Internet DRAFT - draft-ietf-mpls-lsp-ping-ttl-tlv
draft-ietf-mpls-lsp-ping-ttl-tlv
Network Working Group Sami Boutros
INTERNET-DRAFT Siva Sivabalan
Intended Status: Standards Track George Swallow
Shaleen Saxena
Cisco Systems
Vishwas Manral
Hewlett Packard Co.
Sam Aldrin
Huawei Technologies, Inc.
Expires: February 20, 2015 August 19, 2014
Definition of Time-to-Live TLV for LSP-Ping Mechanisms
draft-ietf-mpls-lsp-ping-ttl-tlv-10.txt
Abstract
LSP-Ping is a widely deployed Operation, Administration, and
Maintenance (OAM) mechanism in MPLS networks. However, in the present
form, this mechanism is inadequate to verify connectivity of a
segment of a Multi-Segment PseudoWire (MS-PW) and/or bidirectional
co-routed LSP from any node on the path of the MS-PW and/or
bidirectional co-routed LSP. This document defines a TLV to address
this shortcoming.
Status of this Memo
This Internet-Draft is submitted to IETF in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as
Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/1id-abstracts.html
The list of Internet-Draft Shadow Directories can be accessed at
Boutros Expires February 20, 2015 [Page 1]
�
INTERNET DRAFT Lsp-ping-ttl-tlv August 19, 2014
http://www.ietf.org/shadow.html
Copyright and License Notice
Copyright (c) 2014 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Time To Live TLV . . . . . . . . . . . . . . . . . . . . . . . 4
3.1. TTL TLV Format . . . . . . . . . . . . . . . . . . . . . . 4
3.2. Usage . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
4. Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
4.1. Traceroute mode . . . . . . . . . . . . . . . . . . . . . . 6
4.2. Error scenario . . . . . . . . . . . . . . . . . . . . . . 6
5. Security Considerations . . . . . . . . . . . . . . . . . . . . 6
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7
7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 7
8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 7
8.1 Normative References . . . . . . . . . . . . . . . . . . . 7
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 7
Boutros Expires February 20, 2015 [Page 2]
�
INTERNET DRAFT Lsp-ping-ttl-tlv August 19, 2014
1. Introduction
A MS-PW may span across multiple service provider networks. In order
to allow Service Providers (SP) to verify segments of such MS-PW from
any node on the path of the MS-PW, any node along the path of the MS-
PW, should be able to originate an MPLS Echo Request packet to any
other node along the path of the MS-PW and receive the corresponding
MPLS Echo Reply. If the originator of the MPLS Echo Request is at the
end of a MS-PW, the receiver of the request can send the reply back
to the sender without knowing the hop-count distance of the
originator. The reply will be intercepted by the originator
regardless of the TTL value on the reply packet. But, if the
originator is not at the end of the MS-PW, the receiver of the MPLS
Echo Request may need to know how many hops away the originator of
the MPLS Echo Request is so that it can set the TTL value on the MPLS
header for the MPLS Echo Reply to be intercepted at the originator
node.
In MPLS networks, for bidirectional co-routed LSPs, if it is desired
to verify connectivity from any intermediate node (LSR) on the LSP to
the any other LSR on the LSP the receiver may need to know the TTL to
send the MPLS Echo Reply with, so as the packet is intercepted by the
originator node.
A new optional TTL TLV is defined in this document. This TLV will be
added by the originator of the MPLS Echo Request to inform the
receiver how many hops away the originator is on the path of the MS-
PW or Bidirectional LSP.
This mechanism only works if the MPLS Echo Reply is sent down the co-
routed LSP, hence the scope of this TTL TLV is currently limited to
MS-PW or Bidirectional co-routed MPLS LSPs. The presence of the TLV
implies the use of the return path of the co-routed LSP, if the
return path is any other mechanism then the TLV in the MPLS Echo
Request MUST be ignored.
2. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119].
LSR: Label Switching Router
MPLS-TP: MPLS Transport Profile
MS-PW: Multi-Segment Pseudowire
Boutros Expires February 20, 2015 [Page 3]
�
INTERNET DRAFT Lsp-ping-ttl-tlv August 19, 2014
PW: Pseudowire
TLV: Type Length Value
TTL: Time To Live
3. Time To Live TLV
3.1. TTL TLV Format
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type = TBD | Length = 8 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Value | Reserved | Flags |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 1: Time To Live TLV format
The TTL TLV has the format shown in Figure 1.
Value
The value of the TTL as specified by this TLV
Flags
The Flags field is a bit vector with the following format:
0 1
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| MBZ |R|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
One flag is defined for now, the R flag. The rest of the
flags are Reserved - MUST be zero (MBZ) when sending and
ignored on receipt.
The R flag (Reply TTL) is set signify that the value is
meant to be used as the TTL for the reply packet. Other bits
may be defined later to enhance the scope of this TLV.
3.2. Usage
The TTL TLV MAY be included in the MPLS Echo Request by the
Boutros Expires February 20, 2015 [Page 4]
�
INTERNET DRAFT Lsp-ping-ttl-tlv August 19, 2014
originator of the request.
If the TTL TLV is present and the receiver does not understand TTL
TLVs, it will simply ignore the TLV, as is the case for all optional
TLVs. If the TTL TLV is not present or is not processed by the
receiver, any determination of the TTL value used in the MPLS label
on the LSP-Ping echo reply is beyond the scope of this document.
If the TTL TLV is present and the receiver understands TTL TLVs, one
of the following two conditions apply:
o If the TTL TLV value field is zero, the LSP-Ping echo request
packet SHOULD be dropped.
o Otherwise, the receiver MUST use the TTL value specified in the
TTL TLV when it creates the MPLS header of the MPLS Echo Reply.
The TTL value in the TTL TLV takes precedence over any TTL value
determined by other means, such as from the Switching Point TLV in
the MS-PW. This precedence will aid the originator of the LSP-
Ping echo request in analyzing the return path.
4. Operation
In this section, we explain a use case for the TTL TLV with an MPLS
MS-PW.
<------------------MS-PW --------------------->
A B C D E
o -------- o -------- o --------- o --------- o
---MPLS Echo Request--->
<--MPLS Echo Reply------
Figure 2: Use-case with MS-PWs
Let us assume a MS-PW going through LSRs A, B, C, D, and E.
Furthermore, assume that an operator wants to perform a connectivity
check between B and D from B. Thus, an MPLS Echo Request with the TTL
TLV is originated from B and sent towards D. The MPLS Echo Request
packet contains the FEC of the PW Segment between C and D. The value
field of the TTL TLV and the TTL field of the MPLS label are set to
2, the choice of the value 2 will be based on the operator input
requesting the MPLS Echo Request or from the optional LDP switching
point TLV. The MPLS Echo Request is intercepted at D because of TTL
expiry. D detects the TTL TLV in the request, and use the TTL value
(i.e., 2) specified in the TLV on the MPLS label of the MPLS Echo
Reply. The MPLS Echo Reply will be intercepted by B because of TTL
Boutros Expires February 20, 2015 [Page 5]
�
INTERNET DRAFT Lsp-ping-ttl-tlv August 19, 2014
expiry.
The same operation will apply when we have a co-routed bidirectional
LSP, and we want to check connectivity from an intermediate LSR "B"
to another LSR "D".
4.1. Traceroute mode
In traceroute mode, the TTL value in the TLV is set to 1 for the
first Echo Request, then to 2 for the next, and so on. This is
similar to the TTL values used for the label set on the packet.
4.2. Error scenario
It is possible that the MPLS Echo Request packet was intercepted
before the intended destination for reason other than label TTL
expiry. This could be due network faults, misconfiguration or other
reasons. In such cases, if the return TTL is set to the value
specified in the TTL TLV then the echo response packet will continue
beyond the originating node. This becomes a security issue.
