OSPF Bidirectional Forwarding Detection (BFD) Strict-ModeCisco Systems, Inc.Indiaketant.ietf@gmail.comCisco Systems, Inc.Apollo Business CenterMlynske nivy 43Bratislava821 09Slovakiappsenak@cisco.comBloombergUnited States of Americaafu14@bloomberg.netJuniper NetworksIndiamrajesh@juniper.net
rtg
lsrIGPOSPFThis document specifies the extensions to OSPF that enable an OSPF
router to signal the requirement for a Bidirectional Forwarding
Detection (BFD) session prior to adjacency formation. Link-Local
Signaling (LLS) is used to advertise the requirement for strict-mode BFD
session establishment for an OSPF adjacency. If both OSPF neighbors
advertise BFD strict-mode, adjacency formation will be blocked until a
BFD session has been successfully established.This document updates RFC 2328 by augmenting the OSPF neighbor state
machine with a check for BFD session up before progression from Init to
2-Way state when operating in OSPF BFD strict-mode.Status of This Memo
This is an Internet Standards Track document.
This document is a product of the Internet Engineering Task Force
(IETF). It represents the consensus of the IETF community. It has
received public review and has been approved for publication by
the Internet Engineering Steering Group (IESG). Further
information on Internet Standards is available in Section 2 of
RFC 7841.
Information about the current status of this document, any
errata, and how to provide feedback on it may be obtained at
.
Copyright Notice
Copyright (c) 2023 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
() in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with
respect to this document. Code Components extracted from this
document must include Revised BSD License text as described in
Section 4.e of the Trust Legal Provisions and are provided without
warranty as described in the Revised BSD License.
Table of Contents
. Introduction
. Requirements Language
. LLS B-Bit Flag
. Local Interface IPv4 Address TLV
. Procedures
. OSPFv3 IPv4 AF Specifics
. Graceful Restart Considerations
. Operations and Management Considerations
. Backward Compatibility
. IANA Considerations
. Security Considerations
. References
. Normative References
. Informative References
Acknowledgements
Authors' Addresses
IntroductionBidirectional Forwarding Detection (BFD)
enables routers to monitor data plane connectivity and to detect faults
in the bidirectional path between them.
BFD is leveraged by routing
protocols like OSPFv2 and OSPFv3 to detect connectivity failures for established
adjacencies faster than the OSPF Hello dead timer detection and to trigger
rerouting of traffic around the failure. The use of BFD for monitoring
routing protocol adjacencies is described in .When BFD monitoring is enabled for OSPF adjacencies by the network
operator, the BFD session is bootstrapped based on the neighbor address
information discovered by the exchange of OSPF Hello packets. Faults in
the bidirectional forwarding detected via BFD then result in the OSPF
adjacency being brought down. A degraded or poor-quality link may result
in intermittent packet drops. In such scenarios, implementations prior to the extensions specified in this document may still get an OSPF adjacency established over such a link; however, given the more aggressive monitoring intervals supported by BFD, a BFD session may not get established and/or may flap. The traffic forwarded over such a link would
experience packet drops, and the failure of the BFD session establishment
will not enable fast routing convergence. OSPF adjacency flaps may
occur over such links when OSPF brings up the adjacency only for it to be
brought down again by BFD.To avoid the routing churn associated with these scenarios, it would
be beneficial not to allow OSPF to establish an adjacency until a BFD
session is successfully established and has stabilized.
