| rfc9570.original | rfc9570.txt | |||
|---|---|---|---|---|
| MPLS WG K. Kompella | Internet Engineering Task Force (IETF) K. Kompella | |||
| Internet-Draft R. Bonica | Request for Comments: 9570 R. Bonica | |||
| Updates: 8029 (if approved) Juniper Networks | Updates: 8029 Juniper Networks | |||
| Intended status: Standards Track G. Mirsky, Ed. | Category: Standards Track G. Mirsky, Ed. | |||
| Expires: 2 September 2024 Ericsson | ISSN: 2070-1721 Ericsson | |||
| 1 March 2024 | April 2024 | |||
| Deprecating the Use of Router Alert in LSP Ping | Deprecating the Use of Router Alert in LSP Ping | |||
| draft-ietf-mpls-lspping-norao-08 | ||||
| Abstract | Abstract | |||
| The MPLS echo request and MPLS echo response messages, defined in RFC | The MPLS echo request and MPLS echo response messages, defined in RFC | |||
| 8029 "Detecting Multiprotocol Label Switched (MPLS) Data-Plane | 8029, "Detecting Multiprotocol Label Switched (MPLS) Data-Plane | |||
| Failures" (usually referred to as LSP ping messages), are | Failures" (usually referred to as LSP ping messages), are | |||
| encapsulated in IP whose headers include a Router Alert Option (RAO). | encapsulated in IP whose headers include a Router Alert Option (RAO). | |||
| In actual deployments, the RAO was neither required nor used. | In actual deployments, the RAO was neither required nor used. | |||
| Furthermore, RFC 6398 identifies security vulnerabilities associated | Furthermore, RFC 6398 identifies security vulnerabilities associated | |||
| with the RAO in non-controlled environments, e.g., the case of using | with the RAO in non-controlled environments, e.g., the case of using | |||
| the MPLS echo request/reply as inter-area Operations, Administration, | the MPLS echo request/reply as inter-area Operations, Administration, | |||
| and Maintenance (OAM), and recommends against its use outside of | and Maintenance (OAM), and recommends against its use outside of | |||
| controlled environments. | controlled environments. | |||
| Therefore, this document retires the RAO for MPLS OAM and updates RFC | Therefore, this document retires the RAO for MPLS OAM and updates RFC | |||
| 8029 to remove the RAO from LSP ping message encapsulations. | 8029 to remove the RAO from LSP ping message encapsulations. | |||
| Furthermore, this document explains why RFC 7506 has been | Furthermore, this document explains why RFC 7506 has been | |||
| reclassified as Historic. | reclassified as Historic. | |||
| Also, the use of an IPv6 loopback address (::1/128) as the IPv6 | Also, the use of an IPv6 loopback address (::1/128) as the IPv6 | |||
| destination address for an MPLS echo request message is RECOMMENDED. | destination address for an MPLS echo request message is RECOMMENDED. | |||
| Status of This Memo | Status of This Memo | |||
| This Internet-Draft is submitted in full conformance with the | This is an Internet Standards Track document. | |||
| provisions of BCP 78 and BCP 79. | ||||
| Internet-Drafts are working documents of the Internet Engineering | ||||
| Task Force (IETF). Note that other groups may also distribute | ||||
| working documents as Internet-Drafts. The list of current Internet- | ||||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | ||||
| Internet-Drafts are draft documents valid for a maximum of six months | This document is a product of the Internet Engineering Task Force | |||
| and may be updated, replaced, or obsoleted by other documents at any | (IETF). It represents the consensus of the IETF community. It has | |||
| time. It is inappropriate to use Internet-Drafts as reference | received public review and has been approved for publication by the | |||
| material or to cite them other than as "work in progress." | Internet Engineering Steering Group (IESG). Further information on | |||
| Internet Standards is available in Section 2 of RFC 7841. | ||||
| This Internet-Draft will expire on 2 September 2024. | Information about the current status of this document, any errata, | |||
| and how to provide feedback on it may be obtained at | ||||
| https://www.rfc-editor.org/info/rfc9570. | ||||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2024 IETF Trust and the persons identified as the | Copyright (c) 2024 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents (https://trustee.ietf.org/ | Provisions Relating to IETF Documents | |||
| license-info) in effect on the date of publication of this document. | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| Please review these documents carefully, as they describe your rights | publication of this document. Please review these documents | |||