To prevent this, the label TTL value used in the MPLS Echo Reply
packet MUST be modified by deducting the incoming label TTL on the
received packet from TTL TLV value. If the MPLS Echo Request packet
is punted to the CPU before the incoming label TTL is deducted, then
another 1 MUST be added. In other words:
Return TTL Value on the MPLS Echo Reply packet = (TTL TLV Value)-
(Incoming Label TTL) + 1
5. Security Considerations
This draft allows the setting of the TTL value in the MPLS Label of
an MPLS Echo Reply, so that it can be intercepted by an intermediate
device. This can cause a device to get a lot of LSP Ping packets
which get redirected to the CPU.
However the same is possible even without the changes mentioned in
this document. A device should rate limit the LSP ping packets
redirected to the CPU so that the CPU is not overwhelmed.
The recommendation in [RFC4379] security section applies, to check
the source address of the MPLS Echo Request, however the source
address can now be any node along the LSP path.
A faulty transit node changing the TTL TLV value could make the wrong
node reply to the MPLS Echo Request, and/or the wrong node to receive
Boutros Expires February 20, 2015 [Page 6]
�
INTERNET DRAFT Lsp-ping-ttl-tlv August 19, 2014
the MPLS Echo Reply. An LSP trace may help identify the faulty
transit node.
6. IANA Considerations
IANA is requested to assign TLV type value to the following TLV from
the "Multiprotocol Label Switching Architecture (MPLS) Label Switched
Paths (LSPs) Parameters - TLVs" registry, "TLVs and sub-TLVs" sub-
registry.
Time To Live TLV (See Section 3). The value MUST be assigned from the
range (32768-49161) of optional TLVs.
IANA is requested to allocate the value 32769.
7. Acknowledgements
The authors would like to thank Greg Mirsky for his comments.
8. References
8.1 Normative References
[1] K. Kompella, G. Swallow, "Detecting Multi-Protocol Label Switched
(MPLS) Data Plane Failures", RFC 4379, February 2006.
[2] T. Nadeau, et. al, "Pseudowire Virtual Circuit Connectivity
Verification (VCCV): A Control Channel for Pseudowires ", RFC 5085,
December 2007.
[3] Bradner, S., "Key words for use in RFCs to Indicate Requirement
Levels", BCP 14, RFC 2119, March 1997.
Authors' Addresses
Sami Boutros
Cisco Systems, Inc.
3750 Cisco Way
San Jose, California 95134
USA
Email: sboutros@cisco.com
Boutros Expires February 20, 2015 [Page 7]
�
INTERNET DRAFT Lsp-ping-ttl-tlv August 19, 2014
Siva Sivabalan
Cisco Systems, Inc.
2000 Innovation Drive
Kanata, Ontario, K2K 3E8
Canada
Email: msiva@cisco.com
George Swallow
Cisco Systems, Inc.
300 Beaver Brook Road
Boxborough , MASSACHUSETTS 01719
United States
Email: swallow@cisco.com
Shaleen Saxena
Cisco Systems, Inc.
1414 Massachusetts Avenue
Boxborough , MASSACHUSETTS 01719
United States
Email: ssaxena@cisco.com
Vishwas Manral
Hewlett Packard Co.
19111 Pruneridge Ave,
Cupertino, CA 95014 USA
United States
EMail: vishwas.manral@hp.com
Michael Wildt
Cisco Systems, Inc.
1414 Massachusetts Avenue
Boxborough , MASSACHUSETTS 01719
United States
Email: mwildt@cisco.com
Sam Aldrin
Huawei Technologies, Inc.
1188 Central Express Way,
Santa Clara, CA 95051
United States
Email: aldrin.ietf@gmail.com
Boutros Expires February 20, 2015 [Page 8]
