randy/draft-l3nd-ulpc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

borrowed from l3dl-ulpc

Browse source
This commit is contained in:
Randy Bush 2022-02-09 12:18:35 -08:00
parent 892a3a976b
commit 464fb20cb7
2 changed files with 461 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

19
Makefile Normal file
View file

@ -0,0 +1,19 @@
#
# Makefile for I-D's and RFCs
# $Id: Makefile,v 1.1.1.1 2002-11-11 05:11:48 randy Exp $
#
# Your nroff document is called foo.txt. Change below as appropiate.
NAME=draft-ymbk-idr-l3nd-ulpc
DEST=psg.com:public_html
RSY=rsync --rsh ssh -v -a -l -H -p -t -x --delete
all: $(NAME).xml
xml2rfc $(NAME).xml --html --text
rsy:
$(RSY) $(NAME).html $(DEST)
$(RSY) $(NAME).txt $(DEST)
clean:
rm -f *.html *txt *~

442
draft-ymbk-idr-l3nd-ulpc.xml Normal file
View file

@ -0,0 +1,442 @@
<?xml version="1.0" encoding="utf-8"?>
<!-- <!DOCTYPE rfc SYSTEM "rfc2629.dtd"> -->
<?rfc comments="yes"?>
<?rfc compact="yes"?>
<?rfc subcompact="no"?>
<?rfc inline="yes"?>
<?rfc sortrefs="yes"?>
<?rfc symrefs="yes"?>
<?rfc toc="yes"?>
<?rfc tocdepth="6"?>
<?rfc tocindent="yes"?>
<?rfc tocompact="yes"?>
<rfc consensus="yes" category="std" submissionType="IETF" docName="draft-ymbk-idr-l3nd-ulpc-00" ipr="trust200902">
<front>
<title>L3DL Upper-Layer Protocol Configuration</title>
<author fullname="Randy Bush" initials="R." surname="Bush">
<organization>Arrcus &amp; IIJ</organization>
<address>
<postal>
<street>5147 Crystal Springs</street>
<city>Bainbridge Island</city>
<region>WA</region>
<code>98110</code>
<country>US</country>
</postal>
<email>randy@psg.com</email>
</address>
</author>
<author fullname="Keyur Patel" initials="K." surname="Patel">
<organization>Arrcus</organization>
<address>
<postal>
<street>2077 Gateway Place, Suite #400</street>
<city>San Jose</city>
<region>CA</region>
<code>95119</code>
<country>United States of America</country>
</postal>
<email>keyur@arrcus.com</email>
</address>
</author>
<date />
<abstract>
<t>This document uses the Layer-3 Liveness and Discovery protocol
to communicate the parameters needed to exchange inter-device Upper
Layer Protocol Configuration for upper-layer protocols such as the
BGP family.
</t>
</abstract>
<note title="Requirements Language">
<t>The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in
BCP 14 <xref target="RFC2119"/> <xref target="RFC8174"/> when,
and only when, they appear in all capitals, as shown here.</t>
</note>
</front>
<middle>
<section anchor="intro" title="Introduction">
<t>Massive Data Centers (MDCs) which use upper-layer protocols such
as BGP4, BGP-LS, BGP-SPF, etc. may use the Layer-3 Liveness and
Discovery Protocol, L3DP, <xref target="I-D.ietf-lsvr-l3dl"/> to
reveal the inter-device links of the topology. It is desirable for
devices to facilitate the configuration parameters of those upper
layer protocols to enable more hands-free configuration. This
document defines a new L3DP PDU to communicate these Upper-Layer
Protocol Configuration parameters.</t>
</section>
<section anchor="terminology" title="Reading and Terminology">
<t>The reader is assumed to have read Layer-3 Discovery and Liveness
<xref target="I-D.ietf-lsvr-l3dl"/>. The terminology and PDUs there
are assumed here.</t>
<t>Familiarity with the BGP4 Protocol <xref target="RFC4271"/> is
assumed. Familiarity with BGP-SPF, <xref
target="I-D.ietf-lsvr-bgp-spf"/>, might be useful. </t>
</section>
<section anchor="ulps" title="Upper-Layer Protocol Configuration PDU">
<t>To communicate parameters required to configure peering and
operation of Upper-Layer Protocols at IP layer-3 and above, e.g.,
BGP sessions on a link, a neutral sub-TLV based Upper-Layer Protocol
PDU is defined as follows:</t>
<!--
protocol "Type = 8:9,Payload Length:32,ULPC Type:8,AttrCount:8,Attribute List ...:24,Sig Type:8,Signature Len:16,Signature ...:24"
-->
<figure>
<artwork>
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type = 9 | Payload Length ~
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
~ | ULPC Type | AttrCount | ~
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
~ Attribute List ... | Sig Type | Signature Len ~
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
~ | Signature ... |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
</figure>
<t>The Type and Payload Length are defined in <xref
target="I-D.ietf-lsvr-l3dl"/>.</t>
<?rfc subcompact="yes"?>
<t>ULPC Type: An integer denoting the type of the upper-layer
protocol