| and restrictions with respect to this document. Code Components | carefully, as they describe your rights and restrictions with respect | |||
| extracted from this document must include Revised BSD License text as | to this document. Code Components extracted from this document must | |||
| described in Section 4.e of the Trust Legal Provisions and are | include Revised BSD License text as described in Section 4.e of the | |||
| provided without warranty as described in the Revised BSD License. | Trust Legal Provisions and are provided without warranty as described | |||
| in the Revised BSD License. | ||||
| Table of Contents | Table of Contents | |||
| 1. Note for the RFC Editor . . . . . . . . . . . . . . . . . . . 2 | 1. Introduction | |||
| 2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 | 1.1. Requirements Language | |||
| 2.1. Requirements Language . . . . . . . . . . . . . . . . . . 3 | 2. Router Alert for LSP Ping (RFC 8029) | |||
| 3. Router Alert for LSP Ping (RFC 8029) . . . . . . . . . . . . 3 | 2.1. MPLS Echo Request | |||
| 3.1. MPLS Echo Request . . . . . . . . . . . . . . . . . . . . 4 | 2.2. MPLS Echo Reply | |||
| 3.2. MPLS Echo Reply . . . . . . . . . . . . . . . . . . . . . 4 | 3. Reclassification of RFC 7506 as Historic | |||
| 4. Reclassification of RFC 7506 as Historic . . . . . . . . . . 5 | 4. Update to RFC 8029 | |||
| 5. Update to RFC 8029 . . . . . . . . . . . . . . . . . . . . . 5 | 5. Backwards Compatibility | |||
| 6. Backwards Compatibility . . . . . . . . . . . . . . . . . . . 7 | 6. IANA Considerations | |||
| 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8 | 7. Security Considerations | |||
| 8. Security Considerations . . . . . . . . . . . . . . . . . . . 8 | 8. Normative References | |||
| 9. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 8 | 9. Informative References | |||
| 10. Normative References . . . . . . . . . . . . . . . . . . . . 8 | Acknowledgments | |||
| 11. Informational References . . . . . . . . . . . . . . . . . . 9 | Authors' Addresses | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 10 | ||||
| 1. Note for the RFC Editor | ||||
| Per IESG decision, this document MUST be processed only after the | ||||
| status of RFC 7506 is changed to Historical. This note must be | ||||
| removed before the publication. | ||||
| 2. Introduction | 1. Introduction | |||
| RFC 8029 - "Detecting Multiprotocol Label Switched (MPLS) Data-Plane | "Detecting Multiprotocol Label Switched (MPLS) Data-Plane Failures" | |||
| Failures" (usually referred to as LSP Ping) [RFC8029] detects data- | (usually referred to as LSP ping) [RFC8029] detects data plane | |||
| plane failures in MPLS Label Switched Paths (LSPs). It can operate | failures in MPLS Label Switched Paths (LSPs). It can operate in | |||
| in "ping mode" or "traceroute mode". When operating in ping mode, it | "ping mode" or "traceroute mode." When operating in ping mode, it | |||
| checks LSP connectivity. When operating in traceroute mode, it can | checks LSP connectivity. When operating in traceroute mode, it can | |||
| trace an LSP and localize failures to a particular node along an LSP. | trace an LSP and localize failures to a particular node along an LSP. | |||
| The reader is assumed be familiar with [RFC8029] and its terminology. | The reader is assumed be familiar with [RFC8029] and its terminology. | |||
| LSP ping defines a probe message called the "MPLS echo request". It | LSP ping defines a probe message called the "MPLS echo request." It | |||
| also defines a response message called the "MPLS echo reply". Both | also defines a response message called the "MPLS echo reply." Both | |||
| messages are encapsulated in UDP and IP. The MPLS echo request | messages are encapsulated in UDP and IP. The MPLS echo request | |||
| message is further encapsulated in an MPLS label stack, except when | message is further encapsulated in an MPLS label stack, except when | |||
| all of the Forwarding Equivalency Classes in the stack correspond to | all of the Forwarding Equivalency Classes in the stack correspond to | |||
| Implicit Null labels. | Implicit Null labels. | |||
| When operating in ping mode, LSP ping sends a single MPLS echo | When operating in ping mode, LSP ping sends a single MPLS echo | |||
| request message, with the MPLS TTL set to 255. This message is | request message, with the MPLS TTL set to 255. This message is | |||
