Definition of ACH TLV Structure draft-ietf-mpls-tp-ach-tlv-02

{S. Boutros, S. Bryant, S. Sivabalan, G . Swallow} Cisco Systems,{D.Ward} Juniper Networks}, V. Manral {IP Infusion}

Status

• This draft is in WGLC

• WGLC will complete as planned.

• Using this session to gather f/b on some of the issues raised and possible approaches to resolution

Experimental TLVs

• Propose to add 8 as the top values

• Exact values depend on compact null and transitive TLV discussion

04/19/23 draft-bocci-mpls-tp-gach-gal-02.txt

Destination Address

• Easy to add, but not actually used.

• Need a decision on whether to include.

• If include would just clone IPv4 SA and IPv6 SA.

• Propose that those needed by Nitin’s LSP Ping Draft defined in that draft.

• Any others needed?

MEP-ID

• Move section “3.7. MPLS OAM SOURCE MEP-ID TLV for LSP Ping” of draft draft-ietf-ccamp-rsvp-te-mpls-tp-oam-ext-01 to draft-ietf-mpls-tp-ach-tlv-01.

• Is there a dest MEP-ID as well?

• PW MEP-IDs and MIP-IDs also needed – where/when are these needed?

Fixed Ordering of TLVs in Pkt

• Order of TLVs should be set (or not set) by definition of ACH type.

• Fixing this in this set of def’ns would not be optimal for all applications.

Alt TLV Structure

0 1 2 3

0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

|I|A| AchTlvType = X | Length |

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

~ Value ~

| |

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

I = Ignore if not understood

A = Authenticate

Compact Null• At the moment null is

0 1 2 3

0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

| AchTlvType = X | Length |

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

~ Value ~

| |

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Compact null would be alternate:

0 1 2 3 4 5 6 7

+-+-+-+-+-+-+-+-+

|AchTlvType = X |

+-+-+-+-+-+-+-+-+

If for example X = 0xff, then TLVs carrying data would be in the range

0x0000 to 0xFEFF

If previous proposal accepted CN would be 0x3F

Authentication

BFD supports Value BFD Authentication Type Name

----- ----------------------------

0 Reserved

1 Simple Password

2 Keyed MD5

3 Meticulous Keyed MD5

4 Keyed SHA1

5 Meticulous Keyed SHA1

6-255 Unassigned

We may need other hashes, but these can be added at a later date. Suggest that we continue with BFD set and add others if requested by SEC review.

Authentication Length

• Should we support the ability to Auth data that follows the Auth TLV

• Would do this by setting the TLV Len

• How long a data set do we need to be able to cover.

Set TLV Operations

• Use the top two bits of the TLV to indicate:– Ignore if not understood – Authenticate ?

• Could make this the top two bits and use compact padding

MEG-ID and MIP-IDs are needed too.

• Needed will be added in next version.