Chair IEEE US TAG to ISO/IEC JTC1 SC22/WG13...• Custom made for the job • Very bare bones,...
Transcript of Chair IEEE US TAG to ISO/IEC JTC1 SC22/WG13...• Custom made for the job • Very bare bones,...
Chair
IEEE US TAG
to
ISO/IEC JTC1
SC22/WG13
2018.11.10 IETF/IEEE Discovery 0Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
But I Have Recovered
2018.11.10 IETF/IEEE Discovery 1Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
Where it Started
Entering the
Rabbit Hole
(an example)
2018.11.10 IETF/IEEE Discovery 3Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
IIJ is Building a Second
Medium Scale Data
Center (MSDC)
in Shiroi/Chiba
Capacity of 6k Racks
2018.11.10 IETF/IEEE Discovery 4Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
OSPF OK to 500 Nodes
IS-IS good to 1,000
Limited Because They
Repeatedly Flood
Everything2018.11.10 IETF/IEEE Discovery 5Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
Your Clos on IS-IS or OSPF
2018.11.10 IETF/IEEE Discovery 6Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
BGP Scales Because
It Signals
Only Changes
So BGP has become
common in MSDCs2018.11.10 IETF/IEEE Discovery 7Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
But What is the
Decision Process?
2018.11.10 IETF/IEEE Discovery 8Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
WAN
Consult the Professor
2018.11.10 IETF/IEEE Discovery 9Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
Shortest Path First
Edsger W Dijkstra1930-2002
BGP-SPF
2018.11.10 IETF/IEEE Discovery 10Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
The Path Calculation of IS-IS
With the Update Rate of BGP
BGP Only Signals
Changes
Does Not Repeatedly
Flood Link State
2018.11.10 IETF/IEEE Discovery 11Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
2018.11.10 IETF/IEEE Discovery 12Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
Neighbor Distribution
Route ReflectionOutbound Policy
Inbound PolicyLink State
AS-Path LengthEGP vs IGP
Arrival OrderNon-deterministic
MEDIGP metricTie Break
BGP4Classic
2018.11.10 IETF/IEEE Discovery 13Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
Neighbor Distribution
Route ReflectionOutbound Policy
Inbound PolicyLink State
AS-Path LengthEGP vs IGP
Arrival OrderNon-deterministic
MEDIGP metricTie Break
SPF
Removed!
BGP-SPF
But ...
How Does BGP-SPF
Learn Link State?
2018.11.10 IETF/IEEE Discovery 14Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
Link Discovery
and Liveness
What do we really need?
2018.11.10 IETF/IEEE Discovery 16Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
We Are Here
2018.11.10 IETF/IEEE Discovery 17Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
Trying to Discover
Two Kinds of Standards
Union – the accumulation of all the
features anybody wanted
Intersection – only those things everybody
absolutely had to have
Either Tony Hoare or Klaus Wirth – I can not find the quote <blush>
2018.11.10 IETF/IEEE Discovery 18Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
IETF asks the ITUQ: So you add features until the “NO”s stop?
A: We don’t like to think of it that way
2018.11.10 IETF/IEEE Discovery 19Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
Must Haves
• Discover Nodes and Links
• Discover Link Encapsulations:
• IPv4, IPv6, MPLS4/6
• Maintain Liveness
• Northbound API to BGP-SPF
2018.11.10 IETF/IEEE Discovery 20Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
Security
2018.11.10 IETF/IEEE Discovery 21Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
Security?
• Datacenter Ops seem not to think of
security at this layer (or any!)
• Do we want to add Authentication and
maybe Integrity?
• One of the things which are likely to
drive the size over 1,500
2018.11.10 IETF/IEEE Discovery 22Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
Non-Features
• Routing Data, BGP-SPF does that
• Access to IGP Databases, This is
discovery and liveness, not routing
• Just want the Link
• Transport, not our job
2018.11.10 IETF/IEEE Discovery 23Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
Desiderata• Discovery & Liveness for BGP-SPF
• Simple but usable in Massively Scalable
networks of >10,000 nodes
• May be useful for other applications
• Simple
• Extensible (e.g. authentication, cost)
• Simple
• No IPR
2018.11.10 IETF/IEEE Discovery 24Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
Why Simple?
