TLV

Abstract

   This document defines the Extended Sequence Number TLV to protect
   Intermediate System to Intermediate System (IS-IS) PDUs from replay
   attacks.

Status of This Memo

   This is an Internet Standards Track document.

   This document is a product of the Internet Engineering Task Force
   (IETF).  It represents the consensus of the IETF community.  It has
   received public review and has been approved for publication by the
   Internet Engineering Steering Group (IESG).  Further information on
   Internet Standards is available in Section 2 of RFC 5741.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   http://www.rfc-editor.org/info/rfc7602.

Copyright Notice

   Copyright (c) 2015 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Chunduri, et al.             Standards Track                    [Page 1]
RFC 7602           IS-IS Extended Sequence Number TLV          July 2015

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
     1.1.  Requirements Language . . . . . . . . . . . . . . . . . .   3
     1.2.  Acronyms  . . . . . . . . . . . . . . . . . . . . . . . .   3
   2.  Replay Attacks and Impact on IS-IS Networks . . . . . . . . .   4
     2.1.  IIHs  . . . . . . . . . . . . . . . . . . . . . . . . . .   4
     2.2.  LSPs  . . . . . . . . . . . . . . . . . . . . . . . . . .   4
     2.3.  SNPs  . . . . . . . . . . . . . . . . . . . . . . . . . .   4
   3.  Extended Sequence Number TLV  . . . . . . . . . . . . . . . .   4
     3.1.  Sequence Number Wrap  . . . . . . . . . . . . . . . . . .   5
   4.  Mechanism and Packet Encoding . . . . . . . . . . . . . . . .   5
     4.1.  IIHs  . . . . . . . . . . . . . . . . . . . . . . . . . .   6
     4.2.  SNPs  . . . . . . . . . . . . . . . . . . . . . . . . . .   6
   5.  Backward Compatibility and Deployment . . . . . . . . . . . .   6
     5.1.  IIHs and SNPs . . . . . . . . . . . . . . . . . . . . . .   7
   6.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   7
   7.  Security Considerations . . . . . . . . . . . . . . . . . . .   7
   8.  References  . . . . . . . . . . . . . . . . . . . . . . . . .   8
     8.1.  Normative References  . . . . . . . . . . . . . . . . . .   8
     8.2.  Informative References  . . . . . . . . . . . . . . . . .   8
   Appendix A.  ESSN Encoding Mechanisms . . . . . . . . . . . . . .  10
     A.1.  Using Timestamps  . . . . . . . . . . . . . . . . . . . .  10
     A.2.  Using Non-volatile Storage  . . . . . . . . . . . . . . .  10
   Appendix B.  Operational/Implementation Considerations  . . . . .  11
   Acknowledgements  . . . . . . . . . . . . . . . . . . . . . . . .  11
   Contributors  . . . . . . . . . . . . . . . . . . . . . . . . . .  11
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  12

1.  Introduction

   Intermediate System to Intermediate System (IS-IS) [ISO10589] has
   been adopted widely in various Layer 2 / Layer 3 routing and
   switching deployments of data centers and for critical business
   operations.  Its flexibility and scalability make it well suited for
   the rapid development of new data center infrastructures.  Also,
   while technologies such as Software-Defined Networking (SDN) may
   improve network management and enable new applications, their use has
   an effect on the security requirements of the routing infrastructure.

   A replayed IS-IS PDU can potentially cause many problems in IS-IS
   networks, including bouncing adjacencies, blackholing, and even some
   form of Denial-of-Service (DoS) attacks as explained in Section 2.
Show full document text