| intended to reach the egress Label Switching Router (LSR). When | intended to reach the egress Label Switching Router (LSR). When | |||
| operating in traceroute mode, MPLS ping sends multiple MPLS echo | operating in traceroute mode, MPLS ping sends multiple MPLS echo | |||
| request messages as defined in Section 4.3 of [RFC8029]. It | request messages as defined in Section 4.3 of [RFC8029]. It | |||
| manipulates the MPLS TTL so that the first message expires on the | manipulates the MPLS TTL so that the first message expires on the | |||
| first LSR along the path and subsequent messages expire on subsequent | first LSR along the path, and subsequent messages expire on | |||
| LSRs. | subsequent LSRs. | |||
| According to [RFC8029], the IP header that encapsulates an MPLS echo | According to [RFC8029], the IP header that encapsulates an MPLS echo | |||
| request message must include a Router Alert Option (RAO). | request message must include a Router Alert Option (RAO). | |||
| Furthermore, [RFC8029] also says that the IP header that encapsulates | Furthermore, [RFC8029] also says that the IP header that encapsulates | |||
| an MPLS echo reply message must include an RAO if the value of the | an MPLS echo reply message must include an RAO if the value of the | |||
| Reply Mode in the corresponding MPLS echo request message is "Reply | Reply Mode in the corresponding MPLS echo request message is "Reply | |||
| via an IPv4/IPv6 UDP packet with Router Alert". This document | via an IPv4/IPv6 UDP packet with Router Alert." This document | |||
| explains why RAO was not needed in both cases. Furthermore, | explains why an RAO was not needed in both cases. Furthermore, | |||
| [RFC6398] identifies security vulnerabilities associated with the RAO | [RFC6398] identifies security vulnerabilities associated with the RAO | |||
| in non-controlled environments, e.g., the case of using the MPLS echo | in non-controlled environments, e.g., the case of using the MPLS echo | |||
| request/reply as inter-domain OAM over the public Internet, and | request/reply as inter-domain OAM over the public Internet, and | |||
| recommends against its use outside of controlled environments, e.g., | recommends against its use outside of controlled environments, e.g., | |||
| outside a single administrative domain. | outside a single administrative domain. | |||
| Therefore, this document updates RFC 8029 [RFC8029] to retire the RAO | Therefore, this document updates RFC 8029 [RFC8029] to retire the RAO | |||
| from both LSP ping message encapsulations and explains why RFC 7506 | from both LSP ping message encapsulations and explains why RFC 7506 | |||
| [RFC7506] has been reclassified as Historic. | [RFC7506] has been reclassified as Historic. | |||
| 2.1. Requirements Language | 1.1. Requirements Language | |||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
| "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | |||
| "OPTIONAL" in this document are to be interpreted as described in BCP | "OPTIONAL" in this document are to be interpreted as described in | |||
| 14 [RFC2119] [RFC8174] when, and only when, they appear in all | BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all | |||
| capitals, as shown here. | capitals, as shown here. | |||
| 3. Router Alert for LSP Ping (RFC 8029) | 2. Router Alert for LSP Ping (RFC 8029) | |||
| 3.1. MPLS Echo Request | ||||
| 2.1. MPLS Echo Request | ||||
| While the MPLS echo request message must traverse every node in the | While the MPLS echo request message must traverse every node in the | |||
| LSP under test, it must not traverse any other node. Specifically, | LSP under test, it must not traverse any other nodes. Specifically, | |||
| the message must not be forwarded beyond the egress Label Switching | the message must not be forwarded beyond the egress Label Switching | |||
| Router (LSR). To achieve this, a set of the mechanisms that are used | Router (LSR). To achieve this, a set of the mechanisms that are used | |||
| concurrently to prevent leaking MPLS echo request messages has been | concurrently to prevent leaking MPLS echo request messages has been | |||
| defined in [RFC8029]: | defined in [RFC8029]: | |||
| 1. When the MPLS echo request message is encapsulated in IPv4, the | 1. When the MPLS echo request message is encapsulated in IPv4, the | |||
| IPv4 destination address must be chosen from the subnet 127/8. | IPv4 destination address must be chosen from the subnet 127/8. | |||
| When the MPLS echo request message is encapsulated in IPv6, the | When the MPLS echo request message is encapsulated in IPv6, the | |||
