1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
|
Network Working Group A. Zinin
Request for Comments: 5613 Alcatel-Lucent
Obsoletes: 4813 A. Roy
Category: Standards Track L. Nguyen
Cisco Systems
B. Friedman
Google, Inc.
D. Yeung
Cisco Systems
August 2009
OSPF Link-Local Signaling
Abstract
OSPF is a link-state intra-domain routing protocol. OSPF routers
exchange information on a link using packets that follow a well-
defined fixed format. The format is not flexible enough to enable
new features that need to exchange arbitrary data. This document
describes a backward-compatible technique to perform link-local
signaling, i.e., exchange arbitrary data on a link. This document
replaces the experimental specification published in RFC 4813 to
bring it on the Standards Track.
Status of This Memo
This document specifies an Internet standards track protocol for the
Internet community, and requests discussion and suggestions for
improvements. Please refer to the current edition of the "Internet
Official Protocol Standards" (STD 1) for the standardization state
and status of this protocol. Distribution of this memo is unlimited.
Copyright Notice
Copyright (c) 2009 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents in effect on the date of
publication of this document (http://trustee.ietf.org/license-info).
Please review these documents carefully, as they describe your rights
and restrictions with respect to this document.
Zinin, et al. Standards Track [Page 1]
^L
RFC 5613 OSPF Link-Local Signaling August 2009
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2
1.1. Requirements Notation . . . . . . . . . . . . . . . . . . 2
2. Proposed Solution . . . . . . . . . . . . . . . . . . . . . . 3
2.1. L-Bit in Options Field . . . . . . . . . . . . . . . . . . 4
2.2. LLS Data Block . . . . . . . . . . . . . . . . . . . . . . 4
2.3. LLS TLVs . . . . . . . . . . . . . . . . . . . . . . . . . 5
2.4. Extended Options and Flags TLV . . . . . . . . . . . . . . 5
2.5. Cryptographic Authentication TLV (OSPFv2 ONLY) . . . . . . 6
2.6. Private TLVs . . . . . . . . . . . . . . . . . . . . . . . 7
3. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7
4. Compatibility Issues . . . . . . . . . . . . . . . . . . . . . 9
5. Security Considerations . . . . . . . . . . . . . . . . . . . 9
6. References . . . . . . . . . . . . . . . . . . . . . . . . . . 9
6.1. Normative References . . . . . . . . . . . . . . . . . . . 9
6.2. Informative References . . . . . . . . . . . . . . . . . . 10
Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 11
Appendix B. Changes from RFC 4813 . . . . . . . . . . . . . . . . 11
1. Introduction
This document describes an extension to OSPFv2 [OSPFV2] and OSPFv3
[OSPFV3] allowing additional information to be exchanged between
routers on the same link. OSPFv2 and OSPFv3 packet formats are fixed
and do not allow for extension. This document proposes appending an
optional data block composed of Type/Length/Value (TLV) triplets to
existing OSPFv2 and OSPFv3 packets to carry this additional
information. Throughout this document, OSPF will be used when the
specification is applicable to both OSPFv2 and OSPFv3. Similarly,
OSPFv2 or OSPFv3 will be used when the text is protocol specific.
One potential way of solving this task could be introducing a new
packet type. However, that would mean introducing extra packets on
the network that may not be desirable and may cause backward
compatibility issues. This document describes how to exchange data
using standard OSPF packet types.
1.1. Requirements Notation
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [KEY].
Zinin, et al. Standards Track [Page 2]
^L
RFC 5613 OSPF Link-Local Signaling August 2009
2. Proposed Solution
To perform link-local signaling (LLS), OSPF routers add a special
data block to the end of OSPF packets or right after the
authentication data block when cryptographic authentication is used.
The length of the LLS block is not included into the length of the
OSPF packet, but is included in the IPv4/IPv6 packet length. Figure
1 illustrates how the LLS data block is attached.
