Internet Engineering Task Force (IETF) V. Govindan
Request for Comments: 7886 C. Pignataro
Category: Standards Track Cisco
ISSN: 2070-1721 July 2016
Internet Engineering Task Force (IETF) V. Govindan
Request for Comments: 7886 C. Pignataro
Category: Standards Track Cisco
ISSN: 2070-1721 July 2016
Advertising Seamless Bidirectional Forwarding Detection (S-BFD) Discriminators in the Layer Two Tunneling Protocol Version 3 (L2TPv3)
第二层隧道协议版本3(L2TPv3)中的广告无缝双向转发检测(S-BFD)鉴别器
Abstract
摘要
This document defines a new Attribute-Value Pair (AVP) that allows L2TP Control Connection Endpoints (LCCEs) to advertise one or more Seamless Bidirectional Forwarding Detection (S-BFD) Discriminator values using the Layer Two Tunneling Protocol version 3 (L2TPv3).
本文档定义了一个新的属性值对(AVP),该属性值对允许L2TP控制连接端点(LCCE)使用第二层隧道协议版本3(L2TPv3)公布一个或多个无缝双向转发检测(S-BFD)鉴别器值。
Status of This Memo
关于下段备忘
This is an Internet Standards Track document.
这是一份互联网标准跟踪文件。
This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 7841.
本文件是互联网工程任务组(IETF)的产品。它代表了IETF社区的共识。它已经接受了公众审查,并已被互联网工程指导小组(IESG)批准出版。有关互联网标准的更多信息,请参见RFC 7841第2节。
Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc7886.
有关本文件当前状态、任何勘误表以及如何提供反馈的信息,请访问http://www.rfc-editor.org/info/rfc7886.
Copyright Notice
版权公告
Copyright (c) 2016 IETF Trust and the persons identified as the document authors. All rights reserved.
版权所有(c)2016 IETF信托基金和确定为文件作者的人员。版权所有。
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
本文件受BCP 78和IETF信托有关IETF文件的法律规定的约束(http://trustee.ietf.org/license-info)自本文件出版之日起生效。请仔细阅读这些文件,因为它们描述了您对本文件的权利和限制。从本文件中提取的代码组件必须包括信托法律条款第4.e节中所述的简化BSD许可证文本,并提供简化BSD许可证中所述的无担保。
Table of Contents
目录
1. Introduction ....................................................2
1.1. Terminology ................................................2
2. S-BFD Target Discriminator ID AVP ...............................2
2.1. Encoding Format ............................................3
3. IANA Considerations .............................................4
4. Security Considerations .........................................4
5. References ......................................................5
5.1. Normative References .......................................5
5.2. Informative References .....................................5
Acknowledgements ...................................................6
Contributors .......................................................6
Authors' Addresses .................................................6
1. Introduction ....................................................2
1.1. Terminology ................................................2
2. S-BFD Target Discriminator ID AVP ...............................2
2.1. Encoding Format ............................................3
3. IANA Considerations .............................................4
4. Security Considerations .........................................4
5. References ......................................................5
5.1. Normative References .......................................5
5.2. Informative References .....................................5
Acknowledgements ...................................................6
Contributors .......................................................6
Authors' Addresses .................................................6
[RFC7880] defines a simplified mechanism to use Bidirectional Forwarding Detection (BFD) [RFC5880], referred to as Seamless Bidirectional Forwarding Detection (S-BFD). The S-BFD mechanism depends on network nodes knowing the BFD Discriminators that each node in the network has reserved for this purpose. S-BFD requires the usage of unique discriminators within an administrative domain. The use of the Layer Two Tunneling Protocol version 3 (L2TPv3) [RFC3931] is one possible means of advertising these discriminators.
[RFC7880]定义了使用双向转发检测(BFD)[RFC5880]的简化机制,称为无缝双向转发检测(S-BFD)。S-BFD机制依赖于网络节点知道网络中每个节点为此目的保留的BFD鉴别器。S-BFD要求在管理域中使用唯一的鉴别器。使用第二层隧道协议版本3(L2TPv3)[RFC3931]是宣传这些鉴别器的一种可能方式。
This document specifies the encoding to be used when S-BFD Discriminators are advertised using L2TPv3.
本文件规定了使用L2TPv3播发S-BFD鉴别器时使用的编码。
The reader is expected to be very familiar with the terminology and protocol constructs defined in S-BFD (see Section 2 of [RFC7880]) and L2TPv3 (see Section 1.3 of [RFC3931]).
读者应非常熟悉S-BFD(见[RFC7880]第2节)和L2TPv3(见[RFC3931]第1.3节)中定义的术语和协议结构。
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119].
