rfc9466
Internet Engineering Task Force (IETF) Y. Liu, Ed.
Request for Comments: 9466 China Mobile
Category: Standards Track T. Eckert, Ed.
ISSN: 2070-1721 M. McBride
Futurewei
Z. Zhang
ZTE Corporation
October 2023
PIM Assert Message Packing
Abstract
When PIM Sparse Mode (PIM-SM), including PIM Source-Specific
Multicast (PIM-SSM), is used in shared LAN networks, there is often
more than one upstream router. This can lead to duplicate IP
multicast packets being forwarded by these PIM routers. PIM Assert
messages are used to elect a single forwarder for each IP multicast
traffic flow between these routers.
This document defines a mechanism to send and receive information for
multiple IP multicast flows in a single PackedAssert message. This
optimization reduces the total number of PIM packets on the LAN and
can therefore speed up the election of the single forwarder, reducing
the number of duplicate IP multicast packets incurred.
Status of This Memo
This is an Internet Standards Track document.
This document is a product of the Internet Engineering Task Force
(IETF). It represents the consensus of the IETF community. It has
received public review and has been approved for publication by the
Internet Engineering Steering Group (IESG). Further information on
Internet Standards is available in Section 2 of RFC 7841.
Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
https://www.rfc-editor.org/info/rfc9466.
Copyright Notice
Copyright (c) 2023 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Revised BSD License text as described in Section 4.e of the
Trust Legal Provisions and are provided without warranty as described
in the Revised BSD License.
Table of Contents
1. Introduction
1.1. Requirements Language
1.2. Terminology
2. Problem Statement
3. Specification
3.1. PIM Packed Assert Capability Hello Option
3.2. Assert Packing Message Formats
3.3. PackedAssert Mechanism
3.3.1. Sending PackedAssert Messages
3.3.1.1. Handling of Reception-Triggered Assert Records
3.3.1.2. Handling of Timer Expiry-Triggered Assert Records
3.3.1.3. Beneficial Delay in Sending PackedAssert Messages
3.3.1.4. Handling Assert/PackedAssert Message Loss
3.3.1.5. Optimal Degree of Assert Record Packing
3.3.2. Receiving PackedAssert Messages
4. Packet Formats
4.1. PIM Packed Assert Capability Hello Option
4.2. Assert Message Format
4.3. Simple PackedAssert Message Format
4.4. Aggregated PackedAssert Message Format
4.4.1. Source Aggregated Assert Record
4.4.2. RP Aggregated Assert Record
5. IANA Considerations
6. Security Considerations
7. References
7.1. Normative References
7.2. Informative References
Appendix A. Use Case Examples
A.1. Enterprise Network
A.2. Video Surveillance
A.3. Financial Services
A.4. IPTV Broadcast Video
A.5. MVPN MDT
A.6. Special L2 Services
Acknowledgments
Authors' Addresses
1. Introduction
When PIM-SM is used in shared LAN networks, there is typically more
than one upstream router. When duplicate data packets appear on the
LAN from different upstream routers, assert packets are sent from
these routers to elect a single forwarder according to [RFC7761].
The PIM Assert messages are sent periodically to keep the Assert
state. The PIM Assert message carries information about a single
multicast source and group, along with the corresponding Metric and
Metric Preference of the route towards the source or PIM Rendezvous
Point (RP).
This document defines a mechanism to encode the information of
multiple PIM Assert messages into a single PackedAssert message.
This allows sending and receiving information for multiple IP
multicast flows in a single PackedAssert message without changing the
PIM Assert state machinery. It reduces the total number of PIM
packets on the LAN and can therefore speed up the election of the
single forwarder, reducing the number of duplicate IP multicast
packets. This can be particularly helpful when there is traffic for
a large number of multicast groups or SSM channels and PIM packet
processing performance of the routers is slow.
1.1. Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in
BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here.
1.2. Terminology
The reader is expected to be familiar with the terminology of
[RFC7761]. The following lists the abbreviations repeated in this
document.