However, this
would preclude the OSPF operation in an environment where not all OSPF
routers support BFD and have it enabled on the link. A solution is
to block OSPF adjacency establishment until a BFD session is established
as long as both neighbors advertise such a requirement. Such a mode of
OSPF BFD usage is referred to as "strict-mode". Strict-mode introduces
signaling support in OSPF to achieve the blocking of adjacency formation
until BFD session establishment occurs, as described in .This document specifies the OSPF protocol extensions using Link-Local
Signaling (LLS) for a router
to indicate to its neighbor the willingness to require BFD strict-mode for OSPF
adjacency establishment (refer to ). It also introduces an extension to
OSPFv3 LLS of the interface IPv4 address (refer
to ) to be used for the BFD
session setup when OSPFv3 is used for an IPv4 Address Family (AF)
instance.This document updates by augmenting the OSPF
neighbor state machine with a check for BFD session up before
progression from Init to 2-Way state when operating in OSPF BFD
strict-mode.The extensions and procedures for OSPF BFD strict-mode also apply for
adjacency over virtual links using BFD multi-hop procedures.A similar functionality for IS-IS is specified in .Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED",
"MAY", and "OPTIONAL" in this document are to be interpreted as
described in BCP 14
when, and only when, they appear in all capitals, as shown here.
LLS B-Bit FlagThis document defines the B-bit in the LLS Type 1 Extended Options
and Flags. This bit is defined for the LLS block that is included
in Hello and Database Description (DD) packets. The B-bit indicates that
BFD is enabled on the link and that the router requests OSPF BFD
strict-mode. describes the
position of the B-bit.A router MUST include the
LLS block with the B-bit set in the LLS Type 1 Extended Options and
Flags in its Hello and DD packets when OSPF BFD strict-mode is
enabled on the link.Local Interface IPv4 Address TLVThe Local Interface IPv4 Address TLV is an LLS TLV defined for OSPFv3
IPv4 AF instance protocol operation as
described in .It has the following format:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Local Interface IPv4 Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+where:
Type:
21
Length:
4 octets
Local Interface IPv4 Address:
The primary IPv4 address of the local interface.
ProceduresA router supporting OSPF BFD strict-mode advertises this capability
through its Hello packets as described in . When a
router supporting OSPF BFD strict-mode discovers a new neighbor router
that also supports OSPF BFD strict-mode, it will establish a BFD session with that neighbor first before bringing up the OSPF adjacency as
described further in this section.This document updates the OSPF neighbor state machine as described in
. Specifically, the operations related to the
Init state are modified as described below when OSPF BFD strict-mode is used:
Init (without OSPF BFD strict-mode):
In this state, a Hello packet has recently been received from the
neighbor. However, bidirectional communication has not yet been
established with the neighbor (i.e., the router itself did not
appear in the neighbor's Hello packet). All neighbors in this state
(or higher) are listed in the Hello packets sent from the associated
interface.
Init (with OSPF BFD strict-mode):
In this state, a Hello packet has recently been received from the
neighbor. However, bidirectional communication has not yet been
established with the neighbor (i.e., the router itself did not appear
in the neighbor's Hello packet). BFD session establishment with the
neighbor is requested if it's not already completed (e.g., in the
event of transition from 2-Way state). Neighbors in
Init state or higher will be listed in Hello packets associated
with the interface if they either have a corresponding BFD session
established or have not advertised OSPF BFD strict-mode in the LLS
Type 1 Extended Options and Flags advertised in the Hello packet.
When the neighbor state transitions to Down state, the removal of
the BFD session associated with that neighbor is requested by OSPF;
subsequent BFD session establishment is similarly requested by OSPF upon
transitioning into Init state.
This may result in BFD session deletion and creation, respectively, when OSPF is the only client
interested in the BFD session with the neighbor address.An implementation MUST NOT wait for BFD session
establishment in Init state unless OSPF BFD strict-mode is enabled by
the operator on the interface and the specific neighbor indicates OSPF
BFD strict-mode capability via the LLS Type 1 Extended Options and Flags advertised in the Hello packet. When BFD is
enabled, but OSPF BFD strict-mode has not been signaled by both
neighbors, an implementation SHOULD start BFD session
establishment only in 2-Way or greater state. This makes it
possible for an OSPF router to support BFD operation in both strict-mode
and normal mode across different interfaces or even across different neighbors
on the same multi-access interface.Once the OSPF state machine has moved beyond the Init state, any
change in the B-bit advertised in subsequent Hello packets MUST NOT
result in any trigger in either the OSPF adjacency or the BFD session
management (i.e., the B-bit is considered only when in Init state).
