< draft-ietf-bfd-vxlan-11.txt | draft-ietf-bfd-vxlan-12.txt > | |||
---|---|---|---|---|
BFD S. Pallagatti, Ed. | BFD S. Pallagatti, Ed. | |||
Internet-Draft VMware | Internet-Draft VMware | |||
Intended status: Standards Track S. Paragiri | Intended status: Standards Track S. Paragiri | |||
Expires: November 5, 2020 Individual Contributor | Expires: November 8, 2020 Individual Contributor | |||
V. Govindan | V. Govindan | |||
M. Mudigonda | M. Mudigonda | |||
Cisco | Cisco | |||
G. Mirsky | G. Mirsky | |||
ZTE Corp. | ZTE Corp. | |||
May 4, 2020 | May 7, 2020 | |||
BFD for VXLAN | BFD for VXLAN | |||
draft-ietf-bfd-vxlan-11 | draft-ietf-bfd-vxlan-12 | |||
Abstract | Abstract | |||
This document describes the use of the Bidirectional Forwarding | This document describes the use of the Bidirectional Forwarding | |||
Detection (BFD) protocol in point-to-point Virtual eXtensible Local | Detection (BFD) protocol in point-to-point Virtual eXtensible Local | |||
Area Network (VXLAN) tunnels used to form an overlay network. | Area Network (VXLAN) tunnels used to form an overlay network. | |||
Status of This Memo | Status of This Memo | |||
This Internet-Draft is submitted in full conformance with the | This Internet-Draft is submitted in full conformance with the | |||
skipping to change at page 1, line 38 ¶ | skipping to change at page 1, line 38 ¶ | |||
Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
This Internet-Draft will expire on November 5, 2020. | This Internet-Draft will expire on November 8, 2020. | |||
Copyright Notice | Copyright Notice | |||
Copyright (c) 2020 IETF Trust and the persons identified as the | Copyright (c) 2020 IETF Trust and the persons identified as the | |||
document authors. All rights reserved. | document authors. All rights reserved. | |||
This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
(https://trustee.ietf.org/license-info) in effect on the date of | (https://trustee.ietf.org/license-info) in effect on the date of | |||
publication of this document. Please review these documents | publication of this document. Please review these documents | |||
skipping to change at page 2, line 27 ¶ | skipping to change at page 2, line 27 ¶ | |||
5. BFD Packet Transmission over VXLAN Tunnel . . . . . . . . . . 6 | 5. BFD Packet Transmission over VXLAN Tunnel . . . . . . . . . . 6 | |||
6. Reception of BFD Packet from VXLAN Tunnel . . . . . . . . . . 8 | 6. Reception of BFD Packet from VXLAN Tunnel . . . . . . . . . . 8 | |||
7. Echo BFD . . . . . . . . . . . . . . . . . . . . . . . . . . 8 | 7. Echo BFD . . . . . . . . . . . . . . . . . . . . . . . . . . 8 | |||
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8 | 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8 | |||
9. Security Considerations . . . . . . . . . . . . . . . . . . . 8 | 9. Security Considerations . . . . . . . . . . . . . . . . . . . 8 | |||
10. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 9 | 10. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 9 | |||
11. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 9 | 11. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 9 | |||
12. References . . . . . . . . . . . . . . . . . . . . . . . . . 9 | 12. References . . . . . . . . . . . . . . . . . . . . . . . . . 9 | |||
12.1. Normative References . . . . . . . . . . . . . . . . . . 9 | 12.1. Normative References . . . . . . . . . . . . . . . . . . 9 | |||
12.2. Informational References . . . . . . . . . . . . . . . . 10 | 12.2. Informational References . . . . . . . . . . . . . . . . 10 | |||
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 10 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 11 | |||
1. Introduction | 1. Introduction | |||
"Virtual eXtensible Local Area Network" (VXLAN) [RFC7348] provides an | "Virtual eXtensible Local Area Network" (VXLAN) [RFC7348] provides an | |||
encapsulation scheme that allows building an overlay network by | encapsulation scheme that allows building an overlay network by | |||
decoupling the address space of the attached virtual hosts from that | decoupling the address space of the attached virtual hosts from that | |||