本文件中的关键词“必须”、“不得”、“要求”、“应”、“不应”、“应”、“不应”、“建议”、“可”和“可选”应按照RFC 2119[RFC2119]中所述进行解释。
The S-BFD Target Discriminator Identifier (ID) Attribute Value Pair (AVP) is exchanged using the ICRQ (Incoming-Call-Request), ICRP (Incoming-Call-Reply), OCRQ (Outgoing-Call-Request), and OCRP (Outgoing-Call-Reply) control messages during session negotiation.
在会话协商期间,使用ICRQ(传入呼叫请求)、ICRP(传入呼叫应答)、OCRQ(传出呼叫请求)和OCRP(传出呼叫应答)控制消息交换S-BFD目标鉴别器标识符(ID)属性值对(AVP)。
The S-BFD Target Discriminator ID AVP, Attribute Type 102, is an identifier used to advertise the S-BFD target discriminator(s) supported by an L2TP Control Connection Endpoint (LCCE) for the S-BFD reflector operation. This AVP indicates that the advertiser implements an S-BFD reflector supporting the specified target discriminator(s) and is ready for S-BFD reflector operation. The receiving LCCE MAY use this AVP if it wants to monitor connectivity to the advertising LCCE using S-BFD.
属性类型102的S-BFD目标鉴别器ID AVP是一个标识符,用于公布L2TP控制连接端点(LCCE)支持的S-BFD反射器操作的S-BFD目标鉴别器。该AVP表示广告客户实现了支持指定目标鉴别器的S-BFD反射器,并准备好进行S-BFD反射器操作。如果接收LCCE希望使用S-BFD监控与广告LCCE的连接,则可以使用该AVP。
The Attribute Value field for this AVP has the following format:
此AVP的属性值字段具有以下格式:
S-BFD Target Discriminator ID (ICRQ, ICRP, OCRQ, OCRP):
S-BFD目标鉴别器ID(ICRQ、ICRP、OCRQ、OCRP):
No. of octets
+-----------------------------+
| Discriminator Value(s) | 4/Discriminator
: :
+-----------------------------+
No. of octets
+-----------------------------+
| Discriminator Value(s) | 4/Discriminator
: :
+-----------------------------+
An LCCE MAY include the S-BFD Target Discriminator ID AVP advertisement in an L2TP control message (ICRQ, ICRP, OCRQ, OCRP) [RFC3931]. If the other LCCE does not wish to monitor connectivity using S-BFD, it MAY safely discard this AVP without affecting the rest of session negotiation. While [RFC7880] concerns itself with the advertisement of only one discriminator unless the mapping of discriminators to entities is specified, the AVP encoding allows the specification of an arbitrary number of S-BFD Discriminators (at least one) for extensibility.
LCCE可以在L2TP控制消息(ICRQ、ICRP、OCRQ、OCRP)[RFC3931]中包括S-BFD目标鉴别器ID AVP广告。如果另一个LCCE不希望使用S-BFD监控连接,它可以安全地丢弃此AVP,而不会影响会话协商的其余部分。尽管[RFC7880]只关注一个鉴别器的公布,除非指定了鉴别器到实体的映射,但AVP编码允许为扩展性指定任意数量的S-BFD鉴别器(至少一个)。
When an LCCE uses the S-BFD Target Discriminator ID AVP advertisement, multiple S-BFD Discriminators MAY be included, and at least one S-BFD Discriminator MUST be included. When one S-BFD Discriminator is advertised, such an S-BFD Discriminator is associated with the L2TPv3 session. When multiple S-BFD Discriminators are advertised, how a given discriminator is mapped to a specific use case is out of scope for this document.
当LCCE使用S-BFD目标鉴别器ID AVP广告时,可以包括多个S-BFD鉴别器,并且必须包括至少一个S-BFD鉴别器。当播发一个S-BFD鉴别器时,这样的S-BFD鉴别器与L2TPv3会话相关联。当发布多个S-BFD鉴别器时,给定鉴别器如何映射到特定用例超出了本文档的范围。
The S-BFD Target Discriminator ID AVP allows for advertising at least one S-BFD Discriminator value:
S-BFD目标鉴别器ID AVP允许公布至少一个S-BFD鉴别器值:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Discriminator 1 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Discriminator 2 (Optional) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ... |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Discriminator n (Optional) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Discriminator 1 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Discriminator 2 (Optional) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ... |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Discriminator n (Optional) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
The M bit of the L2TP control message (ICRQ, ICRP, OCRQ, OCRP) [RFC3931] MUST NOT be set inside the S-BFD Target Discriminator ID AVP.
