Internet DRAFT - draft-franke-isis-over-ipv6

draft-franke-isis-over-ipv6







Network Working Group                                          C. Franke
Internet-Draft                                                    NetDEF
Intended status: Standards Track                        October 19, 2015
Expires: April 21, 2016


                            IS-IS over IPv6
                     draft-franke-isis-over-ipv6-01

Abstract

   In this draft, a method to transmit IS-IS PDUs as IPv6 packets is
   described.  While the default encapsulation of IS-IS is specified
   directly on top of the link-layer, making it necessary for IS-IS to
   be specified for each link-layer it should be used on, the proposed
   method allows for IS-IS to run on any link-layers supporting IPv6.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at http://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on April 21, 2016.

Copyright Notice

   Copyright (c) 2015 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.



Franke                   Expires April 21, 2016                 [Page 1]

Internet-Draft               IS-IS over IPv6                October 2015


Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
     1.1.  Requirements Language . . . . . . . . . . . . . . . . . .   2
   2.  Transmitting IS-IS PDUs over IPv6 . . . . . . . . . . . . . .   2
     2.1.  Addressing  . . . . . . . . . . . . . . . . . . . . . . .   2
     2.2.  IPv6 header . . . . . . . . . . . . . . . . . . . . . . .   3
     2.3.  Packet format . . . . . . . . . . . . . . . . . . . . . .   3
   3.  Considerations for using IS-IS over IPv6  . . . . . . . . . .   3
     3.1.  SNPA  . . . . . . . . . . . . . . . . . . . . . . . . . .   3
     3.2.  MTU . . . . . . . . . . . . . . . . . . . . . . . . . . .   3
     3.3.  Interoperability  . . . . . . . . . . . . . . . . . . . .   4
   4.  Acknowledgements  . . . . . . . . . . . . . . . . . . . . . .   4
   5.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   4
   6.  Security Considerations . . . . . . . . . . . . . . . . . . .   4
   7.  References  . . . . . . . . . . . . . . . . . . . . . . . . .   4
     7.1.  Normative References  . . . . . . . . . . . . . . . . . .   4
     7.2.  Informative References  . . . . . . . . . . . . . . . . .   5
   Author's Address  . . . . . . . . . . . . . . . . . . . . . . . .   5

1.  Introduction

   The original specification of IS-IS [ISO.10589.2002] defines that
   PDUs are transmitted directly on the link-layer.  With this design
   comes the problem that specification work is required each time a new
   link-layer should be supported by IS-IS.  By transmitting IS-IS PDUs
   as IPv6 packets, this specification work can be avoided and any link-
   layer supporting IPv6 can be used.  Among other things, this allows
   to route IPv6 with IS-IS [RFC5308] on any link supporting IPv6.

   This specification does not make changes to the general operation of
   IS-IS and any existing mechanisms should be kept as-is.  The only
   change made by this draft is the format of IS-IS PDUs on the wire.

1.1.  Requirements Language

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in RFC 2119 [RFC2119].

2.  Transmitting IS-IS PDUs over IPv6

2.1.  Addressing

   Link-local IPv6 addresses are used to transmit and receive IS-IS
   PDUs.  Routers SHALL set the source address of transmitted PDUs to
   the link-local address of the outgoing interface.




Franke                   Expires April 21, 2016                 [Page 2]

Internet-Draft               IS-IS over IPv6                October 2015


   IPv6 link-local multicast is used as destination for the packets.
   The PDUs that would be sent to ALL-L1-IS when sending them directly
   on top of the link-layer MUST be sent to the IPv6 multicast group
   <TBD1> instead.  Respectively, PDUs that would be sent to ALL-L2-IS
   MUST be sent to the multicast group <TBD2>.

2.2.  IPv6 header

   The packets SHOULD be transmitted with type of service set to
   Internetwork control.

2.3.  Packet format

   To transmit IS-IS PDUs over IPv6, they are encapsulated as IPv6
   payload without any transport layer protocol.  For that purpose,
   protocol number 124 is used.  That number was assigned by IANA for
   IS-IS over IPv4.  [I-D.ietf-isis-wg-over-ip] The PDUs are transmitted
   as IPv6 payload starting at the NLPI.

3.  Considerations for using IS-IS over IPv6

3.1.  SNPA

   Using the ethernet MAC address as SNPA on LAN links is not practical
   for this application since the goal of this extension is to become
   independent from specific link-layer properties.