AT: Assert Timer
DR: Designated Router
RP: Rendezvous Point
RPF: Reverse Path Forwarding
RPT: RP Tree
SPT: Shortest Path Tree
2. Problem Statement
PIM Asserts occur in many deployments. See Appendix A for explicit
examples and explanations of why it is often not possible to avoid.
PIM Assert state depends mainly on the network topology. As long as
there is a Layer 2 (L2) network with more than two PIM routers, there
may be multiple upstream routers, which can cause duplicate multicast
traffic to be forwarded and assert processing to occur.
As the multicast services become widely deployed, the number of
multicast entries increases, and a large number of Assert messages
may be sent in a very short period when multicast data packets
trigger PIM assert processing in the shared LAN networks. The PIM
routers need to process a large number of small PIM assert packets in
a very short time. As a result, the device load is very large. The
assert packet may not be processed in time or even discarded, thus
extending the time of traffic duplication in the network.
The PIM Assert mechanism can only be avoided by designing the network
to be without transit subnets with multiple upstream routers. For
example, an L2 ring between routers can sometimes be reconfigured to
be a ring of point-to-point subnets connected by the routers.
However, these Layer 2 (L2) and Layer 3 (L3) topology changes are
undesirable when they are only done to enable IP multicast with PIM
because they increase the cost of introducing IP multicast with PIM.
These designs are also not feasible when specific L2 technologies are
needed. For example, various L2 technologies for rings provide
sub-50 msec failover mechanisms, something not possible equally with
a ring composed from L3 subnets. Likewise, IEEE Time-Sensitive
Networking mechanisms would require an L2 topology that cannot simply
be replaced by an L3 topology. L2 sub-topologies can also
significantly reduce the cost of deployment.
3. Specification
This document defines three elements in support of PIM assert
packing:
1. The PIM Packed Assert Capability Hello Option
2. The encoding of PackedAssert messages
3. How to send and receive PackedAssert messages
3.1. PIM Packed Assert Capability Hello Option
The PIM Packed Assert Capability Hello Option (Section 4.1) is used
to announce support for the assert packing mechanisms specified in
this document. PackedAssert messages (Section 3.2) MUST NOT be used
unless all PIM routers in the same subnet announce this option.
3.2. Assert Packing Message Formats
The PIM Assert message, as defined in Section 4.9.6 of [RFC7761],
describes the parameters of a (*,G) or (S,G) assert using the
following information elements: Rendezvous Point Tree flag (R),
Source Address, Group Address, Metric, and Metric Preference. This
document calls this information an "assert record".
This document introduces two new PIM Assert message encodings through
the allocation and use of two flags in the PIM Assert message header
[RFC9436]: the Packed (P) and the Aggregated (A) flags.
If P=0, the message is a (non-packed) PIM Assert message as specified
in [RFC7761]. See Section 4.2. In this case, the A flag MUST be set
to 0 and MUST be ignored on receipt.
If P=1, then the message is called a "PackedAssert message", and the
type and hence encoding format of the payload are determined by the A
flag.
If A=0, then the message body is a sequence of assert records. This
is called a "Simple PackedAssert message". See Section 4.3.
If A=1, then the message body is a sequence of aggregated assert
records. This is called an "Aggregated PackedAssert message". See
Section 4.4.
Two aggregated assert record types are specified.
The "Source Aggregated Assert Record" (see Section 4.4.1) encodes one
(common) Source Address, Metric, and Metric Preference as well as a
list of one or more Group Addresses. Source Aggregated Assert
Records provide a more compact encoding than the Simple PackedAssert
message format when multiple (S,G) flows share the same source S. A
single Source Aggregated Assert Record with n Group Addresses
represents the information of assert records for (S,G1)...(S,Gn).