| IPv6 destination address must be chosen from the subnet | IPv6 destination address must be chosen from the subnet | |||
| 0:0:0:0:0:FFFF:7F00:0/104. | 0:0:0:0:0:FFFF:7F00:0/104. | |||
| 2. When the MPLS echo request message is encapsulated in IPv4, the | 2. When the MPLS echo request message is encapsulated in IPv4, the | |||
| IPv4 TTL must be equal to 1. When the MPLS echo request message | IPv4 TTL must be equal to 1. When the MPLS echo request message | |||
| is encapsulated in IPv6, the IPv6 Hop Limit must be equal to 1. | is encapsulated in IPv6, the IPv6 Hop Limit must be equal to 1. | |||
| For further information on the encoding of the TTL/Hop Limit in | For further information on the encoding of the TTL / Hop Limit in | |||
| an MPLS echo request message, see Section 4.3 of [RFC8029]. | an MPLS echo request message, see Section 4.3 of [RFC8029]. | |||
| 3. When the MPLS echo request message is encapsulated in IPv4, the | 3. When the MPLS echo request message is encapsulated in IPv4, the | |||
| IPv4 header must include an RAO with the option value set to | IPv4 header must include an RAO with the option value set to | |||
| "Router shall examine packet" [RFC2113]. When the MPLS echo | "Router shall examine packet" [RFC2113]. When the MPLS echo | |||
| request message is encapsulated in IPv6, the IPv6 header chain | request message is encapsulated in IPv6, the IPv6 header chain | |||
| must include a Hop-by-hop extension header and the Hop-by-hop | must include a hop-by-hop extension header and the hop-by-hop | |||
| extension header must include an RAO with the option value set to | extension header must include an RAO with the option value set to | |||
| MPLS OAM [RFC7506]. | MPLS OAM [RFC7506]. | |||
| Currently, all of these are required. However, any one is sufficient | Currently, all of these are required. However, any one is sufficient | |||
| to prevent forwarding the packet beyond the egress LSR. | to prevent forwarding the packet beyond the egress LSR. | |||
| Therefore, this document updates RFC 8029 [RFC8029] in that | Therefore, this document updates RFC 8029 [RFC8029] in that | |||
| Requirement 3 is removed. | Requirement 3 is removed. | |||
| No implementation that relies on the RAO to prevent packets from | No implementation that relies on the RAO to prevent packets from | |||
| being forwarded beyond the egress LSR have been reported to the MPLS | being forwarded beyond the egress LSR has been reported to the MPLS | |||
| working group. | Working Group. | |||
| 3.2. MPLS Echo Reply | 2.2. MPLS Echo Reply | |||
| An LSP ping replies to the MPLS echo request message with an MPLS | An LSP ping replies to the MPLS echo request message with an MPLS | |||
| echo reply message. Four reply modes are defined in [RFC8029]: | echo reply message. Four reply modes are defined in [RFC8029]: | |||
| 1. Do not reply | 1. Do not reply | |||
| 2. Reply via an IPv4/IPv6 UDP packet | 2. Reply via an IPv4/IPv6 UDP packet | |||
| 3. Reply via an IPv4/IPv6 UDP packet with Router Alert | 3. Reply via an IPv4/IPv6 UDP packet with Router Alert | |||
| 4. Reply via application-level control channel | 4. Reply via application-level control channel | |||
| The rationale for mode 3 is questionable, if not wholly misguided. | The rationale for mode 3 is questionable, if not wholly misguided. | |||
| According to RFC 8029 [RFC8029], "If the normal IP return path is | According to RFC 8029 [RFC8029], "If the normal IP return path is | |||
| deemed unreliable, one may use 3 (Reply via an IPv4/IPv6 UDP packet | deemed unreliable, one may use 3 (Reply via an IPv4/IPv6 UDP packet | |||
| with Router Alert)." | with Router Alert)." | |||
| However, it is not clear that the use of the RAO increases the | However, it is not clear that the use of the RAO increases the | |||
| reliability of the return path. In fact, one can argue it decreases | reliability of the return path. In fact, one can argue it decreases | |||
| the reliability in many instances, due to the additional burden of | the reliability in many instances, due to the additional burden of | |||
| processing the RAO. This document updates RFC 8029 [RFC8029] in that | processing the RAO. This document updates RFC 8029 [RFC8029] in that | |||
| mode 3 is removed. | mode 3 is removed. | |||
| No implementations of mode 3 have been reported to the MPLS working | No implementations of mode 3 have been reported to the MPLS Working | |||
| group. | Group. | |||