Disabling BFD (or OSPF BFD strict-mode) on an OSPF interface would
result in it not setting the B-bit in the LLS Type 1 Extended Options and Flags advertised in subsequent Hello packets.
Disabling OSPF BFD strict-mode has no effect on BFD operations and would
not result in the bringing down of any established BFD sessions. Disabling BFD would result in the BFD session being brought down due to AdminDown State (described in ); hence, it would not bring
down the OSPF adjacency.When BFD is enabled on an interface over which we already have an
existing OSPF adjacency, it would result in the router setting the B-bit
in its subsequent Hello packets and the initiation of BFD session
establishment to the neighbor.
If the adjacency is already up (i.e., in
its terminal state of Full or 2-Way with routers that are not designated routers on a
multi-access interface) with a neighbor that also supports OSPF BFD
strict-mode, then an implementation SHOULD NOT bring this adjacency down
into the Init state to avoid disruption to routing operations and
instead use the OSPF BFD strict-mode wait only after a transition to
Init state. However, if the adjacency is not up, then an implementation
MAY bring such an adjacency down so it can use the OSPF BFD strict-mode
for its adjacency establishment.OSPFv3 IPv4 AF SpecificsSupport for multiple AFs in OSPFv3 requires the use of an IPv6 link-local address as
the source address for Hello packets, even when forming adjacencies
for IPv4 AF instances. In most deployments of OSPFv3 IPv4 AFs, it is
required that BFD is used to monitor and verify IPv4 data plane
connectivity between the routers on the link; hence, the BFD session
is set up using IPv4 neighbor addresses.
The IPv4 neighbor address on
the interface is learned only later in the adjacency formation process
when the neighbor's Link-LSA (Link State Advertisement) is received. This
results in the setup of the BFD IPv4 session either after the
adjacency is established or later in the adjacency formation
sequence.To operate in OSPF BFD strict-mode, it is necessary for an OSPF
router to learn its neighbor's IPv4 link address during the Init state
of adjacency formation (ideally, when it receives the first Hello). The
use of the Local Interface IPv4 Address TLV (as defined in ) in the LLS block advertised in OSPFv3
Hello packets for IPv4 AF instances makes this
possible. Implementations that support OSPF BFD
strict-mode for OSPFv3 IPv4 AF instances MUST include the Local
Interface IPv4 Address TLV in the LLS block advertised in their Hello packets
whenever the B-bit is also set in the LLS Type 1 Extended Options and Flags. A receiver
MUST ignore the B-bit (i.e., not operate in strict-mode
for BFD) when the Local Interface IPv4 Address TLV is not present in
OSPFv3 Hello messages for OSPFv3 IPv4 AF instances.Graceful Restart ConsiderationsAn implementation needs to handle scenarios where both graceful
restart (GR) and the OSPF BFD strict-mode are deployed together. The graceful restart aspects related to process restart scenarios discussed in also apply with OSPF BFD strict-mode. Additionally, since the
OSPF adjacency formation is delayed until the BFD session establishment in
OSPF BFD strict-mode, the resultant delay in adjacency formation may affect or
break the GR-based recovery. In such cases, it is RECOMMENDED
that the GR timers are set such that they provide sufficient time to allow for
normal BFD session establishment delays.Operations and Management ConsiderationsAn implementation SHOULD report the BFD session status along with the
OSPF Init adjacency state when OSPF BFD strict-mode is enabled and
support logging operations on neighbor state transitions that include
the BFD events. This allows an operator to detect scenarios where an
OSPF adjacency may be stuck waiting for BFD session establishment.In network deployments with noisy or degraded links with intermittent
packet loss, BFD sessions may flap, resulting in OSPF adjacency flaps.