We are here to produce easily
understood, implementable, and
securable standards, not build
résumés.
2018.11.10 IETF/IEEE Discovery 25Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
Why Simple?
A high goal of software engineering is
to remove the need for features. It's
a vital part of designing for simplicity,
even invisibility. -- Rob Pike
2018.11.10 IETF/IEEE Discovery 26Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
LLDP
• IEEE Protocol
• A Little Noisy
• Beacons, not KeepAlives
• Viable but potential Show-
Stopper
2018.11.10 IETF/IEEE Discovery 27Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
IS-IS Discovery
• Flooding & Noisy
• Complex enough that BGP-LS was
invented so normals could get the
link state database
• IS-IS not commonly implemented
on MSDC devices, so would need to
profile and develop
2018.11.10 IETF/IEEE Discovery 28Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
Edge Control Protocol
• It is a transport & Controlled by IEEE
• A Reliable layer two transport, on top
of LLC
• Has flow control, reliable, non-reorder,
... transport
• used for EVP and PD/CSP
• Reinventing TCP over 802.1
2018.11.10 IETF/IEEE Discovery 29Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
BGP Neighbor Autodiscovery
• IETF Unrealistic & Incomplete Protocol
• Very new
• Needs the peering address to get the
peering address
• AS Based, can not use other idents
• Not really discovery at all, configuration
• No liveness2018.11.10 IETF/IEEE Discovery 30Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
Link State Over Ether
• Custom made for the job
• Very bare bones, brutally simple
• Only does discovery and liveness
• New, therefore risky, still in flux
• But so is BGP-SPF
• No measurement or monitoring tools
2018.11.10 IETF/IEEE Discovery 31Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
2018.11.10 IETF/IEEE Discovery 32Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
LLDP IS-IS ECP BNA LSOE
WhoOwns IEEE IETF IEEE IETF IETF
Maturity Mature Mature Recent New New
Complexity Somewhat Noisy Rather SomewhatAlmost too Simple
Discovery Yes Yes Yes Configure Yes
Liveness Beacons Yes No No Yes
So a New Protocol
2018.11.10 IETF/IEEE Discovery 33Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
2018.11.10 IETF/IEEE Discovery 34Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
East West Protocol
Device DeviceDevice
Link CheckAFI/SAFIs
Link CheckAFI/SAFIs
Link CheckAFI/SAFIs
BGP-SPF BGP-SPF BGP-SPFTCP TCP TCPTCP
Ether PDUs Ether PDUs Ether PDUs
PDU
• A PDU (Protocol Data Unit) is an
application layer message
• It may occupy multiple Datagrams
• Datagrams are one per Ethernet Frame
2018.11.10 IETF/IEEE Discovery 35Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
Datagram
• A Datagram is one Ethernet Frame
• A Datagram has Number, Length, and Checksum
• The L flag is set on the last datagram of an application layer PDU
• This Transport Layer assembles PDUs
2018.11.10 IETF/IEEE Discovery 36Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Version |L|Datagram Number| Datagram Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Every Datagram a TLV
2018.11.10 IETF/IEEE Discovery 37Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | PDU Length | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +
| Value ... |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
0 – HELLO
1 - OPEN
2 - KEEPALIVE
3 - ACK
4 - IPv4 Announcement
5 - IPv6 Announcement
6 - MPLS IPv4 Announcement
7 - MPLS IPv6 Announcement
Sessions are
Pretty Clear
OPEN and Encapsulation
PDUs are ACKed
2018.11.10 IETF/IEEE Discovery 38Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
2018.11.10 IETF/IEEE Discovery 39Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
| HELLO |
|<--------------------------->| Mandatory
| |
| OPEN | MACs, IDs
|<--------------------------->| Mandatory
| OPEN |
| |
| Interface IPv4 Addresses | Interface IPv4 Addresses
|<--------------------------->| Optional
| |
| Interface IPv6 Addresses | Interface IP4 Addresses
|<--------------------------->| Optional
| |
| Interface MPLSv4 Labels | MPLS IPv4 Addresses
|<--------------------------->| Optional
| |
| Interface MPLSv6 Labels | MPLS IPv6 Addresses
|<--------------------------->| Optional
| |