+---------------------+ -- -- +---------------------+
| IP Header | ^ ^ | IPv6 Header |
| Length = HL+X+Y+Z | | Header Length | | Length = HL+X+Y |
| | v v | |
+---------------------+ -- -- +---------------------+
| OSPF Header | ^ ^ | OSPFv3 Header |
| Length = X | | | | Length = X |
|.....................| | X | X |.....................|
| | | | | |
| OSPFv2 Data | | | | OSPFv3 Data |
| | v v | |
+---------------------+ -- -- +---------------------+
| | ^ ^ | |
| Authentication Data | | Y | Y | LLS Data |
| | v v | |
+---------------------+ -- -- +---------------------+
| | ^
| LLS Data | | Z
| | v
+---------------------+ --
Figure 1: LLS Data Block in OSPFv2 and OSPFv3
The LLS block MAY be attached to OSPF Hello and Database Description
(DD) packets. The LLS block MUST NOT be attached to any other OSPF
packet types on generation and MUST be ignored on reception.
The data included in the LLS block attached to a Hello packet MAY be
used for dynamic signaling since Hello packets may be sent at any
time. However, delivery of LLS data in Hello packets is not
guaranteed. The data sent with DD packets is guaranteed to be
delivered as part of the adjacency forming process.
This document does not specify how the data transmitted by the LLS
mechanism should be interpreted by OSPF routers. As routers that do
not understand LLS may receive these packets, changes made due to LLS
block TLV's do not affect the basic routing when interacting with
non-LLS routers.
Zinin, et al. Standards Track [Page 3]
^L
RFC 5613 OSPF Link-Local Signaling August 2009
2.1. L-Bit in Options Field
A new L-bit (L stands for LLS) is introduced into the OSPF Options
field (see Figures 2a and 2b). Routers set the L-bit in Hello and DD
packets to indicate that the packet contains an LLS data block. In
other words, the LLS data block is only examined if the L-bit is set.
+---+---+---+---+---+---+---+---+
| * | O | DC| L |N/P| MC| E | * |
+---+---+---+---+---+---+---+-+-+
Figure 2a: OSPFv2 Options Field
0 1 2
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+--+-+-+--+--+--+--+--+--+
| | | | | | | | | | | | | | |L|AF|*|*|DC| R| N|MC| E|V6|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+--+-+-+--+--+--+--+--+--+
Figure 2b: OSPFv3 Options Field
The L-bit MUST NOT be set except in Hello and DD packets that contain
an LLS block.
2.2. LLS Data Block
The data block used for link-local signaling is formatted as
described below (see Figure 3 for illustration).
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Checksum | LLS Data Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
| LLS TLVs |
. .
. .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 3: Format of LLS Data Block
The Checksum field contains the standard IP checksum for the entire
contents of the LLS block. Before computing the checksum, the
checksum field is set to 0. If the checksum is incorrect, the OSPF
packet MUST be processed, but the LLS block MUST be discarded.
Zinin, et al. Standards Track [Page 4]
^L
RFC 5613 OSPF Link-Local Signaling August 2009
The 16-bit LLS Data Length field contains the length (in 32-bit
words) of the LLS block including the header and payload.
Note that if the OSPF packet is cryptographically authenticated, the
LLS data block MUST also be cryptographically authenticated. In this
case, the regular LLS checksum is not calculated, but is instead set
to 0.
The rest of the block contains a set of Type/Length/Value (TLV)
triplets as described in Section 2.3. All TLVs MUST be 32-bit
aligned (with padding if necessary).
2.3. LLS TLVs
The contents of an LLS data block are constructed using TLVs. See
Figure 4 for the TLV format.
The Type field contains the TLV ID, which is unique for each type of
TLV. The Length field contains the length of the Value field (in
bytes). The Value field is variable and contains arbitrary data.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
. .
. Value .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 4: Format of LLS TLVs
Note that TLVs are always padded to a 32-bit boundary, but padding
bytes are not included in the TLV Length field (though they are
included in the LLS Data Length field in the LLS block header).
Unrecognized TLV types are ignored.
2.4. Extended Options and Flags TLV
This subsection describes a TLV called the Extended Options and Flags
(EOF) TLV. The format of the EOF-TLV is shown in Figure 5.
Bits in the Value field do not have any semantics from the point of
view of the LLS mechanism. Bits MAY be allocated to announce OSPF
link-local capabilities. Bits MAY also be allocated to perform
boolean link-local signaling.
Zinin, et al. Standards Track [Page 5]
^L
RFC 5613 OSPF Link-Local Signaling August 2009
The length of the Value field in the EOF-TLV is 4 bytes.