| 4. Reclassification of RFC 7506 as Historic | 3. Reclassification of RFC 7506 as Historic | |||
| RFC 7506 [RFC7506] defines the IPv6 Router Alert Option for MPLS | RFC 7506 [RFC7506] defines the IPv6 Router Alert Option for MPLS | |||
| Operations, Administration, and Management. This document explains | Operations, Administration, and Maintenance. This document explains | |||
| why RFC 7506 [RFC7506] has been reclassified as Historic. | why RFC 7506 [RFC7506] has been reclassified as Historic. | |||
| 5. Update to RFC 8029 | 4. Update to RFC 8029 | |||
| [RFC8029] requires that the IPv6 Destination Address used in IP/UDP | [RFC8029] requires that the IPv6 Destination Address used in IP/UDP | |||
| encapsulation of an MPLS echo request packet is selected from the | encapsulation of an MPLS echo request packet be selected from the | |||
| IPv4 loopback address range mapped to IPv6. Such packets do not have | IPv4 loopback address range mapped to IPv6. Such packets do not have | |||
| the same behavior as prescribed in [RFC1122] for an IPv4 loopback | the same behavior as prescribed in [RFC1122] for an IPv4 loopback | |||
| addressed packet. | addressed packet. | |||
| [RFC4291] defines ::1/128 as the single IPv6 loopback address. | [RFC4291] defines ::1/128 as the single IPv6 loopback address. | |||
| Considering that, this specification updates Section 2.1 of [RFC8029] | Considering that, this specification updates Section 2.1 of [RFC8029] | |||
| regarding the selection of an IPv6 destination address for an MPLS | regarding the selection of an IPv6 destination address for an MPLS | |||
| echo request message as follows: | echo request message as follows: | |||
| OLD | OLD: | |||
| The 127/8 range for IPv4 and that same range embedded in an | ||||
| IPv4-mapped IPv6 address for IPv6 was chosen for a number of reasons. | ||||
| RFC 1122 allocates the 127/8 as the "Internal host loopback address" | ||||
| and states: "Addresses of this form MUST NOT appear outside a host." | ||||
| Thus, the default behavior of hosts is to discard such packets. This | ||||
| helps to ensure that if a diagnostic packet is misdirected to a host, | ||||
| it will be silently discarded. | ||||
| RFC 1812 [RFC1812] states: | ||||
| * A router SHOULD NOT forward, except over a loopback interface, any | ||||
| packet that has a destination address on network 127. A router | ||||
| MAY have a switch that allows the network manager to disable these | ||||
| checks. If such a switch is provided, it MUST default to | ||||
| performing the checks. | ||||
| This helps to ensure that diagnostic packets are never IP forwarded. | ||||
| The 127/8 address range provides 16M addresses allowing wide | ||||
| flexibility in varying addresses to exercise ECMP paths. Finally, as | ||||
| an implementation optimization, the 127/8 range provides an easy | ||||
| means of identifying possible LSP packets. | ||||
| NEW | ||||
| The 127/8 range for IPv4 was chosen for a number of reasons. | ||||
| RFC 1122 [RFC1122] allocates the 127/8 as the "Internal host loopback | ||||
| address" and states: "Addresses of this form MUST NOT appear outside | ||||
| a host." Thus, the default behavior of hosts is to discard such | ||||
| packets. This helps to ensure that if a diagnostic packet is | ||||
| misdirected to a host, it will be silently discarded. | ||||
| RFC 1812 [RFC1812] states: | ||||
| * A router SHOULD NOT forward, except over a loopback interface, any | ||||
| packet that has a destination address on network 127. A router | ||||
| MAY have a switch that allows the network manager to disable these | ||||
| checks. If such a switch is provided, it MUST default to | ||||
| performing the checks. | ||||
| This helps to ensure that diagnostic packets are never IP forwarded. | ||||
| The 127/8 address range provides 16M addresses allowing wide | ||||
| flexibility in varying addresses to exercise ECMP paths. Finally, as | ||||
| an implementation optimization, the 127/8 range provides an easy | ||||
| means of identifying possible LSP packets. | ||||
| The IPv6 destination address for an MPLS echo request message is | ||||
| selected as follows: | ||||
| * The IPv6 loopback address ::1/128 SHOULD be used. | ||||
| * The sender of an MPLS echo request MAY select the IPv6 destination | | The 127/8 range for IPv4 and that same range embedded in an | |||
| address from the 0:0:0:0:0:FFFF:7F00/104 range. | | IPv4-mapped IPv6 address for IPv6 was chosen for a number of | |||
| | reasons. | ||||
| | | ||||
| | RFC 1122 allocates the 127/8 as the "Internal host loopback | ||||