| Layer 2 KeepAlives | Layer 2 Liveness
|<--------------------------->|
Inter-Link Ether Protocol
Link HELLO
2018.11.10 IETF/IEEE Discovery 40Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type = 0 | PDU Length = 9 | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +
| MyMAC Address |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+-+-+-+-+-+-+-+-+
• HELLO is Multicast, à la LLDP
• Each device learns the other's MAC from its HELLO whining. All devices on a wire/interface know each others MACs and learn each other’s IDs
• Respond with OPEN
• A multi-point topology is a set of point-to-point links
• Config to be link-only or piercing switches
OPEN
2018.11.10 IETF/IEEE Discovery 41Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type = 2 | PDU Length | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +
| |
+ +
| Local ID |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | |
+-+-+-+-+-+-+-+-+ +
| Remote ID (or Zero) |
+ +-+-+-+-+-+-+-+-+
| | AttrCount |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Attribute List ... | Auth Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ... | Authentication Data ... |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Local/Remote IDs
2018.11.10 IETF/IEEE Discovery 42Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
Might be • an ASN with high order bits zero• a classic RouterID with high order
bits zero• a catenation of the two• a 80-bit ISO System-ID• or any other identifier unique to a
single device in the current routing space
Attributes
2018.11.10 IETF/IEEE Discovery 43Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
A node may have zero or more user-defined attributes, e.g. spine, leaf, backbone, route reflector, arabica, ...
Nodes exchange their attributes only in the OPEN message
Authentication Data
2018.11.10 IETF/IEEE Discovery 44Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
• Specific to the Operational Environment
• Might be Certificate derived from Op’s CA
• Failure to authenticate is a failure to start the LSOE association, and HELLOs MUST BE restarted.
2018.11.10 IETF/IEEE Discovery 45Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
ACK0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type = 3 | Length = 4 | PDU Type |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
• The Receiver ACKs with a Type=3
• PDU Type is the Type of the PDU being ACKed
• Might add PDU Number being ACKed
• If the Sender does not receive an ACK in one second, they retransmit. Operator configured failure count.
2018.11.10 IETF/IEEE Discovery 46Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
Once We Know
Each Other’s MACs
Layer Two KeepAlives
May be Started
2018.11.10 IETF/IEEE Discovery 47Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
L2 KEEPALIVE0 1 2
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type = 2 | Length = 3 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
This is in addition to L3 BFD etc.
We assume that one or more Encapsulation addresses will be used to ping, BFD, or whatever the operator configures
2018.11.10 IETF/IEEE Discovery 48Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
We Know MAC/Ether Link State
of This Device & Neighbor
And Node IDs (often ASNs)
Now Announce Encapsulations
of the Link Interfaces
2018.11.10 IETF/IEEE Discovery 49Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
Encapsulation
PDU Header0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | PDU Length | Count |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ... | Encapsulation List... |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
2018.11.10 IETF/IEEE Discovery 50Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
IPv4 Encapsulations0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type = 4 | PDU Length | Count |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ... | PrimLoop Flags| IPv4 Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ... | PrefixLen | PrimLoop Flags|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IPv4 Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| PrefixLen | more ... |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
An Encapsulation message describes zero or more addresses of the encapsulation type.