The "RP Aggregated Assert Record" (see Section 4.4.2) encodes one
common Metric and Metric Preference as well as a list of "Group
Records", each of which encodes a Group Address and a list of zero or
more Source Addresses with a count. This is called an "RP Aggregated
Assert Record", because with standard RPF according to [RFC7761], all
the Group Addresses that use the same RP will have the same Metric
and Metric Preference.
RP Aggregation Assert Records provide a more compact encoding than
the Simple PackedAssert message format for (*,G) flows. The Source
Address is optionally used in the assert procedures in [RFC7761] to
indicate the source(s) that triggered the assert; otherwise, the
Source Address is set to 0 in the assert record.
Both Source Aggregated Assert Records and RP Aggregated Assert
Records also include the R flag, which maintains its semantics from
[RFC7761] but also distinguishes the encodings. Source Aggregated
Assert Records have R=0, as (S,G) assert records do in [RFC7761]. RP
Aggregated Assert Records have R=1, as (*,G) assert records do in
[RFC7761].
3.3. PackedAssert Mechanism
PackedAsserts do not change the PIM Assert state machine
specification [RFC7761]. Instead, sending and receiving of
PackedAssert messages, as specified in the following subsections, are
logically new packetization options for assert records in addition to
the (non-packed) Assert message [RFC7761]. There is no change to the
assert record information elements transmitted or their semantics.
They are just transmitted in fewer but larger packets, and a fewer
total number of bytes is used to encode the information elements. As
a result, PIM routers should be able to send and receive assert
records faster and/or with less processing overhead.
3.3.1. Sending PackedAssert Messages
When using assert packing, the regular Assert message encoding
[RFC7761] with A=0 and P=0 is still allowed to be sent. Routers are
free to choose which PackedAssert message format they send -- simple
(Section 4.3) and/or aggregated (Section 4.4).
* When any PIM routers on the LAN have not signaled support for
assert packing, implementations MUST only send Asserts and MUST
NOT send PackedAsserts under any condition.
* The protocol or system conditions for which an implementation
sends PackedAsserts instead of Asserts are out of scope for this
specification. Protocol conditions include protocol triggers such
as data-triggered asserts or Assert Timer (AT) expiry-triggered
asserts, and system conditions include high or low load or control
plane packet reception rates.
* Implementations are expected to specify in documentation and/or
management interfaces (such as a YANG data model) which
PackedAssert message formats they can send and under which
conditions they will send them.
* Implementations SHOULD be able to indicate to the operator (such
as through a YANG data model) how many Assert and PackedAssert
messages were sent/received and how many assert records were sent/
received.
* A configuration option SHOULD be available to disable PackedAssert
operations. PIM-SM implementations [RFC7761] that introduce
support for assert packing from day one MAY omit this
configuration option.
When a PIM router has an assert record ready to send according to
[RFC7761], it calls one of the following functions:
* send Assert(S,G) / send Assert(*,G) ([RFC7761], Section 4.2)
* send Assert(S,G) / send AssertCancel(S,G) ([RFC7761],
Section 4.6.1)
* send Assert(*,G) / send AssertCancel(*,G) ([RFC7761],
Section 4.6.2)
* send Assert(S,G) ([RFC7761], Section 4.8.2)
If sending of PackedAsserts is possible on the network, instead of
sending an Assert message with an assert record, any of these calls
MAY instead result in the PIM implementation remembering the assert
record and continuing with further processing for other flows, which
may result in additional assert records.
PIM MUST then create PackedAssert messages from the remembered assert
records and schedule them for sending according to the considerations
in the following subsections.
3.3.1.1. Handling of Reception-Triggered Assert Records
Avoiding additional delay because of assert packing compared to
immediately scheduling Assert messages is most critical for assert
records that are triggered by reception of data or reception of
asserts against which the router is in the "I am Assert Winner"
state. In these cases, the router SHOULD send out an Assert or
PackedAssert message containing this assert record as soon as
possible to minimize the time in which duplicate IP multicast packets
can occur.
To avoid additional delay in this case, the router should employ
appropriate assert packing and scheduling mechanisms, as explained
here.