of the network. | of the network. | |||
One use of VXLAN is in data centers interconnecting virtual machines | One use of VXLAN is in data centers interconnecting virtual machines | |||
(VMs) of a tenant. VXLAN addresses requirements of the Layer 2 and | (VMs) of a tenant. VXLAN addresses requirements of the Layer 2 and | |||
skipping to change at page 8, line 22 ¶ | skipping to change at page 8, line 22 ¶ | |||
Destination IP: IP address MUST NOT be of one of tenant's IP | Destination IP: IP address MUST NOT be of one of tenant's IP | |||
addresses. The IP address SHOULD be selected from the range | addresses. The IP address SHOULD be selected from the range | |||
127/8 for IPv4, for IPv6 - from the range ::ffff:127.0.0.0/104. | 127/8 for IPv4, for IPv6 - from the range ::ffff:127.0.0.0/104. | |||
Alternatively, the destination IP address MAY be set to VTEP's | Alternatively, the destination IP address MAY be set to VTEP's | |||
IP address. | IP address. | |||
Source IP: IP address of the originating VTEP. | Source IP: IP address of the originating VTEP. | |||
TTL or Hop Limit: MUST be set to 255 in accordance with the | TTL or Hop Limit: MUST be set to 255 in accordance with the | |||
Generalized TTL Security Mechanism [RFC5881]. | Generalized TTL Security Mechanism [RFC5082]. | |||
The fields of the UDP header and the BFD Control packet are | The fields of the UDP header and the BFD Control packet are | |||
encoded as specified in [RFC5881]. | encoded as specified in [RFC5881]. | |||
6. Reception of BFD Packet from VXLAN Tunnel | 6. Reception of BFD Packet from VXLAN Tunnel | |||
Once a packet is received, the VTEP MUST validate the packet. If the | Once a packet is received, the VTEP MUST validate the packet. If the | |||
packet is received on the management VNI and is identified as BFD | packet is received on the management VNI and is identified as BFD | |||
control packet addressed to the VTEP, and then the packet can be | control packet addressed to the VTEP, and then the packet can be | |||
processed further. Processing of BFD control packets received on | processed further. Processing of BFD control packets received on | |||
non-management VNI is outside the scope of this specification. | non-management VNI is outside the scope of this specification. | |||
Validation of TTL or Hop Limit of the inner IP packet is performed as | Validation of TTL / Hop Limit of the inner IP packet, as long as the | |||
described in Section 5 [RFC5881]. | related considerations for BFD control packet demultiplexing and | |||
authentication, is performed as described in Section 5 [RFC5881]. | ||||
7. Echo BFD | 7. Echo BFD | |||
Support for echo BFD is outside the scope of this document. | Support for echo BFD is outside the scope of this document. | |||
8. IANA Considerations | 8. IANA Considerations | |||
This specification has no IANA action requested. This section may be | This specification has no IANA action requested. This section may be | |||
deleted before the publication. | deleted before the publication. | |||
9. Security Considerations | 9. Security Considerations | |||
Security issues discussed in [RFC5880], [RFC5881], and [RFC7348] | ||||
apply to this document. | ||||
This document recommends using an address from the Internal host | This document recommends using an address from the Internal host | |||
loopback addresses 127/8 range for IPv4 or an IP4-mapped IPv4 | loopback addresses 127/8 range for IPv4 or an IP4-mapped IPv4 | |||
loopback address from ::ffff:127.0.0.0/104 range for IPv6 as the | loopback address from ::ffff:127.0.0.0/104 range for IPv6 as the | |||
destination IP address in the inner IP header. Using such an address | destination IP address in the inner IP header. Using such an address | |||
prevents the forwarding of the encapsulated BFD control message by a | prevents the forwarding of the encapsulated BFD control message by a | |||
transient node in case the VXLAN tunnel is broken as according to | transient node in case the VXLAN tunnel is broken as according to | |||
[RFC1812]: | [RFC1812]: | |||