An Encapsulation message of Type T replaces all previous encapsulations of Type T
PrimLoop Flags
2018.11.10 IETF/IEEE Discovery 51Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
0 1 2 3 ... 7
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Primary | Loopback | Reserved ... |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
• An Interface may have multiple Encapsulations
• For each Encapsulation there might be multiple Addresses
• One Address per Encapsulation SHOULD be marked as Primary
• An Address may be marked as a loopback
2018.11.10 IETF/IEEE Discovery 52Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
IPv6 Encapsulations
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type = 5 | PDU Length | Count |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ... | PrimLoop Flags| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +
| |
+ +
| |
+ +
| IPv6 Address |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | PrefixLen | more ... |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
2018.11.10 IETF/IEEE Discovery 53Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
MPLS IPv4 Encapsulations
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type = 6 | PDU Length | Count |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ... | PrimLoop Flags| MPLS Label List ... |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ... | IPv4 Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ... | PrefixLen | PrimLoop Flags|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| MPLS Label List ... |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IPv4 Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Prefix Len | more ... |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
MPLS Label List
2018.11.10 IETF/IEEE Discovery 54Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Label Count | Label | Exp |S|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Label | Exp |S| more ... |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
2018.11.10 IETF/IEEE Discovery 55Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
Use Multiple MPLS Label
Encapsulations to Allow One
Label to be Associated with
Multiple AFI/SAFIs and/or
Multiple IP Addresses
2018.11.10 IETF/IEEE Discovery 56Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
MPLS IPv6 Encapsulations+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type = 7 | PDU Length | Count |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ... | PrimLoop Flags| MPLS Label List ... |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ... | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +
| |
+ +
| |
+ +
| IPv6 Address |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | Prefix Len | PrimLoop Flags|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| MPLS Label List ... |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ +
| |
+ IPv6 Address +
| |
+ +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Prefix Len | more ... |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
We’re Looking at
Security
2018.11.10 IETF/IEEE Discovery 57Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
Are you the Droid
I was talking to
Earlier?
2018.11.10 IETF/IEEE Discovery 58Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
Thinking of Security• OPEN has public key plus …
• Signed with private key, proves possession
• All PDUs signed with 512-bit suffix
• KEEPALIVE could get a sequence number
to reduce replay attack window
• Maybe a later Proof of Possession
Challenge / Response PDU pair
2018.11.10 IETF/IEEE Discovery 59Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
2018.11.10 IETF/IEEE Discovery 60Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
Layer-3 IP/Label Liveness
Should Also be Tested
One or more Discovered
AFI/SAFI Addresses Are
Used to Ping, BFD, … to
Assure Layer-3 Liveness
We now know all links, IDs,
Encapsulation Types, and
Addresses of this Device
Now Present an API to
Topology and Dijkstra Layers
2018.11.10 IETF/IEEE Discovery 61Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
BGP-LS (RFC 7752)
an extension to BGP to
distribute the network’s
link-state (LS) topology
2018.11.10 IETF/IEEE Discovery 62Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
2018.11.10 IETF/IEEE Discovery 63Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
North/South Protocol
Device DeviceDevice
Link CheckAFI/SAFIs
Link CheckAFI/SAFIs
Link CheckAFI/SAFIs
BGP-SPF BGP-SPF BGP-SPFTCP TCP TCPTCP
7752-subset API 7752-subset API 7752-subset API
Ether PDUs Ether PDUs Ether PDUs
Open Questions
2018.11.10 IETF/IEEE Discovery 64Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
Should HELLO go
Through
an intermediate
Layer Two Switch
2018.11.10 IETF/IEEE Discovery 65Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
Are HELLO and
KEEPALIVE
Redundant?
2018.11.10 IETF/IEEE Discovery 66Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
Should PDUs be
Numbered so ACKs
are not Ambiguous
2018.11.10 IETF/IEEE Discovery 67Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
Should the
Version Number
be Fail on MisMatch?
2018.11.10 IETF/IEEE Discovery 68Creative Commons: Attribution-NonCommercial-ShareAlike 2.0
A Python3
Implementation is in
Progress
2018.11.10 IETF/IEEE Discovery 69Creative Commons: Attribution-NonCommercial-ShareAlike 2.0