Asserts/PackedAsserts created from reception-triggered assert records
should be scheduled for serialization with a higher priority than
those created because of other protocol or system conditions. They
should also bypass other PIM messages that can create significant
bursts, such as PIM join/prune messages.
When there are no reception-triggered Assert/PackedAssert messages
currently being serialized on the interface or scheduled to be sent,
the router should immediately generate and schedule an Assert or
PackedAssert message without further assert packing.
If one or more reception-triggered Assert/PackedAssert messages are
already serializing or are scheduled to be serialized on the outgoing
interface, then the router can use the time until the last of those
messages has finished serializing for PIM processing of further
conditions. This may result in additional reception-triggered assert
records and the packing of these assert records without introducing
additional delay.
3.3.1.2. Handling of Timer Expiry-Triggered Assert Records
Asserts triggered by expiry of the AT on an assert winner are not
time-critical because they can be scheduled in advance and because
the Assert_Override_Interval parameter [RFC7761] already creates a
3-second window in which such assert records can be sent, received,
and processed before an assert loser's state expires and duplicate IP
multicast packets could occur.
An example mechanism to allow packing of AT expiry-triggered assert
records on assert winners is to round the AT to an appropriate
granularity such as 100 msec. This will cause the AT for multiple
(S,G) and/or (*,G) states to expire at the same time, thus allowing
them to be easily packed without changes to the Assert state
machinery.
AssertCancel messages have assert records with an infinite metric and
can use assert packing like any other Assert. They are sent on
Override Timer (OT) expiry and can be packed, for example, with the
same considerations as AT expiry-triggered assert records.
3.3.1.3. Beneficial Delay in Sending PackedAssert Messages
Delay in sending PackedAsserts beyond what was discussed in prior
subsections can still be beneficial when it causes the overall number
of possible duplicate IP multicast packets to decrease in a situation
with a large number of (S,G) and/or (*,G), compared to the situation
where an implementation only sends Assert messages.
This delay can be used in implementations because it cannot support
the more advanced mechanisms described above, and this longer delay
can be achieved by some simpler mechanisms (such as only periodic
generation of PackedAsserts) and still achieves an overall reduction
in duplicate IP multicast packets compared to sending only Asserts.
3.3.1.4. Handling Assert/PackedAssert Message Loss
When Asserts are sent, a single packet loss will result only in
continued or new duplicates from a single IP multicast flow. Loss of
a (non-AssertCancel) PackedAssert impacts duplicates for all flows
packed into the PackedAssert and may result in the need for resending
more than one Assert/PackedAssert, because of the possible inability
to pack the assert records in this condition. Therefore, routers
SHOULD support mechanisms that allow PackedAsserts and Asserts to be
sent with an appropriate Differentiated Services Code Point (DSCP)
[RFC2475] such as Expedited Forwarding (EF) to minimize their loss,
especially when duplicate IP multicast packets could cause congestion
and loss.
Routers MAY support a configurable option for sending PackedAssert
messages twice in short order (such as 50 msec apart) to overcome
possible loss, but only when the following two conditions are met.
1. The total size of the two PackedAsserts is less than the total
size of equivalent Assert messages.
2. The condition of the assert record flows in the PackedAssert is
such that the router can expect that their reception by PIM
routers will not trigger Assert/PackedAsserts replies. This
condition is true, for example, when sending an assert record
while becoming or being assert winner (Action A1/A3 in
[RFC7761]).
3.3.1.5. Optimal Degree of Assert Record Packing
The optimal target packing size will vary depending on factors
including implementation characteristics and the required operating
scale. At some point, as the target packing size is varied from the
size of a single non-packed Assert to the MTU size, a size can be
expected to be found where the router can achieve the required
operating scale of (S,G) and (*,G) flows with minimum duplicates.
Beyond this size, a further increase in the target packing size would
not produce further benefits but might introduce possible negative
effects such as the incurrence of more duplicates on loss.
