| rfc9798.original | rfc9798.txt | |||
|---|---|---|---|---|
| Internet Engineering Task Force V. Govindan | Internet Engineering Task Force (IETF) V. Govindan | |||
| Internet-Draft S. Venaas | Request for Comments: 9798 S. Venaas | |||
| Updates: 8059 (if approved) Cisco | Updates: 8059 Cisco | |||
| Intended status: Experimental 21 February 2025 | Category: Experimental May 2025 | |||
| Expires: 25 August 2025 | ISSN: 2070-1721 | |||
| PIM Join/Prune Attributes for LISP Environments using Underlay Multicast | PIM Join/Prune Attributes for Locator/ID Separation Protocol (LISP) | |||
| draft-ietf-pim-jp-extensions-lisp-09 | Environments Using Underlay Multicast | |||
| Abstract | Abstract | |||
| This document specifies an update to the PIM Receiver RLOC Join/Prune | This document specifies an update to the PIM Receiver RLOC Join/Prune | |||
| attribute that supports the construction of multicast distribution | attribute that supports the construction of multicast distribution | |||
| trees where the source and receivers are located in different | trees where the source and receivers are located in different | |||
| Locator/ID Separation Protocol (LISP) sites and are connected using | Locator/ID Separation Protocol (LISP) sites and are connected using | |||
| underlay IP Multicast. This attribute allows the receiver site to | underlay IP Multicast. This attribute allows the receiver site to | |||
| signal the underlay multicast group to the control plane of the root | signal the underlay multicast group to the control plane of the root | |||
| Ingress Tunnel Router (ITR). This document updates RFC 8059. | Ingress Tunnel Router (ITR). This document updates RFC 8059. | |||
| Status of This Memo | Status of This Memo | |||
| This Internet-Draft is submitted in full conformance with the | This document is not an Internet Standards Track specification; it is | |||
| provisions of BCP 78 and BCP 79. | published for examination, experimental implementation, and | |||
| evaluation. | ||||
| Internet-Drafts are working documents of the Internet Engineering | ||||
| Task Force (IETF). Note that other groups may also distribute | ||||
| working documents as Internet-Drafts. The list of current Internet- | ||||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | ||||
| Internet-Drafts are draft documents valid for a maximum of six months | This document defines an Experimental Protocol for the Internet | |||
| and may be updated, replaced, or obsoleted by other documents at any | community. This document is a product of the Internet Engineering | |||
| time. It is inappropriate to use Internet-Drafts as reference | Task Force (IETF). It represents the consensus of the IETF | |||
| material or to cite them other than as "work in progress." | community. It has received public review and has been approved for | |||
| publication by the Internet Engineering Steering Group (IESG). Not | ||||
| all documents approved by the IESG are candidates for any level of | ||||
| Internet Standard; see Section 2 of RFC 7841. | ||||
| This Internet-Draft will expire on 25 August 2025. | Information about the current status of this document, any errata, | |||
| and how to provide feedback on it may be obtained at | ||||
| https://www.rfc-editor.org/info/rfc9798. | ||||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2025 IETF Trust and the persons identified as the | Copyright (c) 2025 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents (https://trustee.ietf.org/ | Provisions Relating to IETF Documents | |||
| license-info) in effect on the date of publication of this document. | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| Please review these documents carefully, as they describe your rights | publication of this document. Please review these documents | |||
| and restrictions with respect to this document. Code Components | carefully, as they describe your rights and restrictions with respect | |||
| extracted from this document must include Revised BSD License text as | to this document. Code Components extracted from this document must | |||
| described in Section 4.e of the Trust Legal Provisions and are | include Revised BSD License text as described in Section 4.e of the | |||
| provided without warranty as described in the Revised BSD License. | Trust Legal Provisions and are provided without warranty as described | |||
| in the Revised BSD License. | ||||
| Table of Contents | Table of Contents | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 | 1. Introduction | |||
