Internet Engineering Task Force P. Christian
INTERNET DRAFT Christian Tena LTD
February 2003
TLV for Experimental Use
<draft-ietf-isis-experimental-tlv-00.txt>
Status of this Memo
This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC 2026.
Internet Drafts are working documents of the Internet Engineering
Task Force (IETF), its Areas, and its Working Groups. Note that
other groups may also distribute working documents as Internet
Drafts.
Internet Drafts are draft documents valid for a maximum of six
months. Internet Drafts may be updated, replaced, or obsoleted by
other documents at any time. It is not appropriate to use Internet
Drafts as reference material or to cite them other than as a
"working draft" or "work in progress".
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
This memo provides information for the Internet community. This memo
does not specify an Internet standard of any kind.
Distribution of this draft is unlimited.
1. Abstract
This document defines a TLV that may be used by any individual,
company or other organisation for experimental extensions to the
IS-IS routing protocol, and defines the format of the TLV.
2. Conventions used in this document
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in
this document are to be interpreted as described in RFC 2119.
Christian Expires August 2003 1
�
Internet Draft February 2003
TLV for Experimental Use
3. Introduction
IS-IS as defined in [1] has always been an extensible routing
protocol. Extensions to IS-IS are encoded as a TLV. Critically [1]
has always defined that when an IS-IS router receives an LSP, that
it SHALL process the parts of the LSP that it understands, and SHALL
flood the entire LSP, including all TLVs whether they are understood
or not, on to other routers in the network.
Thus information that is encoded into a TLV and placed in an LSP by
a router will be propagated to every other router in an IS-IS level-
1 area or level-2 subdomain, even by implementations that were never
designed with that particular TLV in mind.
The basic function of an IS-IS TLV is identified by the first byte
of the TLV (the code). Thus there are only 256 possible TLV codes.
Certain TLVs have been defined to include sub-TLVs so that a single
TLV code can be used for multiple functions.
No single authority assigns TLV codes, [3] lists most known TLV
codes at this time. Also no TLV code was ever defined for
experimental use.
The extensible nature of IS-IS has made the use of TLVs in LSPs for
non-standard purposes so useful that in the absence of a central
authority for assigning TLV type numbers vendors have occasionally
simply chosen a number and hoped for the best. The risk is that
such a TLV code may then be chosen by another organization at a
later time for a different function, thus creating an
interoperability problem. Also this accelerates the depletion of the
256 possible TLV codes.
This document specifies a TLV that may be used for experimental
purposes, and a mechanism that insures that different
implementations using this TLV can exist in the same network without
creating interoperability problems.
By using this new TLV, companies, individuals or institutions may
use extensions to IS-IS without fear of interoperability problems
with other organizations in the future, and the available pool of
TLV codes will no longer be diminished by experimental use.
4. TLV code for experimental use
The code for this TLV SHALL be 250.
TLVs that use 250 for the code field MUST include a valid IEEE
assigned OUI as the first three bytes of the value of the TLV.
The structure of the TLV is shown in the diagram below.
Christian Expires August 2003 2
�
Internet Draft February 2003
TLV for Experimental Use
No. of Octets
+---------------------------+
| CODE =250 | 1
+---------------------------+
| LENGTH =n+3 | 1
+---------------------------+
| OUI | 3
+---------------------------+
| DATA | n
+---------------------------+
Structure of the Experiemental TLV
The three octet OUI plus the data octets together constitute a
normal IS-IS variable length value field. The length field MUST be
set to the number of octets of data plus three.
For more information about OUIs refer to [4].
On receipt of an LSP a router MAY ignore TLVs of type 250 that
include an OUI from a different organization, but MUST flood the LSP
onwards as per [1].
After the first three bytes of the value field of the TLV subsequent
bytes may be used freely for any purpose (within the limitations set
out in this document) provided that the resultant TLV is conformant
with [1].
Many organizations will have access to only one or a few OUIs.
Implementers are free to format the value field after their OUI into
sub-TLVs so that the TLV may be used for multiple purposes, and would
be well advised to do so.