| | address" and states: "Addresses of this form MUST NOT appear | ||||
| | outside a host." Thus, the default behavior of hosts is to | ||||
| | discard such packets. This helps to ensure that if a diagnostic | ||||
| | packet is misdirected to a host, it will be silently discarded. | ||||
| | | ||||
| | RFC 1812 [RFC1812] states: | ||||
| | | ||||
| | A router SHOULD NOT forward, except over a loopback interface, | ||||
| | any packet that has a destination address on network 127. A | ||||
| | router MAY have a switch that allows the network manager to | ||||
| | disable these checks. If such a switch is provided, it MUST | ||||
| | default to performing the checks. | ||||
| | | ||||
| | This helps to ensure that diagnostic packets are never IP | ||||
| | forwarded. | ||||
| | | ||||
| | The 127/8 address range provides 16M addresses allowing wide | ||||
| | flexibility in varying addresses to exercise ECMP paths. Finally, | ||||
| | as an implementation optimization, the 127/8 range provides an | ||||
| | easy means of identifying possible LSP packets. | ||||
| * To exercise all paths in an ECMP environment, the source of | NEW: | |||
| entropy other than the IP destination address SHOULD be used. For | ||||
| example, MPLS Entropy Label [RFC6790] or IPv6 Flow Label [RFC6438] | ||||
| can be used as the source of entropy. | ||||
| END | | The 127/8 range for IPv4 was chosen for a number of reasons. | |||
| | | ||||
| | RFC 1122 [RFC1122] allocates the 127/8 as the "Internal host | ||||
| | loopback address" and states: "Addresses of this form MUST NOT | ||||
| | appear outside a host." Thus, the default behavior of hosts is to | ||||
| | discard such packets. This helps to ensure that if a diagnostic | ||||
| | packet is misdirected to a host, it will be silently discarded. | ||||
| | | ||||
| | RFC 1812 [RFC1812] states: | ||||
| | | ||||
| | A router SHOULD NOT forward, except over a loopback interface, | ||||
| | any packet that has a destination address on network 127. A | ||||
| | router MAY have a switch that allows the network manager to | ||||
| | disable these checks. If such a switch is provided, it MUST | ||||
| | default to performing the checks. | ||||
| | | ||||
| | This helps to ensure that diagnostic packets are never IP | ||||
| | forwarded. | ||||
| | | ||||
| | The 127/8 address range provides 16M addresses allowing wide | ||||
| | flexibility in varying addresses to exercise ECMP paths. Finally, | ||||
| | as an implementation optimization, the 127/8 range provides an | ||||
| | easy means of identifying possible LSP packets. | ||||
| | | ||||
| | The IPv6 destination address for an MPLS echo request message is | ||||
| | selected as follows: | ||||
| | | ||||
| | * The IPv6 loopback address ::1/128 SHOULD be used. | ||||
| | | ||||
| | * The sender of an MPLS echo request MAY select the IPv6 | ||||
| | destination address from the 0:0:0:0:0:FFFF:7F00/104 range. | ||||
| | | ||||
| | * To exercise all paths in an ECMP environment, the source of | ||||
| | entropy other than the IP destination address SHOULD be used. | ||||
| | For example, the MPLS Entropy Label [RFC6790] or IPv6 Flow | ||||
| | Label [RFC6438] can be used as the source of entropy. | ||||
| Additionally, this specification updates Section 2.2 of [RFC8029] to | Additionally, this specification updates Section 2.2 of [RFC8029] to | |||
| replace the whole of the section with the following text: | replace the whole of the section with the following text: | |||
| LSP Ping implementations SHOULD ignore RAO options when they | | LSP Ping implementations SHOULD ignore RAO options when they | |||
| arrive on incoming MPLS echo request and MPLS echo reply messages. | | arrive on incoming MPLS echo request and MPLS echo reply messages. | |||
| Resulting from the removal of the Reply mode 3 "Reply via an IPv4/ | Resulting from the removal of the Reply mode 3 "Reply via an IPv4/ | |||
| IPv6 UDP packet with Router Alert" (see Section 3.2), this | IPv6 UDP packet with Router Alert" (see Section 2.2), this | |||
| specification updates Section 4.5 of [RFC8029] by removing the | specification updates Section 4.5 of [RFC8029] by removing the | |||
| following text: | following text: | |||
| If the Reply Mode in the echo request is "Reply via an IPv4 UDP | | If the Reply Mode in the echo request is "Reply via an IPv4 UDP | |||
| packet with Router Alert", then the IP header MUST contain the | | packet with Router Alert", then the IP header MUST contain the | |||