L2TP控制消息(ICRQ、ICRP、OCRQ、OCRP)[RFC3931]的M位不得设置在S-BFD目标鉴别器ID AVP内。
IANA maintains the "Control Message Attribute Value Pairs" sub-registry as per [RFC3438]. IANA has assigned the following value to the S-BFD Target Discriminator ID:
IANA按照[RFC3438]维护“控制消息属性值对”子注册表。IANA已将以下值分配给S-BFD目标鉴别器ID:
Control Message Attribute Value Pairs
控制消息属性值对
Attribute
Type Description
----------- ------------------
102 S-BFD Target Discriminator ID
Attribute
Type Description
----------- ------------------
102 S-BFD Target Discriminator ID
Security concerns for L2TP are addressed in [RFC3931]. The introduction of the S-BFD Target Discriminator ID AVP advertisement introduces no new security risks for L2TP.
关于L2TP的安全问题,请参见[RFC3931]。S-BFD目标鉴别器ID AVP广告的引入不会给L2TP带来新的安全风险。
Advertising the S-BFD Discriminators makes it possible for attackers to initiate S-BFD sessions using the advertised information. The vulnerabilities this poses and how to mitigate them are discussed in the Security Considerations section of [RFC7880].
公布S-BFD鉴别器使攻击者能够使用公布的信息启动S-BFD会话。[RFC7880]的“安全注意事项”部分讨论了由此造成的漏洞以及如何缓解这些漏洞。
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, <http://www.rfc-editor.org/info/rfc2119>.
[RFC2119]Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,DOI 10.17487/RFC2119,1997年3月<http://www.rfc-editor.org/info/rfc2119>.
[RFC3438] Townsley, W., "Layer Two Tunneling Protocol (L2TP) Internet Assigned Numbers Authority (IANA) Considerations Update", BCP 68, RFC 3438, DOI 10.17487/RFC3438, December 2002, <http://www.rfc-editor.org/info/rfc3438>.
[RFC3438]汤斯利,W.“第二层隧道协议(L2TP)互联网分配号码管理局(IANA)注意事项更新”,BCP 68,RFC 3438,DOI 10.17487/RFC3438,2002年12月<http://www.rfc-editor.org/info/rfc3438>.
[RFC3931] Lau, J., Ed., Townsley, M., Ed., and I. Goyret, Ed., "Layer Two Tunneling Protocol - Version 3 (L2TPv3)", RFC 3931, DOI 10.17487/RFC3931, March 2005, <http://www.rfc-editor.org/info/rfc3931>.
[RFC3931]Lau,J.,Ed.,Townsley,M.,Ed.,和I.Goyret,Ed.,“第二层隧道协议-版本3(L2TPv3)”,RFC 3931,DOI 10.17487/RFC3931,2005年3月<http://www.rfc-editor.org/info/rfc3931>.
[RFC7880] Pignataro, C., Ward, D., Akiya, N., Bhatia, M., and S. Pallagatti, "Seamless Bidirectional Forwarding Detection (S-BFD)", RFC 7880, DOI 10.17487/RFC7880, July 2016, <http://www.rfc-editor.org/info/rfc7880>.
[RFC7880]Pignataro,C.,Ward,D.,Akiya,N.,Bhatia,M.,和S.Pallagati,“无缝双向转发检测(S-BFD)”,RFC 7880,DOI 10.17487/RFC78802016年7月<http://www.rfc-editor.org/info/rfc7880>.
[RFC5880] Katz, D. and D. Ward, "Bidirectional Forwarding Detection (BFD)", RFC 5880, DOI 10.17487/RFC5880, June 2010, <http://www.rfc-editor.org/info/rfc5880>.
[RFC5880]Katz,D.和D.Ward,“双向转发检测(BFD)”,RFC 5880,DOI 10.17487/RFC5880,2010年6月<http://www.rfc-editor.org/info/rfc5880>.
Acknowledgements
致谢
The authors would like to thank Nobo Akiya, Stewart Bryant, and Pawel Sowinski for providing core inputs for the document, performing thorough reviews, and providing a number of comments. The authors would also like to thank Nagendra Kumar for his reviews.
作者要感谢Nobo Akiya、Stewart Bryant和Pawel Sowinski为该文件提供了核心投入,进行了彻底的审查,并提出了许多意见。作者还要感谢Nagendra Kumar的评论。
Contributors
贡献者
Mallik Mudigonda Cisco Systems, Inc.
Mallik Mudigonda思科系统公司。
Email: mmudigon@cisco.com
Email: mmudigon@cisco.com
Authors' Addresses
作者地址
Vengada Prasad Govindan Cisco Systems, Inc.
Vengada Prasad Govindan思科系统公司。
Email: venggovi@cisco.com
Email: venggovi@cisco.com
Carlos Pignataro Cisco Systems, Inc.
卡洛斯·皮格纳塔罗思科系统公司。
Email: cpignata@cisco.com
Email: cpignata@cisco.com