For example, in some router implementations, the total number of
packets that a control plane function such as PIM can send/receive
per unit of time is a more limiting factor than the total amount of
data across these packets. As soon as the packet size is large
enough for the maximum possible payload throughput, increasing the
packet size any further may still reduce the processing overhead of
the router but may increase latency incurred in creating the packet
in a way that may increase duplicates compared to smaller packets.
3.3.2. Receiving PackedAssert Messages
Upon reception of a PackedAssert message, the PIM router logically
converts its payload into a sequence of assert records that are then
processed as if an equivalent sequence of Assert messages were
received according to [RFC7761].
4. Packet Formats
This section describes the format of new PIM extensions introduced by
this document.
4.1. PIM Packed Assert Capability Hello Option
The PIM Packed Assert Capability Hello Option is a new option for PIM
Hello messages according to Section 4.9.2 of [RFC7761].
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| OptionType = 40 | OptionLength = 0 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 1: PIM Packed Assert Capability Hello Option
OptionType 40 (Packed Assert Capability):
Indicates support for the ability to receive and process all the
PackedAssert encodings defined in this document.
OptionLength 0:
The Packet Assert Capability has no OptionValue.
4.2. Assert Message Format
Figure 2 shows a PIM Assert message as specified in Section 4.9.6 of
[RFC7761]. The Encoded-Group and Encoded-Unicast address formats are
specified in Section 4.9.1 of [RFC7761] for IPv4 and IPv6.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|PIM Ver| Type |7 6 5 4 3 2|A|P| Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Group Address (Encoded-Group format) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Source Address (Encoded-Unicast format) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|R| Metric Preference |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Metric |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 2: Assert Message Format
This common header shows the "7 6 5 4 3 2" flag bits (as defined in
Section 4 of [RFC9436]) and the location of the P and A flags (as
described in Section 5). As specified in Section 3.2, both flags in
a (non-packed) PIM Assert message are required to be set to 0.
4.3. Simple PackedAssert Message Format
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|PIM Ver| Type |7 6 5 4 3 2|A|P| Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Zero | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
. .
. Assert Record [1] .
. .
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
. .
. Assert Record [2] .
. .
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| . |
. . .
| . |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
. .
. Assert Record [M] .
. .
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 3: Simple PackedAssert Message Format
PIM Version, Type, Checksum:
As specified in Section 4.9.6 of [RFC7761].
"7 6 5 4 3 2":
Flag bits per Section 4 of [RFC9436].
P:
Packed flag. MUST be 1.
A:
Aggregated flag. MUST be 0.
Zero:
Set to zero on transmission. Serves to make PIM routers that are
not capable of assert packing to fail in parsing the message
instead possible mis-parsing of the message as an Assert message
[RFC7761] if this field was not zero-filled.
Reserved:
Set to zero on transmission. Ignored upon receipt.
M:
The number of Assert Records in the message. Derived from the
length of the packet carrying the message.
Assert Record:
Formatted according to Figure 3, which is the same as the PIM
Assert message body as specified in Section 4.9.6 of [RFC7761].
The format of each Assert Record is the same as the PIM Assert
message body as specified in Section 4.9.6 of [RFC7761].
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Group Address (Encoded-Group format) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Source Address (Encoded-Unicast format) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|R| Metric Preference |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Metric |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 4: Assert Record
4.4. Aggregated PackedAssert Message Format
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|PIM Ver| Type |7 6 5 4 3 2|A|P| Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Zero | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
. .
. Aggregated Assert Record [1] .
. .
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
. .
. Aggregated Assert Record [2] .
. .
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| . |
. . .
| . |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
. .
. Aggregated Assert Record [M] .
. .
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 5: Aggregated PackedAssert Message Format
PIM Version, Type, Reserved, Checksum:
As specified in Section 4.9.6 of [RFC7761].
"7 6 5 4 3 2":
Flag bits per Section 4 of [RFC9436].