| Router Alert IP Option of value 0x0 [RFC2113] for IPv4 or 69 | | Router Alert IP Option of value 0x0 [RFC2113] for IPv4 or 69 | |||
| [RFC7506] for IPv6. If the reply is sent over an LSP, the topmost | | [RFC7506] for IPv6. If the reply is sent over an LSP, the topmost | |||
| label MUST in this case be the Router Alert label (1) (see | | label MUST in this case be the Router Alert label (1) (see | |||
| [RFC3032]). | | [RFC3032]). | |||
| Furthermore, this specification updates Section 4.3 of [RFC8029] as | Furthermore, this specification updates Section 4.3 of [RFC8029] as | |||
| follows: | follows: | |||
| OLD: | OLD: | |||
| The Router Alert IP Option of value 0x0 [RFC2113] for IPv4 or value | | The Router Alert IP Option of value 0x0 [RFC2113] for IPv4 or | |||
| 69 [RFC7506] for IPv6 MUST be set in the IP header. | | value 69 [RFC7506] for IPv6 MUST be set in the IP header. | |||
| NEW: | NEW: | |||
| The Router Alert IP Option of value 0x0 [RFC2113] for IPv4 or value | | The Router Alert IP Option of value 0x0 [RFC2113] for IPv4 or | |||
| 69 [RFC7506] for IPv6 MUST NOT be set in the IP header. | | value 69 [RFC7506] for IPv6 MUST NOT be set in the IP header. | |||
| END | ||||
| 6. Backwards Compatibility | 5. Backwards Compatibility | |||
| LSP Ping implementations that conform to this specification SHOULD | LSP Ping implementations that conform to this specification SHOULD | |||
| ignore RAO options when they arrive on incoming MPLS echo request and | ignore RAO options when they arrive on incoming MPLS echo request and | |||
| MPLS echo reply messages. However, this will not harm backwards | MPLS echo reply messages. However, this will not harm backwards | |||
| compatibility because other mechanisms will also be in use by all | compatibility because other mechanisms will also be in use by all | |||
| legacy implementations in the messages they send and receive. | legacy implementations in the messages they send and receive. | |||
| Section 7 of this document deprecates the IPv6 RAO value for MPLS OAM | Section 6 of this document deprecates the IPv6 RAO value for MPLS OAM | |||
| (69) in [IANA-IPV6-RAO] and the Reply Mode 3 ("Reply via an IPv4/IPv6 | (69) in [IANA-IPV6-RAO] and the Reply Mode 3 ("Reply via an IPv4/IPv6 | |||
| UDP packet with Router Alert") in [IANA-LSP-PING]. | UDP packet with Router Alert") in [IANA-LSP-PING]. | |||
| [RFC8126] offers a formal description of the word "Deprecated". In | [RFC8126] offers a formal description of the word "Deprecated". In | |||
| this context, "Deprecated" means that the deprecated values SHOULD | this context, "Deprecated" means that the deprecated values SHOULD | |||
| NOT be used in new implementations, and that deployed implementations | NOT be used in new implementations, and that deployed implementations | |||
| that already use these values continue to work seamlessly. | that already use these values continue to work seamlessly. | |||
| 7. IANA Considerations | 6. IANA Considerations | |||
| IANA is requested to mark the IPv6 RAO value of MPLS OAM (69) in | IANA has marked the IPv6 RAO value of MPLS OAM (69) in | |||
| [IANA-IPV6-RAO] as "Deprecated". | [IANA-IPV6-RAO] as "Deprecated". | |||
| IANA is also requested to mark Reply Mode 3 ("Reply via an IPv4/IPv6 | IANA has marked Reply Mode 3 ("Reply via an IPv4/IPv6 UDP packet with | |||
| UDP packet with Router Alert") in "Multiprotocol Label Switching | Router Alert") in "Multiprotocol Label Switching (MPLS) Label | |||
| (MPLS) Label Switched Paths (LSPs) Ping Parameters"[IANA-LSP-PING] as | Switched Paths (LSPs) Ping Parameters"[IANA-LSP-PING] as | |||
| "Deprecated". | "Deprecated". | |||
| 8. Security Considerations | 7. Security Considerations | |||
| The recommendations this document makes do not compromise security. | The recommendations this document makes do not compromise security. | |||
| In case of using IPv6 loopback address ::1/128 strengthens security | In case of using IPv6 loopback address ::1/128 strengthens security | |||
| for LSP Ping by using the standardized loopback address with well- | for LSP ping by using the standardized loopback address with well- | |||
| defined behavior. | defined behavior. | |||
| 9. Acknowledgments | 8. Normative References | |||
| The authors express their appreciation to Adrian Farrel and Gyan | ||||
| Mishra for their suggestions that improved the readability of the | ||||
| document. | ||||
| 10. Normative References | ||||
| [RFC1122] Braden, R., Ed., "Requirements for Internet Hosts - | [RFC1122] Braden, R., Ed., "Requirements for Internet Hosts - | |||