| 1.1. Requirements Language . . . . . . . . . . . . . . . . . . 3 | 1.1. Requirements Language | |||
| 2. The case for extending the Received ETR RLOC Attribute of RFC | 2. The Case for Extending the Received ETR RLOC Attribute of RFC | |||
| 8059 . . . . . . . . . . . . . . . . . . . . . . . . . . 3 | 8059 | |||
| 2.1. Flexible mapping of overlay to underlay group ranges: . . 3 | 2.1. Flexible Mapping of Overlay to Underlay Group Ranges | |||
| 2.2. Multicast Address Range constraints: . . . . . . . . . . 3 | 2.2. Multicast Address Range Constraints | |||
| 3. Updates to RFC 8059 . . . . . . . . . . . . . . . . . . . . . 4 | 3. Updates to RFC 8059 | |||
| 3.1. Scope . . . . . . . . . . . . . . . . . . . . . . . . . . 4 | 3.1. Scope | |||
| 3.2. Receiver ETR RLOC Attribute . . . . . . . . . . . . . . . 4 | 3.2. Receiver ETR RLOC Attribute | |||
| 3.3. Using the Receiver RLOC Attribute . . . . . . . . . . . . 4 | 3.3. Using the Receiver RLOC Attribute | |||
| 4. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 5 | 4. IANA Considerations | |||
| 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5 | 5. Security Considerations | |||
| 6. Security Considerations . . . . . . . . . . . . . . . . . . . 5 | 6. Normative References | |||
| 7. Normative References . . . . . . . . . . . . . . . . . . . . 6 | Acknowledgements | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 6 | Authors' Addresses | |||
| 1. Introduction | 1. Introduction | |||
| The construction of multicast distribution trees where the root and | The construction of multicast distribution trees where the root and | |||
| receivers are located in different LISP sites [RFC9300] is defined in | receivers are located in different LISP sites [RFC9300] is defined in | |||
| [RFC6831]. | [RFC6831]. | |||
| [RFC6831] specifies that (root-EID, G) data packets are to be LISP- | [RFC6831] specifies that (root-EID, G) data packets are to be LISP- | |||
| encapsulated into (root-RLOC, G) multicast packets. [RFC8059] | encapsulated into (root-RLOC, G) multicast packets. [RFC8059] | |||
| defines PIM Join/Prune attribute extensions to construct multicast | defines PIM Join/Prune attribute extensions to construct multicast | |||
| distribution trees. Please refer to Section 3 of [RFC6831] for the | distribution trees. Please refer to Section 3 of [RFC6831] for the | |||
| definition of the terms EID and RLOC. We use the term root-EID or | definition of the terms Endpoint ID (EID) and Routing Locator (RLOC). | |||
| root-RLOC to refer to the source of the multicast tree rooted at the | We use the term root-EID or root-RLOC to refer to the source of the | |||
| EID or RLOC. This document extends the Receiver ETR RLOC PIM Join/ | multicast tree rooted at the EID or RLOC. This document extends the | |||
| Prune attribute [RFC8059] to facilitate the construction of underlay | Receiver ETR RLOC PIM Join/Prune attribute [RFC8059] to facilitate | |||
| multicast trees for (root-RLOC, G). | the construction of underlay multicast trees for (root-RLOC, G). | |||
| Specifically, the assignment of the underlay multicast group needs to | Specifically, the assignment of the underlay multicast group needs to | |||
| be done in consonance with the downstream xTR nodes needed to avoid | be done in consonance with the downstream Tunnel Router (xTR) nodes | |||
| unnecessary replication or traffic hairpinning. | needed to avoid unnecessary replication or traffic hairpinning. | |||
| Since the Receiver RLOC Attribute defined in [RFC8059] only addresses | Since the Receiver RLOC Attribute defined in [RFC8059] only addresses | |||
| the Ingress Replication case, an extension of the scope of that PIM | the Ingress Replication case, this document extends the scope of that | |||
| Join/Prune attribute is defined by this draft to include scenarios | PIM Join/Prune attribute to include scenarios where the underlay uses | |||
| where the underlay uses Multicast transport. The scope extension | Multicast transport. The scope extension complies with the base | |||
| proposed here complies with the base specification [RFC5384]. | specification [RFC5384]. | |||
| This document uses terminology defined in [RFC9300], such as EID, | This document uses terminology defined in [RFC9300], such as EID, | |||
| RLOC, ITR, and ETR. | RLOC, ITR, and ETR. | |||
| 1.1. Requirements Language | 1.1. Requirements Language | |||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
| "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | |||