The value of the Type field in the EOF-TLV is 1. The EOF-TLV MUST
only appear once in the LLS data block.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| 1 | 4 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Extended Options and Flags |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 5: Format of the EOF-TLV
Currently, [OOB] and [RESTART] use bits in the Extended Options field
of the EOF-TLV.
The Extended Options and Flags bits are defined in Section 3.
2.5. Cryptographic Authentication TLV (OSPFv2 ONLY)
This document defines a special TLV that is used for cryptographic
authentication (CA-TLV) of the LLS data block. This TLV MUST only be
included in the LLS block when cryptographic authentication is
enabled on the corresponding interface. The message digest of the
LLS block MUST be calculated using the same key and authentication
algorithm as used for the OSPFv2 packet. The cryptographic sequence
number is included in the TLV and MUST be the same as the one in the
OSPFv2 authentication data for the LLS block to be considered
authentic.
The TLV is constructed as shown in Figure 6.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| 2 | AuthLen |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Sequence Number |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
. .
. AuthData .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 6: Format of Cryptographic Authentication TLV
Zinin, et al. Standards Track [Page 6]
^L
RFC 5613 OSPF Link-Local Signaling August 2009
The value of the Type field for the CA-TLV is 2.
The Length field in the header contains the length of the data
portion of the TLV including 4 bytes for Sequence Number and the
length of the message digest block for the whole LLS block in bytes.
The Sequence Number field contains the cryptographic sequence number
that is used to prevent simple replay attacks. For the LLS block to
be considered authentic, the Sequence Number in the CA-TLV MUST match
the Sequence Number in the OSPFv2 packet header Authentication field
(which MUST be present). In the event of Sequence Number mismatch or
Authentication failure, the whole LLS block MUST be ignored.
The CA-TLV MUST NOT appear more than once in the LLS block. Also,
when present, this TLV MUST be the last TLV in the LLS block. If it
appears more than once, only the first occurrence is processed and
any others MUST be ignored.
The AuthData field contains the message digest calculated for the LLS
data block up to the CA-TLV AuthData field (i.e., excludes the CA-TLV
AuthData).
The CA-TLV is not applicable to OSPFv3 and it MUST NOT be added to
any OSPFv3 packet. If found on reception, this TLV MUST be ignored.
2.6. Private TLVs
LLS type values in the range of 32768-65536 are reserved for private
use. The first four octets of the Value field MUST be the private
enterprise code [ENTNUM]. This allows multiple vendor private
extensions to coexist in a network.
3. IANA Considerations
This document uses the registry that was originally created in
[RFC4813]. IANA updated the following registry to point to this
document instead:
o "Open Shortest Path First (OSPF) Link-Local Signalling (LLS) -
Type/Length/Value Identifiers (TLV)"
IANA allocated L-bit in the "OSPFv2 Options Registry" and "OSPFv3
Options Registry" as per Section 2.1.
LLS TLV types are maintained by the IANA. Extensions to OSPF that
require a new LLS TLV type MUST be reviewed by a Designated Expert
from the routing area.
Zinin, et al. Standards Track [Page 7]
^L
RFC 5613 OSPF Link-Local Signaling August 2009
The criteria for allocating LLS TLVs are:
o LLS should not be used for information that would be better suited
to be advertised in a link-local link state advertisement (LSA).
o LLS should be confined to signaling between direct neighbors.
o Discretion should be used in the volume of information signaled
using LLS due to the obvious MTU and performance implications.
Following the policies outlined in [IANA], LLS type values in the
range of 0-32767 are allocated through an IETF Review and LLS type
values in the range of 32768-65535 are reserved for private use.
This document assigns the following LLS TLV types in OSPFv2/OSPFv3.
TLV Type Name Reference
0 Reserved
1 Extended Options and Flags [RFC5613]
2 Cryptographic Authentication+ [RFC5613]
3-32767 Reserved for assignment by the IANA
32768-65535 Private Use
+ Cryptographic Authentication TLV is only defined for OSPFv2
IANA renamed the sub-registry from "LLS Type 1 Extended Options" to
"LLS Type 1 Extended Options and Flags".
