Network Working Group Chris Metz Internet Draft Luca Martini Expires: January 2006 Cisco Systems Florin Balus Jeff Sugimoto Nortel Networks July 9, 2005 AII Types for Aggregation draft-metz-aii-aggregate-00.txt Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. This document may only be posted in an Internet-Draft. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html This Internet-Draft will expire on January 9, . Metz, et al. Expires January 2006 [Page 1] Internet-Draft AII Types for Aggregation July 2005 Copyright Notice Copyright (C) The Internet Society (2005). All Rights Reserved. Abstract [PWE3 Control] defines the signaling mechanisms for establishing point-to-point pseudowires between two provider edge (PE) nodes. The Generalized ID FEC element contained in PWE3 signaling protocols include TLV fields that identify pseudowire endpoints called attachment individual identifiers (AII). This document defines an AII structure in the form of new AII type-length-value fields that supports AII aggregation for improved scalability. It is envisioned that this would be useful in large inter-domain virtual private wire service networks where pseudowires are established between selected local and remote PE nodes based on customer need. Conventions used in this document The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC-2119 Error! Reference source not found.. Table of Contents 1. Introduction...................................................2 2. Proposed Structure for New AII Types...........................4 2.1. Short Prefix AII Type.....................................5 2.2. Long Prefix AII Type.....................................11 3. IANA Considerations...........................................13 4. Security Considerations.......................................13 5. Acknowledgments...............................................14 6. References....................................................15 Author's Addresses...............................................15 Intellectual Property Statement..................................16 Disclaimer of Validity...........................................16 Copyright Statement..............................................17 Acknowledgment...................................................17 1. Introduction [PWE3-CONTROL] defines the signaling mechanisms for establishing point-to-point pseudowires (PWs) between two provider edge (PE) nodes. When a PW is set up, the LDP signaling messages include a FEC element containing information about the PW type and an endpoint Metz, et al. Expires January 2006 [Page 2] Internet-Draft AII Types for Aggregation July 2005 identifier used in the selection of the PW forwarder that binds the PW to the attachment circuit at each end. There are two types of FEC elements defined for this purpose: PWid FEC (type 128) and the Generalized ID (GID) FEC (type 129). The PWid FEC element includes a fixed-length 32 bit value called the PWid that serves as an endpoint identifier. The same PWid value must be configured on the local and remote PE prior to PW setup. The GID FEC element includes TLV fields for attachment individual identifiers (AII) that, in conjunction with an attachment group identifier (AGI), serve as PW endpoint identifiers. The endpoint identifier on the local PE (denoted as tuples. An AII that is globally unique would facilitate PW management and security in large inter-AS and inter-provider environments. Providers would not have to worry about AII value overlap during provisioning or the need for AII ôNATsö during signaling. Globally unique AII Metz, et al. Expires January 2006 [Page 3] Internet-Draft AII Types for Aggregation July 2005 values could aid in troubleshooting and could be subjected to source- validity checks during AII distribution and signaling. An AII that can be automatically derived from a providerÆs existing IP address space can simplify the provisioning process. In addition an AII structure that is backwards compatible with previous endpoint identifier semantics (i.e. PWid) would help providers to converge upon a PW provisioning and signaling behavior employing GID FEC TLVs. In summary the purpose of this draft is to define an AII structure based on [PWE3-CONTROL] that: o Enables many discrete attachment individual identifiers to be aggregated into a single AII aggregate. This will enhance scalability by reducing the burden on AII distribution mechanisms and on PE memory. o Ensures global uniqueness if desired by the provider. This will facilitate Internet-wide PW connectivity and provide a means for providers to perform source validation on the AII distribution (e.g. MP-BGP) and signaling (e.g. LDP) channels. o Supports a uniform PW signaling mechanism employing the GID FEC TLV structure for endpoints provisioned with the AII types defined in this draft including those previously configured with the older FEC 128 PWid value. This is accomplished by defining two new AII types and associated formats of the value fields. 