| "OPTIONAL" in this document are to be interpreted as described in BCP | "OPTIONAL" in this document are to be interpreted as described in | |||
| 14 [RFC2119] [RFC8174] when, and only when, they appear in all | BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all | |||
| capitals, as shown here. | capitals, as shown here. | |||
| 2. The case for extending the Received ETR RLOC Attribute of RFC 8059 | 2. The Case for Extending the Received ETR RLOC Attribute of RFC 8059 | |||
| When LISP based Multicast trees are constructed using IP Multicast in | When LISP-based Multicast trees are constructed using IP Multicast in | |||
| the underlay, the mapping between the overlay group address and the | the underlay, the mapping between the overlay group address and the | |||
| underlay group address becomes a crucial engineering decision: | underlay group address becomes a crucial engineering decision. | |||
| 2.1. Flexible mapping of overlay to underlay group ranges: | 2.1. Flexible Mapping of Overlay to Underlay Group Ranges | |||
| Three distinct types of overlay to underlay group mappings are | Three distinct types of overlay to underlay group mappings are | |||
| possible: Many to one mapping: Many (root-EID, G) flows originating | possible: | |||
| from an RLOC can be mapped to a single underlay multicast (root-RLOC, | ||||
| G-u) flow. One to many mapping: Conversely a single same overlay | ||||
| flow can be mapped to two or more flows, e.g., (root-RLOC, G-u1) and | ||||
| (root-RLOC, G-u2) to cater to the requirements of downstream xTR | ||||
| nodes. One to one mapping: Every (root-EID, G) flow is mapped to a | ||||
| unique (root-RLOC, G-u) flow. | ||||
| 2.2. Multicast Address Range constraints: | * Many-to-one mapping: Many (root-EID, G) flows originating from an | |||
| RLOC can be mapped to a single underlay multicast (root-RLOC, G-u) | ||||
| flow. | ||||
| * One-to-many mapping: Conversely a single same overlay flow can be | ||||
| mapped to two or more flows -- e.g., (root-RLOC, G-u1) and (root- | ||||
| RLOC, G-u2) -- to cater to the requirements of downstream xTR | ||||
| nodes. | ||||
| * One-to-one mapping: Every (root-EID, G) flow is mapped to a unique | ||||
| (root-RLOC, G-u) flow. | ||||
| 2.2. Multicast Address Range Constraints | ||||
| Under certain conditions, different subsets of xTRs subscribing to | Under certain conditions, different subsets of xTRs subscribing to | |||
| the same overlay multicast stream may be constrained to use distinct | the same overlay multicast stream may be constrained to use distinct | |||
| underlay multicast mapping ranges. | underlay multicast mapping ranges. | |||
| This introduces a trade-off between replication overhead and the | This introduces a trade-off between replication overhead and the | |||
| flexibility of address range assignment, which may be necessary in | flexibility of address range assignment, which may be necessary in | |||
| specific use-cases like Proxy Tunnel Routers or when using nodes with | specific use cases like Proxy Tunnel Routers or when using nodes with | |||
| limited hardware resources as explained below: | limited hardware resources as explained below. | |||
| Inter-site Proxy Tunnel Routers (PxTR): | Inter-site Proxy Tunnel Routers (PxTR): | |||
| When multiple LISP sites are interconnected through a LISP-based | When multiple LISP sites are interconnected through a LISP-based | |||
| transit, the site border node (PxTR) connects the site-facing | transit, the site border node (PxTR) connects the site-facing | |||
| interfaces with the external LISP core. In such cases, different | interfaces with the external LISP core. In such cases, different | |||
| ranges of multicast group addresses may be used for constructing | ranges of multicast group addresses may be used for constructing | |||
| (S-RLOC, G) trees within the LISP site and in the external LISP | (S-RLOC, G) trees within the LISP site and in the external LISP | |||
| core. This distinction is desirable for various operational | core. This distinction is desirable for various operational | |||
| reasons | reasons. | |||
| Hardware resource restrictions: | Hardware resource restrictions: | |||
| Platform limitations may necessitate engineering decisions to | Platform limitations may necessitate engineering decisions to | |||
| restrict multicast address ranges in the underlay due to hardware | restrict multicast address ranges in the underlay due to hardware | |||
| resource constraints. | resource constraints. | |||
| 3. Updates to RFC 8059 | 3. Updates to RFC 8059 | |||