This document also assigns the following bits in the EOF-TLV outlined
in Section 2.5:
Bit Name Reference
0x00000001 LSDB Resynchronization (LR) [RFC4811]
0x00000002 Restart Signal (RS-bit) [RFC4812]
Future allocation of Extended Options and Flags bits MUST be reviewed
by a Designated Expert from the routing area.
Zinin, et al. Standards Track [Page 8]
^L
RFC 5613 OSPF Link-Local Signaling August 2009
4. Compatibility Issues
The modifications to OSPF packet formats are compatible with standard
OSPF since OSPF routers not supporting LLS will ignore the LLS data
block after the OSPF packet or cryptographic message digest. As of
this writing, there are implementations deployed with [RFC4813]-
compliant software. Routers not implementing [RFC4813] ignore the
LLS data at the end of the OSPF packet.
Careful consideration should be given to carrying additional LLS
data, as it may affect the OSPF adjacency bring-up time due to
additional propagation delay and/or processing time.
5. Security Considerations
Security considerations inherited from OSPFv2 are described in
[OSPFV2]. This technique provides the same level of security as the
basic OSPFv2 protocol by allowing LLS data to be authenticated using
the same cryptographic authentication that OSPFv2 uses (see
Section 2.5 for more details).
Security considerations inherited from OSPFv3 are described in
[OSPFV3] and [OSPFV3AUTH]. OSPFv3 utilizes IPsec for authentication
and encryption. With IPsec, the AH (Authentication Header), ESP
(Encapsulating Security Payload), or both are applied to the entire
OSPFv3 payload including the LLS block.
6. References
6.1. Normative References
[IANA] Narten, T. and H. Alvestrand, "Guidelines for Writing
an IANA Considerations Section in RFCs", BCP 26,
RFC 5226, May 2008.
[KEY] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[OSPFV2] Moy, J., "OSPF Version 2", STD 54, RFC 2328,
April 1998.
[OSPFV3] Coltun, R., Ferguson, D., Moy, J., and A. Lindem, "OSPF
for IPv6", RFC 5340, July 2008.
[OSPFV3AUTH] Gupta, M. and N. Melam, "Authentication/Confidentiality
for OSPFv3", RFC 4552, June 2006.
Zinin, et al. Standards Track [Page 9]
^L
RFC 5613 OSPF Link-Local Signaling August 2009
6.2. Informative References
[ENTNUM] IANA, "PRIVATE ENTERPRISE NUMBERS",
http://www.iana.org.
[OOB] Nguyen, L., Roy, A., and A. Zinin, "OSPF Out-of-Band
Link State Database (LSDB) Resynchronization",
RFC 4811, March 2007.
[RESTART] Nguyen, L., Roy, A., and A. Zinin, "OSPF Restart
Signaling", RFC 4812, March 2007.
[RFC4813] Friedman, B., Nguyen, L., Roy, A., Yeung, D., and A.
Zinin, "OSPF Link-Local Signaling", RFC 4813,
March 2007.
Zinin, et al. Standards Track [Page 10]
^L
RFC 5613 OSPF Link-Local Signaling August 2009
Appendix A. Acknowledgements
The authors would like to acknowledge Russ White, Acee Lindem, and
Manral Vishwas for their review of this document.
Appendix B. Changes from RFC 4813
This section describes the substantive change from [RFC4813].
o Added OSPFv3 support
o Private TLVs MUST use private enterprise code
o Clarified requirement levels at several places
o Changed from Experimental to Standards Track
Zinin, et al. Standards Track [Page 11]
^L
RFC 5613 OSPF Link-Local Signaling August 2009
Authors' Addresses
Alex Zinin
Alcatel-Lucent
Singapore
EMail: alex.zinin@alcatel-lucent.com
Abhay Roy
Cisco Systems
170 West Tasman Drive
San Jose, CA 95134
USA
EMail: akr@cisco.com
Liem Nguyen
Cisco Systems
170 West Tasman Drive
San Jose, CA 95134
USA
EMail: lhnguyen@cisco.com
Barry Friedman
Google, Inc.
1600 Amphitheatre Parkway
Mountain View, CA 94043
USA
EMail: barryf@google.com
Derek Yeung
Cisco Systems
170 West Tasman Drive
San Jose, CA 95134
USA
EMail: myeung@cisco.com
Zinin, et al. Standards Track [Page 12]
^L
|