2. Proposed Structure for New AII Types The format of the GID FEC TLV is defined in [PWE3-CONTROL] and is illustrated in figure 1: Metz, et al. Expires January 2006 [Page 4] Internet-Draft AII Types for Aggregation July 2005 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 129 |C| PW Type |PW info Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | AGI Type | Length | Value | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ~ AGI Value (contd.) ~ | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | AII Type | Length | Value | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ~ SAII Value (contd.) ~ | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | AII Type | Length | Value | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ~ TAII Value (contd.) ~ | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 1 GID FEC TLV Format In this document the Attachment Group Identifier (AGI) type retains the semantics specified in [PWE3-CONTROL]. Definition of specific AGI types is outside the scope of this document. However if the AGI is non-null, then the SAI consists of the AGI together with the SAII, and the TAI consists of the TAII together with the AGI. If the AGI is null, then the SAII and TAII are the SAI and TAI respectively. New AII types and the format of their associated AII value fields are defined next. 2.1. Short Prefix AII Type The Short Prefix AII type permits varying levels of AII summarization to take place thus reducing the scaling burden on the aforementioned AII distribution mechanisms and PE memory. In other words it no longer becomes necessary to distribute or configure all individual AII values (which could number in the tens of thousands or more) on local PEs prior to establishing PWs to remote PEs. An AII aggregate representing a range of individual candidate AII values on the remote PEs coupled with corresponding IP reachability information leading to the remote PE is all that is required. The next obvious step would be to route a PW setup message containing a fully qualified target AII type towards the IP next hop address associated with the AII Metz, et al. Expires January 2006 [Page 5] Internet-Draft AII Types for Aggregation July 2005 aggregate. The details of how this is performed are not discussed in this document. The Short Prefix AII type uses a combination of a providerÆs globally unique identifier (Global ID) and a variable length prefix up to 32 bits in length to create globally unique AII aggregates. It is termed the Short Prefix AII type because of the shorter 32-bit prefix used here as compared to the longer 256-bit prefix used in the Long Prefix AII type defined in the next section. The encoding of the Short Prefix AII type is shown in figure 2. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | AII Type=01 | Length | Flags | Global ID | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Global ID (contd.) | Prefix Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Prefix | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | AC ID | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 2 Short Prefix AII TLV Structure o AII Type = 0x01 o Length = length of value field in octets o Flags = One octet flags field reserved for future use. The FLAGS field MUST be set to zero when transmitting a message containing this AII type and MUST BE ignored when receiving a message containing this AII type. Metz, et al. Expires January 2006 [Page 6] Internet-Draft AII Types for Aggregation July 2005 o Global ID = This is a 4 octet field containing a value that is unique to the provider. The global ID can contain the 2 octet or 4 octet value of the providerÆs Autonomous System Number, a global unicast IPv6 /48 prefix assigned to the provider or some other globally unique value up to 4 octets in length. It is expected that the global ID will be derived from the globally unique AS number of the autonomous system hosting the PEs containing the actual AIIs. If the PE hosting the AIIs is present in an autonomous system where the provider is not running BGP, chooses not to expose this information or does not wish to use the global ID, then the global ID field MUST be set to zero. If the global ID is derived from a 2-octet AS number, then the high-order 2 octets of this 4 octet field MUST be set to zero. Please note that the use of the providerÆs AS number as a global ID DOES NOT have anything at all to do with the use AS numberÆs in protocols such as BGP. o Prefix Length = One octet value representing the significant length of the 32-bit prefix in bits. o Prefix = The 32-bit prefix is a value assigned by the provider or it can be automatically derived from the PEÆs /32 IPv4 loopback address. Note that it is not required that the 32-bit prefix have any association with the IPv4 address space used in the providerÆs IGP or BGP for IP reachability. If the prefix length is less than 32 then the 32-bit prefix field is padded with zeroes out to 32 bits, but only the first bits are significant. On receipt, bits beyond the first number of bits MUST be ignored. Metz, et al. Expires January 2006 [Page 7] Internet-Draft AII Types for Aggregation July 2005 o Attachment Circuit (AC) ID = This is a fixed length four octet field used to further refine identification of an attachment circuit on the PE. For example if the target PE advertises a short