In turn, this may cause routing churn. The use of OSPF BFD strict-mode
along with mechanisms such as hold-down (a delay in bringing up the initial OSPF adjacency following BFD
session establishment) and/or dampening (a delay in bringing up the OSPF adjacency following failure detected by BFD) may help reduce the
frequency of adjacency flaps and therefore reduce the associated
routing churn. The details of these mechanisms are
outside the scope of this document. specifies the base OSPF YANG
module. The required configuration and operational elements for this
feature are expected to be introduced as augmentation to this base OSPF
YANG module.Backward CompatibilityAn implementation MUST support OSPF adjacency formation and
operations with a neighbor router that does not advertise the OSPF BFD
strict-mode capability: both when that neighbor router does not support
BFD and when it does support BFD but does not signal the OSPF BFD
strict-mode as described in this document. Implementations MAY provide a
local configuration option to force BFD operation only in OSPF BFD
strict-mode (i.e, adjacency will not come up unless BFD session is
established). In this case, an OSPF adjacency with a neighbor that does
not support OSPF BFD strict-mode would not be established successfully.
Implementations MAY provide a local configuration option to enable BFD
without the OSPF BFD strict-mode, which results in the router not
advertising the B-bit and BFD operation being performed in the same way
as prior to this specification.The signaling specified in this document happens at a link-local
level between routers on that link. A router that does not support this
specification would ignore the B-bit in the LLS block advertised in Hello packets
from its neighbors and continue to establish BFD sessions (if enabled)
without delaying the OSPF adjacency formation. Since a router that does
not support this specification would not have set the B-bit in the LLS
block advertised in its own Hello packets, its neighbor routers supporting this
specification would not use OSPF BFD strict-mode with such OSPF routers.
As a result, the behavior would be the same as without this
specification. Therefore, there are no backward compatibility issues or
implementation considerations beyond what is specified herein.IANA ConsiderationsThis specification makes the following updates under the "Open
Shortest Path First (OSPF) Link Local Signaling (LLS) -
Type/Length/Value Identifiers (TLV)" parameters.
In the "LLS Type 1 Extended Options and Flags" registry, the B-bit
has been assigned the bit position 0x00000010.
In the "Link Local Signaling TLV Identifiers (LLS Types)" registry,
the Type 21 has been assigned to the Local Interface IPv4 Address TLV.
Security ConsiderationsThe security considerations for "" also apply to the extension described in this
document.
Inappropriate use of the B-bit in the LLS block of an OSPF Hello message could
prevent an OSPF adjacency from forming or lead to the failure of detecting
bidirectional forwarding failures. If authentication is being used in the OSPF
routing domain , then the Cryptographic Authentication TLV MUST also be used to
protect the contents of the LLS block.ReferencesNormative ReferencesKey words for use in RFCs to Indicate Requirement LevelsIn many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.OSPF Version 2This memo documents version 2 of the OSPF protocol. OSPF is a link- state routing protocol. [STANDARDS-TRACK]OSPF for IPv6This document describes the modifications to OSPF to support version 6 of the Internet Protocol (IPv6). The fundamental mechanisms of OSPF (flooding, Designated Router (DR) election, area support, Short Path First (SPF) calculations, etc.) remain unchanged. However, some changes have been necessary, either due to changes in protocol semantics between IPv4 and IPv6, or simply to handle the increased address size of IPv6. These modifications will necessitate incrementing the protocol version from version 2 to version 3. OSPF for IPv6 is also referred to as OSPF version 3 (OSPFv3).Changes between OSPF for IPv4, OSPF Version 2, and OSPF for IPv6 as described herein include the following. Addressing semantics have been removed from OSPF packets and the basic Link State Advertisements (LSAs). New LSAs have been created to carry IPv6 addresses and prefixes. OSPF now runs on a per-link basis rather than on a per-IP-subnet basis. Flooding scope for LSAs has been generalized. Authentication has been removed from the OSPF protocol and instead relies on IPv6's Authentication Header and Encapsulating Security Payload (ESP).Even with larger IPv6 addresses, most packets in OSPF for IPv6 are almost as compact as those in OSPF for