| 3.1. Scope | 3.1. Scope | |||
| No changes are proposed to the syntax or semantics of the Transport | No changes are proposed to the syntax or semantics of the Transport | |||
| Attribute defined in RFC 8059 [RFC8059]. | Attribute defined in [RFC8059]. | |||
| The scope of the updates to RFC 8059 [RFC8059] is limited to the case | The scope of the updates to [RFC8059] is limited to the case where | |||
| where the "Transport" field of the Transport Attribute is set to zero | the "Transport" field of the Transport Attribute is set to zero | |||
| (Multicast) only. | (Multicast) only. | |||
| 3.2. Receiver ETR RLOC Attribute | 3.2. Receiver ETR RLOC Attribute | |||
| The definition of the "Receiver RLOC" field of the Receiver ETR RLOC | The definition of the "Receiver RLOC" field of the Receiver ETR RLOC | |||
| attribute RFC 8059 [RFC8059] is updated as follows: | attribute [RFC8059] is updated as follows: | |||
| Receiver RLOC: | | Receiver RLOC: | |||
| The RLOC address on which the receiver ETR wishes to receive the | | The RLOC address on which the receiver ETR wishes to receive | |||
| encapsulated flow. A unicast IP Receiver RLOC address is used for | | the encapsulated flow. A unicast IP Receiver RLOC address is | |||
| unicast-encapsulated flows. Alternately, a multicast IP Receiver | | used for unicast-encapsulated flows. Alternately, a multicast | |||
| RLOC address is used for for multicast-encapsulated flows. A | | IP Receiver RLOC address is used for for multicast-encapsulated | |||
| multicast IP address MUST be used only when the underlay network of | | flows. A multicast IP address MUST be used only when the | |||
| the LISP core supports IP Multicast transport. | | underlay network of the LISP core supports IP Multicast | |||
| | transport. | ||||
| The definitions of the other fields of the Receiver ETR RLOC | The definitions of the other fields of the Receiver ETR RLOC | |||
| Attribute remain unchanged. | Attribute remain unchanged. | |||
| When the ITR needs to track the list of ETRs from which the PIM joins | When the ITR needs to track the list of ETRs from which the PIM joins | |||
| are received, the ITR MUST use the source IP address field of the | are received, the ITR MUST use the source IP address field of the | |||
| incoming PIM Join/Prune message. The source IP address of the PIM | incoming PIM Join/Prune message. The source IP address of the PIM | |||
| Join/Prune MUST be an ETR RLOC IP address. | Join/Prune MUST be an ETR RLOC IP address. | |||
| 3.3. Using the Receiver RLOC Attribute | 3.3. Using the Receiver RLOC Attribute | |||
| When the ETR determines to use the multicast underlay: | When the ETR determines to use the multicast underlay: | |||
| * It chooses an underlay multicast group that it can join. This is | * It chooses an underlay multicast group that it can join. This is | |||
| a matter of local decision, beyond the scope of this document. | a matter of local decision, which is beyond the scope of this | |||
| document. | ||||
| * It identifies the upstream LISP site where the underlay multicast | * It identifies the upstream LISP site where the underlay multicast | |||
| tree needs to be rooted. | tree needs to be rooted. | |||
| * It constructs the PIM Join/Prune message as specified in RFC 8059 | * It constructs the PIM Join/Prune message as specified in | |||
| [RFC8059]. Only the Receiver RLOC attribute is encoded as above. | [RFC8059]. Only the Receiver RLOC attribute is encoded as above. | |||
| When the ITR receives a PIM Join/Prune message: | When the ITR receives a PIM Join/Prune message: | |||
| * It allocates a new entry in the OutgoingInterfaceList RFC 6831 | * It allocates a new entry in the OutgoingInterfaceList [RFC6831] | |||
| [RFC6831] for every unique underlay multicast mapping. | for every unique underlay multicast mapping. | |||
| * The ITR MAY apply local policy to perform any kind of rate- | * The ITR MAY apply local policy to perform any kind of rate- | |||
| limiting on the number of copies it needs to make in the underlay. | limiting on the number of copies it needs to make in the underlay. | |||
| Such actions are beyond the scope of this document. | Such actions are beyond the scope of this document. | |||
| 4. Acknowledgements | 4. IANA Considerations | |||
| The authors would like to thank Dino Farinacci, Victor Moreno, Alvaro | ||||
| Retana, Aswin Kuppusami, Joe Clarke and Peter Yee for their valuable | ||||
| comments. The authors also thank Sankaralingam T and Amit Kumar for | ||||