prefix AII aggregate representing all of its attachment circuits using a single aggregate value, then the AC ID included in a fully qualified Short Prefix AII Type (i.e. advertised for policy reasons or included in a PW signaling message) can be used to identify specific attachment circuits on that target PE. If the AC ID is not present then the AC ID field MUST be null and the AII Length field is set to 9. The presence of a non-null AC ID in conjunction with zeroed out global ID and prefix fields (i.e. prefix length equals zero) enables backwards compatibility with PW end-points provisioned with the older FEC 128 PWid value. This may be useful to provider who will to converge upon GID FEC 129 signaling semantics. Here are some examples of how the Short Prefix AII type applies. We assume that the AGI is null and that the prefix where appropriate is auto-generated from the configured /32 IPv4 loopback address of the PE. ôAll AIIs located in ASN = 2ö is summarized as: AII Type = 0x01 Length = variable Flags = 0x00 Global ID = 0x00000002 Prefix Length = 0 Prefix = all zeroes AC ID = null This enables AII aggregation at the ASN level. A provider might use this to advertise AII aggregate ôreachabilityö to other providers in an inter-domain PW provisioning scenario. ôAll AIIs contained in ASN = 2 and located on remote PEs with addresses beginning with 192.0.2/24ö is summarized as: AII Type = 0x01 Metz, et al. Expires January 2006 [Page 8] Internet-Draft AII Types for Aggregation July 2005 Length = variable Flags = 0x00 Global ID = 0x00000002 Prefix Length = 24 Prefix = 192.0.2.0 AC ID = null Here we have aggregated all AIIs contained on up to 254 remote PEs in a specific ASN into a single AII aggregate. This would likely apply in an inter-domain case and would be used to limit external AII reachability to just those PEs sharing a common IPv4 prefix. ôAll AIIs contained on a single remote PE (192.0.2.21) located in ASN = 2ö is summarized as: AII Type = 0x01 Length = variable Flags = 0x00 Global ID = 0x00000002 Prefix Length = 32 Prefix = 192.0.2.21 AC ID = null This is per-PE aggregation. Observe that this could be useful in a single-domain environment. A local PE would only need to learn and store the AII aggregate of the remote PE rather then learn and store each individual AII value. AS in the previous example but now the provider wants to advertise a couple of specific AC IDs (00000001 and 00000003) on the remote PE of 192.0.2.3. Again the analogy is inter-domain routing where providers export more specific routes as a means of expressing routing policy. The provider in this case may wish to express their PW connectivity policies to these two respective attachment circuits on this PE. There would now be a single AII aggregate summarized as: AII Type = 0x01 Length = variable Flags = 0x00 Global ID = 0x00000002 Prefix Length = 32 Metz, et al. Expires January 2006 [Page 9] Internet-Draft AII Types for Aggregation July 2005 Prefix = 192.0.2.3 AC ID = null and two discrete AII ôspecificsö encoded as: AII Type = 0x01 Length = variable Flags = 0x00 Global ID = 0x00000002 Prefix Length = 32 Prefix = 192.0.2.3 AC ID = 00000001 and à AII Type = 0x01 Length = variable Flags = 0x00 Global ID = 0x00000002 Prefix Length = 32 Prefix = 192.0.2.3 AC ID = 00000003 Note that in this case we have punched a couple of holes into the AII aggregate space that will increase the amount of AII information that must be distributed. And finally here is an example where the global ID is zeroed and combination of the prefix (192.0.2.3) and AC ID (00000004) are used to identify a particular AII: AII Type = 0x01 Length = variable Flags = 0x00 Global ID = 0x00000000 Prefix Length = 32 Prefix = 192.0.2.3 AC ID = 00000004 Metz, et al. Expires January 2006 [Page 10] Internet-Draft AII Types for Aggregation July 2005 2.2. Long Prefix AII Type The Long Prefix AII type employs a global ID and variable-length prefixes up to 256 bits (versus 32 bits for the Short Prefix AII type) in length to create AII values and their aggregates. The Long Prefix AII type might be useful to providers with an NSAP-based provisioning system or who are migrating a network with an NSAP addressing scheme to a network supporting PW connectivity. It can also be used to auto-generate AII aggregates based on /128 IPv6 and /32 IPv4 PE loopbacks. The encoding of the Long Prefix AII type is shown in figure 3: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | AII Type=02 | Length | Flags | Global ID | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Global ID (contd.) | Prefix Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | | | | | Prefix | | | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 3 Long Prefix AII TLV Structure o AII Type = 0x02 o Length = length of value field in octets o Flags = One octet flags field reserved for future use. The FLAGS field MUST be set to zero when transmitting a message containing this AII type and MUST BE ignored when receiving a message containing this AII type. Metz, et al. Expires January 2006 [Page 11] Internet-Draft AII Types for Aggregation July 2005 o Global ID = This is a 4 octet field containing a value that is unique