5. Using experimental information to modify SPF
All routers in an IS-IS routed network need to calculate routes
such that they all arrive at the same shortest path for a given
destination.
If this does not happen then routing loops and blackholes are likely
to occur.
Therefore a router MUST NOT calculate a route differently due to
information that it receives in an experimental TLV. Shortest paths
MUST continue to be calculated as per [1] and [2].
Christian Expires August 2003 3
�
Internet Draft February 2003
TLV for Experimental Use
6. Correct use of Experimental TLV in LSPs
Some implementations recalculate SPF each time that they receive a
new LSP. In the least case an implementation needs to decide
whether a new LSP is significant or not. If one router constantly
transmits LSPs into the network then others may not perform well.
Additionally LSPs are flooded to every router in a level-1 area or
level-2 subdomain, and are therefore not a particularly efficient
way of carrying a piece of information simply from router A to
router B.
Consequently the experimental TLV SHOULD NOT be used within LSPs as
any kind of general transport mechanism, and the experimental TLV
SHOULD NOT cause frequent transmission of LSPs into the network.
In general it would be preferable to transmit information in an
experimental TLV at such time as an LSP would be normally be
transmitted anyway, if this is possible.
These particular restrictions do not apply to use of the
experimental TLV in Hello and Sequence Number packets.
7. Authentication of PDUs
If HMAC authentication of IS-IS PDUs that contain an experimental
TLV is used then the experimental TLV MUST be included in the HMAC
calculation.
8. Documenting an Experimental TLV
Without an understanding of what an experimental TLV has been used
for an operator is not able to make an informed decision as to
whether or not to deploy it in their network.
Implementors SHOULD document the use of an Experimental TLV in an
experimental status RFC. Experimental RFCs MAY be submitted
directly to the RFC editor and do not necessarily need to discussed
by the workgroup. Details may be found in section 4.2.3 of RFC
2026 [6].
If such documentation is not available then an operator SHOULD
consider the interoperability and security of an implementation
to be unknown.
Christian Expires August 2003 4
�
Internet Draft February 2003
TLV for Experimental Use
9. Security Considerations
The contents of IS-IS PDUs are not protected by encryption,
so the contents of TLVs in LSPs are visible throughout the
routing area or domain, while the contents of Hello Packets,
CSNPs, and PSNPs are visible to observers on the link they
are sent to. The addition of MD5 authentication, as described
in [5] can increase the integrity of TLVs, while encryption could
increase their confidentiality.
The general extensibility of the TLV mechanism has always allowed
the addition of new information, and the possibility of conflicting
interpretations of such information by different implementations.
This proposal does not introduce a new quality of information; it
simply allows an increase in the quantity of such additions. As
such, it represents no new security issues for IS-IS.
10. References
[1] ISO, "Intermediate system to Intermediate system routeing
information exchange protocol for use in conjunction with the
Protocol for providing the Connectionless-mode Network Service
(ISO 8473)", ISO/IEC 10589:1992.
[2] RFC 1195, Use of OSI IS-IS for Routing in TCP/IP and Dual
Environments, R Callon, December 1990
[3] RFC 3359, Reserved TLV Codepoints in ISIS
Tony Przygienda, August 2002
[4] IEEE OUI and Company_id Assignments
http://standards.ieee.org/regauth/oui/index.shtml
[5] draft-ietf-isis-hmac-03.txt, IS-IS Cryptographic Authentication
Tony Li, RJ Atkinson, July 2001
[6] RFC 2026, The Internet Standards Process -- Revision 3
Scott O. Bradner, October 1996
11. Acknowledgments
The author takes no credit for this work as the concept was
discussed in the IS-IS Working Group before the author even became
an active participant. Suggestions for acknowledgement gladly
received.
Christian Expires August 2003 5
�
Internet Draft February 2003
TLV for Experimental Use
12. Author's Addresses
Philip Christian
Christian Tena LTD
Hatfield Heath
Essex, CM22 7AH UK
Email: philip.christian@christiantena.co.uk
Christian Expires August 2003 6