| their contributions to the document. The authors thank Gunter van de | ||||
| Velde for his valuable comments. | ||||
| 5. IANA Considerations | ||||
| No new requests to IANA. | This document has no IANA actions. | |||
| 6. Security Considerations | 5. Security Considerations | |||
| An attack vector arises where an attacker sends numerous PIM Join | An attack vector arises where an attacker sends numerous PIM Join | |||
| messages with different group addresses. This could interfere with | messages with different group addresses. This could interfere with | |||
| legitimate multicast traffic if the group addresses overlap. | legitimate multicast traffic if the group addresses overlap. | |||
| Additionally, resource exhaustion may occur if replication is | Additionally, resource exhaustion may occur if replication is | |||
| requested for a large number of groups, potentially resulting in | requested for a large number of groups, potentially resulting in | |||
| significant resource consumption. To mitigate these risks, PIM | significant resource consumption. To mitigate these risks, PIM | |||
| authentication mechanisms RFC 5796 [RFC5796] could be employed to | authentication mechanisms [RFC5796] could be employed to validate | |||
| validate join requests. Furthermore, implementations may consider | join requests. Furthermore, implementations may consider explicit | |||
| explicit tracking mechanisms to manage joins more effectively. | tracking mechanisms to manage joins more effectively. Configurable | |||
| Configurable controls could be introduced, allowing for a maximum | controls could be introduced, allowing for a maximum permissible | |||
| permissible number of groups for each ETR RLOC used as the source of | number of groups for each ETR RLOC used as the source of overlay | |||
| overlay joins. These controls would limit the impact of such attacks | joins. These controls would limit the impact of such attacks and | |||
| and ensure that resource allocation is managed appropriately. | ensure that resource allocation is managed appropriately. | |||
| 7. Normative References | 6. Normative References | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, | Requirement Levels", BCP 14, RFC 2119, | |||
| DOI 10.17487/RFC2119, March 1997, | DOI 10.17487/RFC2119, March 1997, | |||
| <https://www.rfc-editor.org/info/rfc2119>. | <https://www.rfc-editor.org/info/rfc2119>. | |||
| [RFC5384] Boers, A., Wijnands, I., and E. Rosen, "The Protocol | [RFC5384] Boers, A., Wijnands, I., and E. Rosen, "The Protocol | |||
| Independent Multicast (PIM) Join Attribute Format", | Independent Multicast (PIM) Join Attribute Format", | |||
| RFC 5384, DOI 10.17487/RFC5384, November 2008, | RFC 5384, DOI 10.17487/RFC5384, November 2008, | |||
| <https://www.rfc-editor.org/info/rfc5384>. | <https://www.rfc-editor.org/info/rfc5384>. | |||
| skipping to change at page 6, line 42 ¶ | skipping to change at line 270 ¶ | |||
| [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC | [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC | |||
| 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | |||
| May 2017, <https://www.rfc-editor.org/info/rfc8174>. | May 2017, <https://www.rfc-editor.org/info/rfc8174>. | |||
| [RFC9300] Farinacci, D., Fuller, V., Meyer, D., Lewis, D., and A. | [RFC9300] Farinacci, D., Fuller, V., Meyer, D., Lewis, D., and A. | |||
| Cabellos, Ed., "The Locator/ID Separation Protocol | Cabellos, Ed., "The Locator/ID Separation Protocol | |||
| (LISP)", RFC 9300, DOI 10.17487/RFC9300, October 2022, | (LISP)", RFC 9300, DOI 10.17487/RFC9300, October 2022, | |||
| <https://www.rfc-editor.org/info/rfc9300>. | <https://www.rfc-editor.org/info/rfc9300>. | |||
| Acknowledgements | ||||
| The authors would like to thank Dino Farinacci, Victor Moreno, Alvaro | ||||
| Retana, Aswin Kuppusami, Joe Clarke, and Peter Yee for their valuable | ||||
| comments. The authors also thank Sankaralingam T and Amit Kumar for | ||||
| their contributions to the document. The authors thank Gunter Van de | ||||
| Velde for his valuable comments. | ||||
| Authors' Addresses | Authors' Addresses | |||
| Vengada Prasad Govindan | Vengada Prasad Govindan | |||
| Cisco | Cisco | |||
| Email: venggovi@cisco.com | Email: venggovi@cisco.com | |||
| Stig Venaas | Stig Venaas | |||
| Cisco | Cisco | |||
| Email: svenaas@cisco.com | Email: svenaas@cisco.com | |||
| End of changes. 32 change blocks. | ||||
| 103 lines changed or deleted | 113 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. | ||||