   Therefore, treat the whole 16 byte of the IPv6 address as SNPA.
   Since the SNPA is only used internally to each router and not put
   into any IS-IS PDUs, no protocol datastructures need to be modified
   for this, but implemenations need to deal with this new SNPA length
   internally.

3.2.  MTU

   Hello PDUs that are subject to padding SHALL be padded so that the
   total IPv6 packet size matches the MTU of the link they are
   transmitted over.  Fragmentation SHALL NOT be used on hellos, and a
   system receiving an IPv6 encapsulated SHALL verify that the hello has
   not been subject to fragmentation.

   Other transmitted PDUs MAY be fragmented to allow the transport of
   LSPs that result in larger packets than the IPv6 MTU.








Franke                   Expires April 21, 2016                 [Page 3]

Internet-Draft               IS-IS over IPv6                October 2015


3.3.  Interoperability

   IS-IS implementations supporting IS-IS over IPv6 SHOULD provide a
   method that allows to choose between [ISO.10589.2002] and IS-IS over
   IPv6 encapsulation for each interface.  Implementations MUST NOT
   transmit or process ISO 10589:2002 PDUs on interfaces running in IS-
   IS over IPv6 mode and they MUST NOT transmit or process IS-IS over
   IPv6 PDUs on interfaces running in ISO 10589:2002 mode.

4.  Acknowledgements

   There has been previous work to specify operation of IS-IS over IPv4
   [I-D.ietf-isis-wg-over-ip] which has been used as a reference for
   this work.

5.  IANA Considerations

   For this protocol, IANA should assign two IPv6 multicast group IDs
   <TBD1> and <TBD2> in the IPv6 Multicast Address Space Registry.
   [RFC3307] Also, IANA should change the name of protocol 124 in the
   Internet Protocol Number registry [RFC5237] from "ISIS over IPv4" to
   "ISIS".

6.  Security Considerations

   Routers implementing this encapsulation of IS-IS over IPv6 can be
   susceptible to receiving and processing IS-IS over IPv6 packets that
   have not been originated by a router that is on-link.  For example,
   someone with malicious intent could send IS-IS over IPv6 packets to a
   global unicast address of a router via multiple hops.

   For this reason, routers implementing IS-IS over IPv6 need to verify
   that the origin of each received IS-IS over IPv6 packet is indeed on-
   link.

   To do this, routers implementing IS-IS over IPv6 SHALL implement
   generalized TTL security as described in [RFC5082].  Since ttl
   security is mandatory for IS-IS over IPv6, any packet received with a
   TTL differing from 255 can be classified as "Dangerous" and SHALL be
   dropped.

7.  References

7.1.  Normative References







Franke                   Expires April 21, 2016                 [Page 4]

Internet-Draft               IS-IS over IPv6                October 2015


   [ISO.10589.2002]
              International Organization for Standardization,
              "Intermediate system to intermediate system intra-domain-
              routing routine information exchange protocol for use in
              conjunction with the protocol for providing the
              connectionless-mode Network Service (ISO 8473)", ISO
              Standard 10589, 2002.

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, March 1997.

   [RFC5082]  Gill, V., Heasley, J., Meyer, D., Savola, P., Ed., and C.
              Pignataro, "The Generalized TTL Security Mechanism
              (GTSM)", RFC 5082, DOI 10.17487/RFC5082, October 2007,
              <http://www.rfc-editor.org/info/rfc5082>.

   [RFC5308]  Hopps, C., "Routing IPv6 with IS-IS", RFC 5308, October
              2008.

7.2.  Informative References

   [I-D.ietf-isis-wg-over-ip]
              Przygienda, T., Patel, A., and A. Bansal, "IS-IS over
              IPv4", draft-ietf-isis-wg-over-ip-02 (work in progress),
              October 1999.

   [RFC3307]  Haberman, B., "Allocation Guidelines for IPv6 Multicast
              Addresses", RFC 3307, August 2002.

   [RFC5237]  Arkko, J. and S. Bradner, "IANA Allocation Guidelines for
              the Protocol Field", BCP 37, RFC 5237, DOI 10.17487/
              RFC5237, February 2008,
              <http://www.rfc-editor.org/info/rfc5237>.

Author's Address

   Christian Franke
   NetDEF
   Leipzig
   DE

   Email: chris@opensourcerouting.org









Franke                   Expires April 21, 2016                 [Page 5]