P:
Packed flag. MUST be 1.
A:
Aggregated flag. MUST be 1.
Zero:
Set to zero on transmission. Serves to make PIM routers that are
not capable of assert packing to fail in parsing the message
instead possible mis-parsing of the message as an Assert message
[RFC7761] if this field was not zero-filled.
Aggregated Assert Record:
Formatted according to Figure 5. The number M of Aggregated
Assert Records is determined from the packet size.
4.4.1. Source Aggregated Assert Record
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|R| Metric Preference |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Metric |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Source Address (Encoded-Unicast format) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Number of Groups (N) | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Group Address 1 (Encoded-Group format) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Group Address 2 (Encoded-Group format) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| . |
| . |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Group Address N (Encoded-Group format) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 6: Source Aggregated Assert Record
R:
MUST be 0.
R indicates both that the encoding format of the record is that of
a Source Aggregated Assert Record and that all assert records
represented by the Source Aggregated Assert Record have R=0 and
are therefore (S,G) assert records according to the definition of
R in [RFC7761], Section 4.9.6.
Metric Preference, Metric, Source Address:
As specified in Section 4.9.6 of [RFC7761]. Source Address MUST
NOT be zero.
Number of Groups:
The number of Group Address fields.
Reserved:
Set to zero on transmission. Ignored upon receipt.
Group Address:
As specified in Section 4.9.6 of [RFC7761].
4.4.2. RP Aggregated Assert Record
An RP Aggregation Assert Record aggregates (*,G) assert records with
the same Metric Preference and Metric. Typically, this is the case
for all (*,G) using the same RP, but the encoding is not limited to
only (*,G) using the same RP because the RP address is not encoded as
it is also not present in assert records [RFC7761].
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|R| Metric Preference |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Metric |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Number of Group Records (K) | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
. .
. Group Record [1] .
. .
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
. .
. Group Record [2] .
. .
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| . |
. . .
| . |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
. .
. Group Record [K] .
. .
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 7: RP Aggregated Assert Record
R:
MUST be 1.
R indicates both that the encoding format of the record is that of
an RP Aggregated Assert Record and that all assert records
represented by the RP Aggregated Assert Record have R=1 and are
therefore (*,G) assert records according to the definition of R in
[RFC7761], Section 4.9.6.
Metric Preference, Metric:
As specified in Section 4.9.6 of [RFC7761].
Number of Group Records (K):
The number of packed Group Records. A record consists of a Group
Address and a Source Address list with a number of sources.
Reserved:
Set to zero on transmission. Ignored upon receipt.
The format of each Group Record is:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Group Address (Encoded-Group format) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Number of Sources (P) | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Source Address 1 (Encoded-Unicast format) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Source Address 2 (Encoded-Unicast format) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| . |
| . |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Source Address P (Encoded-Unicast format) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 8: Group Record
Group Address:
As specified in Section 4.9.6 of [RFC7761].
Reserved:
Set to zero on transmission. Ignored upon receipt.
Number of Sources (P):
The Number of Sources corresponds to the number of Source Address
fields in the Group Record. If this number is not 0 and one of
the (*,G) assert records to be encoded has Source Address 0, then
0 needs to be encoded as one of the Source Address fields.
Reserved:
Set to zero on transmission. Ignored upon receipt.
Source Address:
As specified in Section 4.9.6 of [RFC7761]. But there can be
multiple Source Address fields in the Group Record.
5. IANA Considerations
IANA has updated the "PIM Message Types" registry as follows to
include the Packed and Aggregated flag bits for the Assert message
type.
+=======+========+==========================+===========+
| Value | Length | Name | Reference |
+=======+========+==========================+===========+
| 40 | 0 | Packed Assert Capability | RFC 9466 |
+-------+--------+--------------------------+-----------+
Table 1: PIM-Hello Options
IANA has assigned the following two flag bits for PIM Assert messages
in the "PIM Message Types" registry.