to the provider. The global ID can contain the 2 octet or 4 octet value of the providerÆs Autonomous System Number, a global unicast IPv6 /48 prefix assigned to the provider or some other globally unique value up to 4 octets in length. It is expected that the global ID will be derived from the globally unique AS number of the autonomous system hosting the PEs containing the actual AIIs. If the PE hosting the AIIs is present in an autonomous system where the provider is not running BGP, chooses not to expose this information or does not wish to use the global ID, then the global ID field MUST be set to zero. If the global ID is derived from a 2-octet AS number, then the high-order 2 octets of this 4 octet field MUST be set to zero. Please note that the use of the providerÆs AS number as a global ID DOES NOT have anything at all to do with the use AS numberÆs in protocols such as BGP. o Prefix Length = One octet value representing the length of the prefix in bits. o Prefix = The Prefix is a value assigned by the provider or it can be automatically derived from the PEÆs local addressing scheme such as IPv6, NSAP or IPv4. If the prefix length is less than 256 then the prefix field is padded with zeroes out to 256 bits, but only the first bits are significant. On receipt, bits beyond the first number of bits MUST be ignored. This AII type does not employ an optional AC ID field. This is because there are sufficient bits available in the prefix field to hold a fully qualified target PE value auto-generated from 160 bit NSAP or 128 bit IPv6 addresses with the remainder available for attachment circuit identification. Here is an example of how the Long Prefix AII type applies. Again we assume that the AGI value is null and that the AII aggregate is auto- generated from the loopback address of the PE. ôAll AIIs contained on a single remote IPv6 PE (2001:DB8:C003:1:0:0:0:1234) located in ASN = 3ö is summarized as: AII Type = 0x02 Metz, et al. Expires January 2006 [Page 12] Internet-Draft AII Types for Aggregation July 2005 Length = variable Flags = 0x00 Global ID = 0x00000003 Prefix Length = 128 Prefix = 2001:DB8:C003:1:0:0:0:1234 This is an example of per-PE aggregation. Identification of a specific attachment circuit (01) on this PE requires a fully qualified long prefix AII type consisting of: AII Type = 0x02 Length = variable Flags = 0x00 Global ID = 0x00000003 Prefix Length = 256 Prefix = 2001:DB8:C003:1:0:0:0:1234::01 3. IANA Considerations This document requests that IANA allocate three AII types from the "Attachment Individual Identifier (AII) Type" registry defined in [IANA]. The suggested values for the AAI types are: Value Description 0x01 Short Prefix AII Type 0x02 Long Prefix AII Type 4. Security Considerations AII values appear in AII distribution protocols [MP-BGP-AUTO-DISC] and PW signaling protocols [PWE3-CONTROL] and are subject to various authentication schemes (i.e. MD5) if so desired. The use of global ID values (e.g. ASN) in the inter-provider case could enable a form of source-validation checking to ensure that the AII value (aggregated or explicit) originated from a legitimate source. Metz, et al. Expires January 2006 [Page 13] Internet-Draft AII Types for Aggregation July 2005 5. Acknowledgments Thanks to Carlos Pignataro, Scott Brim, Skip Booth and George Swallow for their input into this draft. Metz, et al. Expires January 2006 [Page 14] Internet-Draft AII Types for Aggregation July 2005 6. References [PWE3-CONTROL], ôPseudowire Setup and Maintenance using LDPö, draft-ietf-pwe3-control-protocol-17.txt, June 2005 [IANA], "IANA Allocations for pseudo Wire Edge to Edge Emulation (PWE3)" Martini,Townsley, draft-ietf-pwe3-iana-allocation- 10.txt, work in progress), June 2005 [L2VPN-SIG], ôProvisioning Models and Endpoint Identifiers in L2VPN Signalingö, draft-ietf-l2vpn-signaling-03.txt, Feb. 2005 [REQ-MH-PW], ôRequirements for inter domain Pseudo-Wiresö, draft- ietf-pwe3-ms-pw-requirements-00.txt, Internet Draft, June 2005 [MP-BGP-AUTO-DISC], ôUsing BGP as an Auto-Discovery Mechanism for Layer-3 and Layer-2 VPNsö, Ould-Brahim, H. et al, draft- ietf-l3vpn-bgpvpn-auto-06.txt, June 2005 Author's Addresses Chris Metz Cisco Systems, Inc. 3700 Cisco Way San Jose, Ca. 95134 Email: chmetz@cisco.com Luca Martini Cisco Systems, Inc. 9155 East Nichols Avenue, Suite 400 Englewood, CO, 80112 Email: lmartini@cisco.com Florin Balus Nortel 3500 Carling Ave. Metz, et al. Expires January 2006 [Page 15] Internet-Draft AII Types for Aggregation July 2005 Ottawa, Ontario, CANADA Email: balus@nortel.com Jeff Sugimoto Nortel 3500 Carling Ave. Ottawa, Ontario, CANADA Email: sugimoto@nortel.com Intellectual Property Statement The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org Disclaimer of Validity This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Metz, et al. Expires January 2006 [Page 16] Internet-Draft AII Types for Aggregation July 2005 Copyright Statement Copyright (C) The Internet Society (2005). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. Acknowledgment Funding for the RFC Editor function is currently provided by the Internet Society. Metz, et al. Expires January 2006 [Page 17]