<list style="hanging" hangIndent="6">
<t hangText="0 :">Reserved</t>
<t hangText="1 :">BGP</t>
<t hangText="2-255 :">Reserved</t>
<?rfc subcompact="no"?></list></t>
<t>The AttrCount is the number of attribute sub-TLVs in the
Attribute List.</t>
<t>The Attribute List is a, possibly null, set of sub-TLVs
describing the configuration attributes of the specific upper-layer
protocol.</t>
<t>An Attribute consists of a one octet Attribute Type, a one octet
Attribute Length of the number of octets in the Attribute, and a
Payload of arbitrary length up to 253 octets.</t>
<!--
protocol "Attr Type = 1:8,Attr Len:8,Payload:16"
-->
<figure>
<artwork>
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Attr Type = 1 | Attr Len | Payload |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
</figure>
<section anchor="bgp" title="BGP ULPC Attribute sub-TLVs">
<t>The parameters needed for BGP peering on a link are exchanged
in sub-TLVs within an Upper-Layer Protocol PDU. The following
describe the various sub-TLVs for BGP.</t>
<t>The goal is to provide the minimal set of configuration
parameters needed by BGP OPEN to successfully start a BGP peering.
The goal is specifically not to replace or conflict with data
exchanged during BGP OPEN. Multiple sources of truth are a recipe
for complexity and hence pain.</t>
<t>If there are multiple BGP sessions on a link, e.g., IPv4 and
IPv6, then multiple sets of BGP sub-TLVs MAY BE exchanged within
the BGP ULPC PDU or multiple BGP ULPC PDUs may be sent, one for
each address family.</t>
<t>A peer receiving BGP ULPC PDUs has only one active BGP ULPC PDU
for an particular address family at any point in time; receipt of
a new BGP ULPC PDU for a particular address family replaces any
previous one.</t>
<t>If there are one or more open BGP sessions, receipt of a new
BGP ULPC PDU does not affect these sessions and the PDU SHOULD be
discarded. If a peer wishes to replace an open BGP session, they
must first close the running session and then send a new BGP ULPC
PDU.</t>
<t>As a link may have multiple encapsulations and multiple
addresses for an IP encapsulation, which address of which
encapsulation is to be used for the BGP session MUST be
specified.</t>
<t>For each BGP peering on a link here MUST be one agreed
encapsulation, and the addresses used MUST be in the corresponding
L3DP IPv4/IPv6 Announcement PDUs. If the choice is ambiguous, an
Attribute may be used to signal preferences.</t>
<t>If a peering address has been announced as a loopback,
i.e. MUST BE flagged as such in the L3DL Encapsulation PDU (see
<xref target="I-D.ietf-lsvr-l3dl"/> Sec. 13.2), a two or three hop
BGP session will be established. Otherwise a direct one hop
session is used. The BGP session to a loopback will forward to
the peer's address which was marked as Primary in the L3DL
Encapsulation Flags, iff it is in a subnet which is shared with
both BGP speakers. If the primary is not in a common subnet, then
the BGP speaker MAY pick a forwarding next hop that is in a subnet
they share. If there are multiple choices, the BGP speaker SHOULD
have signaled which subnet to choose in an Upper-Layer Protocol
Configuration PDU Attribute.</t>
<!--
protocol "Attr Type = 1:8,Attr Len = 6:8,My ASN:32"
-->
<section anchor="asn" title="BGP ASN">
<t>The Autonomous System number MUST be specified. If the AS
Number is less than 32 bits, it is padded with high order
zeros.</t>
<figure>
<artwork>
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Attr Type = 1 | Attr Len = 6 | My ASN ~
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
~ |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
</figure>
</section>
<section anchor="bgpv4" title="BGP IPv4 Address">
<!--
protocol "Attr Type = 2:8,Attr Len = 7:8,My IPv4 Peering Address:32,Prefix Len:8"
-->
<t>The BGP IPv4 Address sub-TLV announces the sender's IPv4 BGP
peering source address to be used by the receiver. At least one
of IPv4 or IPv6 BGP source addresses MUST be announced.</t>
<t>As usual, the BGP OPEN capability negotiation will determine
the AFI/SAFIs to be transported over the peering, see <xref
target="RFC4760"/> .</t>
<figure>
<artwork>
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Attr Type = 2 | Attr Len = 7 | My IPv4 Peering Address ~
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
~ | Prefix Len |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
</figure>
</section>
<section anchor="bgpv6" title="BGP IPv6 Address">