| Communication Layers", STD 3, RFC 1122, | Communication Layers", STD 3, RFC 1122, | |||
| DOI 10.17487/RFC1122, October 1989, | DOI 10.17487/RFC1122, October 1989, | |||
| <https://www.rfc-editor.org/info/rfc1122>. | <https://www.rfc-editor.org/info/rfc1122>. | |||
| [RFC1812] Baker, F., Ed., "Requirements for IP Version 4 Routers", | [RFC1812] Baker, F., Ed., "Requirements for IP Version 4 Routers", | |||
| RFC 1812, DOI 10.17487/RFC1812, June 1995, | RFC 1812, DOI 10.17487/RFC1812, June 1995, | |||
| <https://www.rfc-editor.org/info/rfc1812>. | <https://www.rfc-editor.org/info/rfc1812>. | |||
| skipping to change at page 9, line 38 ¶ | skipping to change at line 397 ¶ | |||
| [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for | [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for | |||
| Writing an IANA Considerations Section in RFCs", BCP 26, | Writing an IANA Considerations Section in RFCs", BCP 26, | |||
| RFC 8126, DOI 10.17487/RFC8126, June 2017, | RFC 8126, DOI 10.17487/RFC8126, June 2017, | |||
| <https://www.rfc-editor.org/info/rfc8126>. | <https://www.rfc-editor.org/info/rfc8126>. | |||
| [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC | [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC | |||
| 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | |||
| May 2017, <https://www.rfc-editor.org/info/rfc8174>. | May 2017, <https://www.rfc-editor.org/info/rfc8174>. | |||
| 11. Informational References | 9. Informative References | |||
| [IANA-IPV6-RAO] | [IANA-IPV6-RAO] | |||
| IANA, "IPv6 Router Alert Option Values", n.d., | IANA, "IPv6 Router Alert Option Values", | |||
| <https://www.iana.org/assignments/ipv6-routeralert- | <https://www.iana.org/assignments/ipv6-routeralert- | |||
| values>. | values>. | |||
| [IANA-LSP-PING] | [IANA-LSP-PING] | |||
| IANA, "Multiprotocol Label Switching (MPLS) Label Switched | IANA, "Multiprotocol Label Switching (MPLS) Label Switched | |||
| Paths (LSPs) Ping Parameters", n.d., | Paths (LSPs) Ping Parameters", | |||
| <https://www.iana.org/assignments/mpls-lsp-ping- | <https://www.iana.org/assignments/mpls-lsp-ping- | |||
| parameters/mpls-lsp-ping-parameters.xml>. | parameters>. | |||
| [RFC3032] Rosen, E., Tappan, D., Fedorkow, G., Rekhter, Y., | ||||
| Farinacci, D., Li, T., and A. Conta, "MPLS Label Stack | ||||
| Encoding", RFC 3032, DOI 10.17487/RFC3032, January 2001, | ||||
| <https://www.rfc-editor.org/info/rfc3032>. | ||||
| [RFC6438] Carpenter, B. and S. Amante, "Using the IPv6 Flow Label | [RFC6438] Carpenter, B. and S. Amante, "Using the IPv6 Flow Label | |||
| for Equal Cost Multipath Routing and Link Aggregation in | for Equal Cost Multipath Routing and Link Aggregation in | |||
| Tunnels", RFC 6438, DOI 10.17487/RFC6438, November 2011, | Tunnels", RFC 6438, DOI 10.17487/RFC6438, November 2011, | |||
| <https://www.rfc-editor.org/info/rfc6438>. | <https://www.rfc-editor.org/info/rfc6438>. | |||
| [RFC6790] Kompella, K., Drake, J., Amante, S., Henderickx, W., and | [RFC6790] Kompella, K., Drake, J., Amante, S., Henderickx, W., and | |||
| L. Yong, "The Use of Entropy Labels in MPLS Forwarding", | L. Yong, "The Use of Entropy Labels in MPLS Forwarding", | |||
| RFC 6790, DOI 10.17487/RFC6790, November 2012, | RFC 6790, DOI 10.17487/RFC6790, November 2012, | |||
| <https://www.rfc-editor.org/info/rfc6790>. | <https://www.rfc-editor.org/info/rfc6790>. | |||
| Acknowledgments | ||||
| The authors express their appreciation to Adrian Farrel and Gyan | ||||
| Mishra for their suggestions that improved the readability of the | ||||
| document. | ||||
| Authors' Addresses | Authors' Addresses | |||
| Kireeti Kompella | Kireeti Kompella | |||
| Juniper Networks | Juniper Networks | |||
| 1133 Innovation Way | 1133 Innovation Way | |||
| Sunnyvale, CA 94089 | Sunnyvale, CA 94089 | |||
| United States | United States of America | |||
| Email: kireeti.ietf@gmail.com | Email: kireeti.ietf@gmail.com | |||
| Ron Bonica | Ron Bonica | |||
| Juniper Networks | Juniper Networks | |||
| 1133 Innovation Way | 1133 Innovation Way | |||
| Sunnyvale, CA 94089 | Sunnyvale, CA 94089 | |||
| United States | United States of America | |||
| Email: rbonica@juniper.net | Email: rbonica@juniper.net | |||
| Greg Mirsky (editor) | Greg Mirsky (editor) | |||
| Ericsson | Ericsson | |||
| Email: gregimirsky@gmail.com | Email: gregimirsky@gmail.com | |||
| End of changes. 51 change blocks. | ||||
| 175 lines changed or deleted | 171 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. | ||||