definition of ach tlv structure draft-ietf-mpls-tp-ach-tlv-02
DESCRIPTION
Definition of ACH TLV Structure draft-ietf-mpls-tp-ach-tlv-02. {S. Boutros, S. Bryant, S. Sivabalan, G . Swallow} Cisco Systems, {D.Ward} Juniper Networks}, V. Manral {IP Infusion}. Status. This draft is in WGLC WGLC will complete as planned. - PowerPoint PPT PresentationTRANSCRIPT
Definition of ACH TLV Structure draft-ietf-mpls-tp-ach-tlv-02
{S. Boutros, S. Bryant, S. Sivabalan, G . Swallow} Cisco Systems,{D.Ward} Juniper Networks}, V. Manral {IP Infusion}
Status
• This draft is in WGLC
• WGLC will complete as planned.
• Using this session to gather f/b on some of the issues raised and possible approaches to resolution
Experimental TLVs
• Propose to add 8 as the top values
• Exact values depend on compact null and transitive TLV discussion
04/19/23 draft-bocci-mpls-tp-gach-gal-02.txt
Destination Address
• Easy to add, but not actually used.
• Need a decision on whether to include.
• If include would just clone IPv4 SA and IPv6 SA.
• Propose that those needed by Nitin’s LSP Ping Draft defined in that draft.
• Any others needed?
MEP-ID
• Move section “3.7. MPLS OAM SOURCE MEP-ID TLV for LSP Ping” of draft draft-ietf-ccamp-rsvp-te-mpls-tp-oam-ext-01 to draft-ietf-mpls-tp-ach-tlv-01.
• Is there a dest MEP-ID as well?
• PW MEP-IDs and MIP-IDs also needed – where/when are these needed?
Fixed Ordering of TLVs in Pkt
• Order of TLVs should be set (or not set) by definition of ACH type.
• Fixing this in this set of def’ns would not be optimal for all applications.
Alt TLV Structure
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|I|A| AchTlvType = X | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
~ Value ~
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
I = Ignore if not understood
A = Authenticate
Compact Null• At the moment null is
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AchTlvType = X | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
~ Value ~
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Compact null would be alternate:
0 1 2 3 4 5 6 7
+-+-+-+-+-+-+-+-+
|AchTlvType = X |
+-+-+-+-+-+-+-+-+
If for example X = 0xff, then TLVs carrying data would be in the range
0x0000 to 0xFEFF
If previous proposal accepted CN would be 0x3F
Authentication
BFD supports Value BFD Authentication Type Name
----- ----------------------------
0 Reserved
1 Simple Password
2 Keyed MD5
3 Meticulous Keyed MD5
4 Keyed SHA1
5 Meticulous Keyed SHA1
6-255 Unassigned
We may need other hashes, but these can be added at a later date. Suggest that we continue with BFD set and add others if requested by SEC review.
Authentication Length
• Should we support the ability to Auth data that follows the Auth TLV
• Would do this by setting the TLV Len
• How long a data set do we need to be able to cover.
Set TLV Operations
• Use the top two bits of the TLV to indicate:– Ignore if not understood – Authenticate ?
• Could make this the top two bits and use compact padding
MEG-ID and MIP-IDs are needed too.
• Needed will be added in next version.