+======+========+=================+=====================+
| Type | Name | Flag Bits | Reference |
+======+========+=================+=====================+
| 5 | Assert | 0: Packed | RFC 9466 |
| | +-----------------+---------------------+
| | | 1: Aggregated | RFC 9466 |
| | +-----------------+---------------------+
| | | 2-7: Unassigned | [RFC3973] [RFC7761] |
+------+--------+-----------------+---------------------+
Table 2: PIM Message Types
6. Security Considerations
The security considerations of [RFC7761] apply to the extensions
defined in this document.
This document packs multiple assert records in a single message. As
described in Section 6.1 of [RFC7761], a forged Assert message could
cause the legitimate designated forwarder to stop forwarding traffic
to the LAN. The effect may be amplified when using a PackedAssert
message.
Like other optional extensions of [RFC7761] that are active only when
all routers indicate support for them, a single misconfigured or
malicious router emitting forged PIM Hello messages can inhibit
operations of this extension.
Authentication of PIM messages, such as that explained in Sections
6.2 and 6.3 of [RFC7761], can protect against forged message attacks
attacks.
7. References
7.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>.
[RFC7761] Fenner, B., Handley, M., Holbrook, H., Kouvelas, I.,
Parekh, R., Zhang, Z., and L. Zheng, "Protocol Independent
Multicast - Sparse Mode (PIM-SM): Protocol Specification
(Revised)", STD 83, RFC 7761, DOI 10.17487/RFC7761, March
2016, <https://www.rfc-editor.org/info/rfc7761>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>.
[RFC9436] Venaas, S. and A. Retana, "PIM Message Type Space
Extension and Reserved Bits", RFC 9436,
DOI 10.17487/RFC9436, August 2023,
<https://www.rfc-editor.org/info/rfc9436>.
7.2. Informative References
[RFC2475] Blake, S., Black, D., Carlson, M., Davies, E., Wang, Z.,
and W. Weiss, "An Architecture for Differentiated
Services", RFC 2475, DOI 10.17487/RFC2475, December 1998,
<https://www.rfc-editor.org/info/rfc2475>.
[RFC3973] Adams, A., Nicholas, J., and W. Siadak, "Protocol
Independent Multicast - Dense Mode (PIM-DM): Protocol
Specification (Revised)", RFC 3973, DOI 10.17487/RFC3973,
January 2005, <https://www.rfc-editor.org/info/rfc3973>.
[RFC6037] Rosen, E., Ed., Cai, Y., Ed., and IJ. Wijnands, "Cisco
Systems' Solution for Multicast in BGP/MPLS IP VPNs",
RFC 6037, DOI 10.17487/RFC6037, October 2010,
<https://www.rfc-editor.org/info/rfc6037>.
[RFC7431] Karan, A., Filsfils, C., Wijnands, IJ., Ed., and B.
Decraene, "Multicast-Only Fast Reroute", RFC 7431,
DOI 10.17487/RFC7431, August 2015,
<https://www.rfc-editor.org/info/rfc7431>.
[RFC7490] Bryant, S., Filsfils, C., Previdi, S., Shand, M., and N.
So, "Remote Loop-Free Alternate (LFA) Fast Reroute (FRR)",
RFC 7490, DOI 10.17487/RFC7490, April 2015,
<https://www.rfc-editor.org/info/rfc7490>.
Appendix A. Use Case Examples
The PIM Assert mechanism can only be avoided by designing the network
to be without transit subnets with multiple upstream routers. For
example, an L2 ring between routers can sometimes be reconfigured to
be a ring of point-to-point subnets connected by the routers.
However, these L2/L3 topology changes are undesirable when they are
only done to enable IP multicast with PIM because they increase the
cost of introducing IP multicast with PIM.
These L3 ring designs are specifically undesirable when particular L2
technologies are needed. For example, various L2 technologies for
rings provide sub-50 msec failover mechanisms that will benefit IP
unicast and multicast alike without any added complexity to the IP
layer (forwarding or routing). If such L2 rings were to be replaced
by L3 rings just to avoid PIM asserts, then this would result in the
need for a complex choice of a sub-50 msec IP unicast failover
solution (such as [RFC7490] with IP repair tunnels) as well as a
separate sub-50 msec IP multicast failover solution, (such as
[RFC7431] with dedicated ring support). The mere fact that, by
running at the IP layer, different solutions for IP unicast and
multicast are required makes them more difficult to operate, and they
typically require more expensive hardware. This often leads to non-
support of the IP multicast part.
Likewise, IEEE Time-Sensitive Networking mechanisms would require an
L2 topology that cannot simply be replaced by an L3 topology. L2
sub-topologies can also significantly reduce the cost of deployment.
The following subsections give examples of the type of network and
use cases in which subnets with asserts have been observed or are
expected to require scaling as provided by this specification.
A.1. Enterprise Network
When an enterprise network is connected through an L2 network, the
intra-enterprise runs L3 PIM multicast. The different sites of the
enterprise are equivalent to the PIM connection through the shared
LAN network. Depending upon the locations and number of groups,
there could be many asserts on the first-hop routers.
A.2. Video Surveillance
Video surveillance deployments have migrated from analog-based
systems to IP-based systems oftentimes using multicast. In the
shared LAN network deployments, when there are many cameras streaming
to many groups, there may be issues with many asserts on first-hop
routers.
A.3. Financial Services
Financial services extensively rely on IP Multicast to deliver stock
market data and its derivatives, and the current multicast solution
PIM is usually deployed. As the number of multicast flows grow, many
stock data with many groups may result in many PIM asserts on a
shared LAN network from the publisher to the subscribers.
A.4. IPTV Broadcast Video
PIM DR deployments are often used in host-side network for IPTV
broadcast video services. Host-side access network failure scenarios
may benefit from assert packing when many groups are being used.
According to [RFC7761], the DR will be elected to forward multicast
traffic in the shared access network. When the DR recovers from a
failure, the original DR starts to send traffic, and the current DR
is still forwarding traffic. In this situation, multicast traffic
duplication maybe happen in the shared access network and can trigger
the assert progress.
A.5. MVPN MDT
As described in [RFC6037], Multicast Distribution Tree (MDT) is used
as tunnels for Multicast VPN (MVPN). The configuration of multicast-
enabled VPN Routing and Forwarding (VRF) or changes to an interface
that is in a VRF may cause many assert packets to be sent at the same
time.
A.6. Special L2 Services
Additionally, future backhaul, or fronthaul, networks may want to
connect L3 across an L2 underlay supporting Time-Sensitive Networks
(TSNs). The infrastructure may run Deterministic Networking (DetNet)
over TSN. These transit L2 LANs would have multiple upstreams and
downstreams. This document takes a proactive approach to prevention
of possible future assert issues in these types of environments.
Acknowledgments
The authors would like to thank the following individuals: Stig
Venaas for the valuable contributions of this document, Alvaro Retana
for his thorough and constructive RTG AD review, Ines Robles for her
Gen-ART review, Tommy Pauly for his Transport Area review, Robert
Sparks for his SecDir review, Shuping Peng for her RtgDir review,
John Scudder for his RTG AD review, Éric Vyncke for his INT AD
review, Eric Kline for his INT AD review, Paul Wouter for his SEC AD
review, Zaheduzzaman Sarker for his TSV AD review, Robert Wilton for
his OPS AD review, and Martin Duke for his TSV AD review.
Authors' Addresses
Yisong Liu (editor)
China Mobile
China
Email: liuyisong@chinamobile.com
Toerless Eckert (editor)
Futurewei
United States of America
Email: tte@cs.fau.de
Mike McBride
Futurewei
United States of America
Email: michael.mcbride@futurewei.com
Zheng (Sandy) Zhang
ZTE Corporation
China
Email: zhang.zheng@zte.com.cn
ERRATA