IPv4. Most fields and packet- size limitations present in OSPF for IPv4 have been relaxed. In addition, option handling has been made more flexible.All of OSPF for IPv4's optional capabilities, including demand circuit support and Not-So-Stubby Areas (NSSAs), are also supported in OSPF for IPv6. [STANDARDS-TRACK]OSPF Link-Local SignalingOSPF is a link-state intra-domain routing protocol. OSPF routers exchange information on a link using packets that follow a well-defined fixed format. The format is not flexible enough to enable new features that need to exchange arbitrary data. This document describes a backward-compatible technique to perform link-local signaling, i.e., exchange arbitrary data on a link. This document replaces the experimental specification published in RFC 4813 to bring it on the Standards Track.Support of Address Families in OSPFv3This document describes a mechanism for supporting multiple address families (AFs) in OSPFv3 using multiple instances. It maps an AF to an OSPFv3 instance using the Instance ID field in the OSPFv3 packet header. This approach is fairly simple and minimizes extensions to OSPFv3 for supporting multiple AFs. [STANDARDS-TRACK]Generic Application of Bidirectional Forwarding Detection (BFD)This document describes the generic application of the Bidirectional Forwarding Detection (BFD) protocol. [STANDARDS-TRACK]Ambiguity of Uppercase vs Lowercase in RFC 2119 Key WordsRFC 2119 specifies common key words that may be used in protocol specifications. This document aims to reduce the ambiguity by clarifying that only UPPERCASE usage of the key words have the defined special meanings.Informative ReferencesOSPFv2 HMAC-SHA Cryptographic AuthenticationThis document describes how the National Institute of Standards and Technology (NIST) Secure Hash Standard family of algorithms can be used with OSPF version 2's built-in, cryptographic authentication mechanism. This updates, but does not supercede, the cryptographic authentication mechanism specified in RFC 2328. [STANDARDS-TRACK]Bidirectional Forwarding Detection (BFD)This document describes a protocol intended to detect faults in the bidirectional path between two forwarding engines, including interfaces, data link(s), and to the extent possible the forwarding engines themselves, with potentially very low latency. It operates independently of media, data protocols, and routing protocols. [STANDARDS-TRACK]Bidirectional Forwarding Detection (BFD) for Multihop PathsThis document describes the use of the Bidirectional Forwarding Detection (BFD) protocol over multihop paths, including unidirectional links. [STANDARDS-TRACK]IS-IS BFD-Enabled TLVThis document describes a type-length-value (TLV) for use in the IS-IS routing protocol that allows for the proper use of the Bidirectional Forwarding Detection (BFD) protocol. There exist certain scenarios in which IS-IS will not react appropriately to a BFD-detected forwarding plane failure without use of either this TLV or some other method. [STANDARDS-TRACK]Security Extension for OSPFv2 When Using Manual Key ManagementThe current OSPFv2 cryptographic authentication mechanism as defined in RFCs 2328 and 5709 is vulnerable to both inter-session and intra- session replay attacks when using manual keying. Additionally, the existing cryptographic authentication mechanism does not cover the IP header. This omission can be exploited to carry out various types of attacks.This document defines changes to the authentication sequence number mechanism that will protect OSPFv2 from both inter-session and intra- session replay attacks when using manual keys for securing OSPFv2 protocol packets. Additionally, we also describe some changes in the cryptographic hash computation that will eliminate attacks resulting from OSPFv2 not protecting the IP header.YANG Data Model for the OSPF ProtocolThis document defines a YANG data model that can be used to configure and manage OSPF. The model is based on YANG 1.1 as defined in RFC 7950 and conforms to the Network Management Datastore Architecture (NMDA) as described in RFC 8342.AcknowledgementsThe authors would like to acknowledge the review and inputs from
, ,
, ,
, ,
, , and .The authors would like to acknowledge for highlighting the problems in using OSPF BFD
strict-mode for BFD sessions for OSPFv3 IPv4 AF instances and
for his suggestions on the approach to
address it.The authors would like to thank
for his AD review and suggestions to improve the document.Authors' AddressesCisco Systems, Inc.Indiaketant.ietf@gmail.comCisco Systems, Inc.Apollo Business CenterMlynske nivy 43Bratislava821 09Slovakiappsenak@cisco.comBloombergUnited States of Americaafu14@bloomberg.netJuniper NetworksIndiamrajesh@juniper.net