<t>The BGP IPv6 Address sub-TLV announces the sender's IPv6 BGP
peering source address to be used by the receiver. At least one
of IPv4 or IPv6 BGP source addresses MUST be announced.</t>
<t>As usual, the BGP OPEN capability negotiation will determine
the AFI/SAFIs to be transported over the peering, see <xref
target="RFC4760"/> .</t>
<!--
protocol "Attr Type = 3:8,Attr Len = 19:8,My IPv6 Peering Address:128,Prefix Len:8"
-->
<figure>
<artwork>
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Attr Type = 3 | Attr Len = 19 | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +
| |
+ +
| My IPv6 Peering Address |
+ +
| |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | Prefix Len |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
</figure>
</section>
<section anchor="bgpmd5" title="BGP Authentication sub-TLV">
<t>The BGP Authentication sub-TLV provides any authentication
data needed to OPEN the BGP session. Depending on operator
configuration of the environment, it might be a simple MD5 key
(see <xref target="RFC2385"/>), the name of a key chain in a
KARP database (see <xref target="RFC7210"/>), or one of multiple
Authentication sub-TLVs to support hop<xref
target="RFC4808"/>.</t>
<!--
protocol "Attr Type = 4:8,Attr Len:8,BGP Authentication Data ...:48"
-->
<figure>
<artwork>
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Attr Type = 4 | Attr Len | ~
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ~
~ BGP Authentication Data ... ~
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
</figure>
</section>
<section anchor="bgpflags" title="BGP Miscellaneous Flags">
<t>The BGP session OPEN has extensive, and a bit complex,
capability negotiation facilities. In case one or more extra
attributes might be needed, the BGP Miscellaneous Flags sub-TLV
may be used. No flags are currently defined.</t>
<!--
protocol "Attr Type = 5:8,Attr Len = 4:8,Misc Flags:16"
-->
<figure>
<artwork>
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Attr Type = 5 | Attr Len = 4 | Misc Flags |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
</figure>
<t>Misc Attrs:
<list style="hanging">
<?rfc subcompact="yes"?>
<t hangText="Bit 0: ">GTSM</t>
<t hangText="Bit 1-15:">Must be zero</t>
<?rfc subcompact="no"?></list></t>
<t>The GTSM flag indicates that the sender wishes to enable the
<xref target="RFC5682"/> Generalized TTL Security Mechanism for
the session.</t>
</section>
</section>
</section>
<section anchor="security" title="Security Considerations">
<t>All the Security considerations of <xref
target="I-D.ietf-lsvr-l3dl"/> apply to this PDU.</t>
<t>As the ULPC PDU may contain keying material, see <xref
target="bgpmd5"/>, it SHOULD BE signed.</t>
<t>Any keying material in the PDU SHOULD BE salted and hashed.</t>
<t>The BGP Authentication sub-TLV provides for provisioning MD5,
which is a quite weak hash, horribly out of fashion, and kills
puppies. But, like it or not, it has been sufficient against the
kinds of attacks BGP TCP sessions have endured. Soit is what BGP
deployments use.</t>
</section>
<section anchor="iana" title="IANA Considerations">
<t>This document requests the IANA create a new entry in the L3DL PDU
Type registry as follows:</t>
<figure>
<artwork>
PDU
Code PDU Name
---- -------------------
9 ULPC
</artwork>
</figure>
<t>This document requests the IANA create a registry for L3DL ULPC
Type, which may range from 0 to 255. The name of the registry
should be L3DL-ULPC-Type. The policy for adding to the registry is
RFC Required per <xref target="RFC5226"/>, either standards track or
experimental. The initial entries should be the following:</t>
<figure>
<artwork>
Value Name
----- -------------------
0 Reserved
1 BGP
2-255 Reserved
</artwork>
</figure>
</section>
<!--
<section anchor="acks" title="Acknowledgments">
<t>The authors thank.</t>
</section>
-->
</middle>
<back>
<references title="Normative References">
<?rfc include="reference.RFC.2119.xml"?>
<?rfc include="reference.RFC.4271.xml"?>
<?rfc include="reference.RFC.4760.xml"?>
<?rfc include="reference.RFC.5226.xml"?>
<?rfc include="reference.RFC.5682.xml"?>
<?rfc include="reference.RFC.8174.xml"?>
<?rfc include="reference.I-D.ietf-lsvr-l3dl.xml"?>
</references>
<references title="Informative References">
<?rfc include="reference.RFC.2385.xml"?>
<?rfc include="reference.RFC.4808.xml"?>
<?rfc include="reference.RFC.7210.xml"?>
<?rfc include="reference.I-D.ietf-lsvr-bgp-spf.xml"?>
</references>
</back>
</rfc>