A router SHOULD NOT forward, except over a loopback interface, any | A router SHOULD NOT forward, except over a loopback interface, any | |||
packet that has a destination address on network 127. A router | packet that has a destination address on network 127. A router | |||
MAY have a switch that allows the network manager to disable these | MAY have a switch that allows the network manager to disable these | |||
checks. If such a switch is provided, it MUST default to | checks. If such a switch is provided, it MUST default to | |||
performing the checks. | performing the checks. | |||
If the implementation supports establishing multiple BFD sessions | If the implementation supports establishing multiple BFD sessions | |||
between the same pair of VTEPs, there SHOULD be a mechanism to | between the same pair of VTEPs, there SHOULD be a mechanism to | |||
control the maximum number of such sessions that can be active at the | control the maximum number of such sessions that can be active at the | |||
same time. | same time. | |||
Other than requiring control of the number of BFD sessions between | ||||
the same pair of VTEPs, this specification does not raise any | ||||
additional security issues beyond those discussed in [RFC5880], | ||||
[RFC5881], and [RFC7348]. | ||||
10. Contributors | 10. Contributors | |||
Reshad Rahman | Reshad Rahman | |||
rrahman@cisco.com | rrahman@cisco.com | |||
Cisco | Cisco | |||
11. Acknowledgments | 11. Acknowledgments | |||
Authors would like to thank Jeff Haas of Juniper Networks for his | Authors would like to thank Jeff Haas of Juniper Networks for his | |||
reviews and feedback on this material. | reviews and feedback on this material. | |||
Authors would also like to thank Nobo Akiya, Marc Binderberger, | Authors would also like to thank Nobo Akiya, Marc Binderberger, | |||
Shahram Davari, Donald E. Eastlake 3rd, and Anoop Ghanwani for the | Shahram Davari, Donald E. Eastlake 3rd, Anoop Ghanwani, Dinesh Dutt, | |||
extensive reviews and the most detailed and helpful comments. | Joel Halpern, and Carlos Pignataro for the extensive reviews and the | |||
most detailed and constructive comments. | ||||
12. References | 12. References | |||
12.1. Normative References | 12.1. Normative References | |||
[RFC1812] Baker, F., Ed., "Requirements for IP Version 4 Routers", | [RFC1812] Baker, F., Ed., "Requirements for IP Version 4 Routers", | |||
RFC 1812, DOI 10.17487/RFC1812, June 1995, | RFC 1812, DOI 10.17487/RFC1812, June 1995, | |||
<https://www.rfc-editor.org/info/rfc1812>. | <https://www.rfc-editor.org/info/rfc1812>. | |||
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
Requirement Levels", BCP 14, RFC 2119, | Requirement Levels", BCP 14, RFC 2119, | |||
DOI 10.17487/RFC2119, March 1997, | DOI 10.17487/RFC2119, March 1997, | |||
<https://www.rfc-editor.org/info/rfc2119>. | <https://www.rfc-editor.org/info/rfc2119>. | |||
[RFC5082] Gill, V., Heasley, J., Meyer, D., Savola, P., Ed., and C. | ||||
Pignataro, "The Generalized TTL Security Mechanism | ||||
(GTSM)", RFC 5082, DOI 10.17487/RFC5082, October 2007, | ||||
<https://www.rfc-editor.org/info/rfc5082>. | ||||
[RFC5880] Katz, D. and D. Ward, "Bidirectional Forwarding Detection | [RFC5880] Katz, D. and D. Ward, "Bidirectional Forwarding Detection | |||
(BFD)", RFC 5880, DOI 10.17487/RFC5880, June 2010, | (BFD)", RFC 5880, DOI 10.17487/RFC5880, June 2010, | |||
<https://www.rfc-editor.org/info/rfc5880>. | <https://www.rfc-editor.org/info/rfc5880>. | |||
[RFC5881] Katz, D. and D. Ward, "Bidirectional Forwarding Detection | [RFC5881] Katz, D. and D. Ward, "Bidirectional Forwarding Detection | |||
(BFD) for IPv4 and IPv6 (Single Hop)", RFC 5881, | (BFD) for IPv4 and IPv6 (Single Hop)", RFC 5881, | |||
DOI 10.17487/RFC5881, June 2010, | DOI 10.17487/RFC5881, June 2010, | |||
<https://www.rfc-editor.org/info/rfc5881>. | <https://www.rfc-editor.org/info/rfc5881>. | |||
[RFC7348] Mahalingam, M., Dutt, D., Duda, K., Agarwal, P., Kreeger, | [RFC7348] Mahalingam, M., Dutt, D., Duda, K., Agarwal, P., Kreeger, | |||
End of changes. 11 change blocks. | ||||
15 lines changed or deleted | 20 lines changed or added | |||
This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ |