home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Internet Info 1994 March
/
Internet Info CD-ROM (Walnut Creek) (March 1994).iso
/
inet
/
internet-drafts
/
draft-ietf-isis-nbma-00.txt
< prev
next >
Wrap
Text File
|
1993-07-08
|
90KB
|
2,301 lines
ISIS Working Group Radia Perlman and Chris Gunner
Internet-draft Digital Equipment Corp.
June 1993
Routing over Nonbroadcast Multiaccess Links
Table of Contents
1. Status of this Memo 3
2. Abstract 3
3. Conventions 4
4. Introduction 4
4.1. CLNP Addresses 6
4.2. Finding Neighbors across NBMA Links 6
4.3. Types Of Nodes Attached To NBMA 7
4.4. ES-IS For NBMA 9
4.5. IP Endnodes on NBMA 10
4.6. IS-IS On NBMA 11
4.6.1. ISs Finding Each Other 11
4.6.2. Reliable And Efficient LSP Distribution Across NBMA
12
4.7. Packet Encapsulation 12
4.8. Security 13
5. Configuration Information 15
5.1. Simple-ES, Configured-ES, Passive-IS,
Configured-Passive-IS 15
5.2. Dynamically-Learned-ESs 16
5.3. Nonpassive-ISs 17
6. Databases 20
6.1. Kept By Simple-ES, Configured-ES, Passive-IS, And
Configured-Passive-IS 20
6.2. Kept By Dynamically-Learned ES 21
6.3. Kept By Level 1 ISs 22
6.4. Kept By Level 2 ISs 22
6.5. Additional Information Kept By Designated Router 23
7. Protocols 25
7.1. Electing A Designated Router 25
7.2. Finding An IS 27
7.3. Forwarding Across NBMA 27
7.4. Fragmentation Of The DR-Hello 28
7.5. Maintenance Of The Destination Cache 28
7.6. NBMA Configuration Information Included In LSPs 29
8. Packet Formats 29
8.1. Unchanged Packet Formats 30
Perlman (Internet-Draft expires end December 1993) [Page 1]
Internet-Draft Routing over NBMA Links June 1993
8.2. Initial Fields in all the ES-IS and IS-IS SMDS Packets
30
8.3. SMDS ES Hello 32
8.4. SMDS DR-to-ES Hello 33
8.5. SMDS Level 1 IS Hello 33
8.6. SMDS Level 2 IS Hello 35
8.7. Redirect 35
9. Acronyms used in this Specification 37
10. References 37
11. Working Group Information 38
12. Authors' Addresses 38
Perlman (Internet-Draft expires end December 1993) [Page 2]
Internet-Draft Routing over NBMA Links June 1993
1. Status of this Memo
This document is an Internet Draft describing how to run
connectionless network layer protocols, and in particular,
Integrated IS-IS, ES-IS, and CLNP over Multiaccess nonbroadcast
links (NBMAs). A previous version was originally written for
SMDS; however, the concepts apply equally well to other
"clouds", like ISDN, X.25, or even a backbone WAN network
running some network layer protocol. This is not directly
applicable to frame relay, however, since frame relay does not
have true addressing. Frame relay is really just a collection
of point to point links. Although the previous document was
originally written for connectionless OSI network layer
protocols (CLNP, ES-IS, and IS-IS), the concepts (other than use
of embedded DTE addresses) apply to other connectionless network
layer protocols (for instance, IP) as well. This document is
significantly revised from the original to be more general, both
in terms of type of NBMA link and in terms of type of network
layer running over it.
Internet Drafts are working documents of the Internet
Engineering Task Force (IETF), its Areas, and its Working
Groups. Note that other groups may also distribute working
documents as Internet Drafts.
Internet Drafts are draft documents valid for a maximum of six
months. This Internet draft expires at the end of December 1993.
Internet drafts may be updated, replaced, or obsoleted by other
documents at any time. It is not appropriate to use Internet
Drafts as reference material or to cite them other than as a
"working draft" or "work in progress".
Please check the I-D abstract listing contained in each Internet
Draft directory to learn the current status of this or any other
Internet Draft.
This is a draft document of the ISIS working group.
Distribution of this memo is unlimited. Please send comments to
the ISIS working group:
isis@merit.edu
2. Abstract
This document assumes basic familiarity with CLNP, ES-IS, IS-IS,
ARP, and IP. The design in this document attempts to minimize
routing control traffic and manual configuration. The issues
involve judicious use of CLNP addressing whenever possible,
Perlman (Internet-Draft expires end December 1993) [Page 3]
Internet-Draft Routing over NBMA Links June 1993
protocol differentiation (also sometimes called encapsulation)
for coexistence with other protocols running over the NBMA,
enabling ESs to find an active IS, enabling ISs to find each
other, optimizing routes across NBMA (eliminating double-hopping
across NBMA), and efficient and reliable distribution of LSPs
(link state packets) across NBMA.
3. Conventions
The following language conventions are used in the items of
specification in this document:
1. MUST, SHALL, or MANDATORY -- the item is an absolute
requirement
2. SHOULD or RECOMMENDED -- the item should generally be
followed for all but exceptional circumstances
3. MAY or OPTIONAL -- the item is truly optional and may be
followed or ignored according to the needs of the
implementor.
4. Introduction
IS-IS has been designed to operate over point to point links,
and over LANs. NMBA links such as SMDS and X.25 do not fit
either model. An NBMA link is not like a point to point link
because it is multiaccess and requires a data link destination
address. Note that in this document we refer to the address on
the NBMA link as a "data link address" -- providers of the NBMA
might very well refer to the address in the NBMA cloud as a
"network layer address". From the point of view of CLNP or IP
which is running on top of the NBMA, however, the NBMA is a data
link.
An NBMA link is not like a LAN because it is a tariffed service,
costs across it cannot be assumed to be the same for all
destinations, bandwidth use should be more conservative than on
a LAN, and multicast, if provided at all, does not serve the
same function as multicast on a LAN (for instance, in SMDS group
address recipients have to be preconfigured, and there is a
limit to the number of recipients of any SMDS group address).
On NMBA the NBMA individual address of a station is determined
at subscription time by the service provider. Most NMBAs do not
provide multicast at all. SMDS does provide something which
looks deceptively similar to multicast and is called "group
addressing". A group address is assigned by the SMDS service
Perlman (Internet-Draft expires end December 1993) [Page 4]
Internet-Draft Routing over NBMA Links June 1993
provider (in contrast to an 802 LAN, where the multicast
addresses can be known beforehand and specified in the spec),
and the list of the individual members of the group has to be
configured by the service provider (in contrast to an 802 LAN,
where any node can listen to any address). The membership of an
SMDS group cannot change dynamically.
There are three basic pieces to the Network Layer which are
covered by this document. The first is the data packet format
and the addressing structure (both CLNP and IP are discussed).
The second piece is the handshaking protocol between neighbor
ESs and ISs, which enables ISs to keep track of adjacent ESs and
ESs to keep track of at least one IS. It also enables nodes to
keep a correspondence between Network Layer addresses and Data
Link Layer addresses (ARP is discussed, but only to explain why
it is inappropriate in the NBMA case and how to handle IP
without it). The third piece is IS-IS, which is the intra-domain
routing protocol.
The original document specified exact packet formats for use
over SMDS. This document is more conceptual, and will not
specify packets exactly (like giving packet type numbers).
Instead it will specify what needs to be contained in the
packets.
Variable length fields in packets are encoded as "options", with
an octet that specifies the option type, a length field
specifying the length of the data associated with the option,
and a field with the data associated with the option. Option
types with associated data fields that are likely to be very
long are specified with a 2 octet length field. Option types
with data which would not exceed 256 octets are specified with a
1 octet length field.
This specification only relates to ISs (routers) and ESs
(endnodes) directly connected to NBMAs. No changes are required
to ISs and ESs not directly connected to an NBMA.
Note that the packets defined in this document never propagate
beyond the NBMA. They are used for negotiating with neighbors
across the NBMA. Packets that do get forwarded (for instance,
link state packets, data packets) are not affected by this
document, other than the definition of how they are encapsulated
with an NBMA header while traversing NBMA. The packets in this
document have the same packet types and basic function as
packets defined in ES-IS and IS-IS for neighbor handshaking.
However, since neighbor handshaking protocols are technology
dependent, the encoding of the packets for NBMA are different
from the packets defined for 802 LANs or point to point links.
Perlman (Internet-Draft expires end December 1993) [Page 5]
Internet-Draft Routing over NBMA Links June 1993
4.1. CLNP Addresses
There are certain ways in which CLNP addresses can be used that
are particularly convenient for NBMA links. To understand this,
it is necessary to understand a little about CLNP addresses.
A CLNP address consists of:
+--------------------+----------+--------------------+-----+
| IDP | LOC-AREA | ID | SEL |
+--------------------+----------+--------------------+-----+
NBMA addresses are usually X.121 or E.164. There is a mapping
between most NBMA addresses and IDPs. For example, SMDS
addresses are E.164 addresses. The first octet of the IDP
(called the "AFI") in a CLNP address specifies the type of
address encoded in the IDP. One type is an E.164 address.
Therefore it is possible to learn, from the initial portion of
the IDP, that an address is an E.164 address, and examination
further into the IDP can yield information such as country code,
area code, exchange, and finally the entire E.164 address. For
another example, X.25 uses X.121 addresses. There is a value of
the AFI that specifies X.121. The first part of the X.121
address is called the "DNIC" and specifies which X.25 network is
being used, and the rest of the address is an address specific
to that X.25 network.
Level 2 IS-IS routing of CLNP routes to CLNP address prefixes.
Therefore an IS attached to SMDS can be configured to advertise
that it can reach any E.164 address, or be more specific about
addresses by including a longer address prefix. An IS attached
to a particular X.25 network can be configured to advertise that
it can reach any address on that particular X.25 network.
(Note: it is unfortunate that E.164 addresses do not contain the
equivalent of the DNIC to say which network the address resides
on. It would be nice to add to CLNP a new AFI which would mean
"E.164 address plus a "which network" field". The structure of
such an IDP would be new-AFI.whichnet.E.164. The "which net"
field should be 2 octets and globally administered by some
organization. Without that things will still work but routing
might not be optimal and less address aggregation might be
possible.)
4.2. Finding Neighbors across NBMA Links
There are three basic methods for reaching node B across NBMA:
1. Node B's NBMA address is embedded in its network layer
Perlman (Internet-Draft expires end December 1993) [Page 6]
Internet-Draft Routing over NBMA Links June 1993
address
2. Node B's NBMA and network layer address have been
configured, either directly into the node trying to reach
node B, or into a router that will assist a node trying to
reach B by issuing a Redirect or some similar mechanism.
3. Node B's NBMA address has been manually configured into the
node trying to reach node B (or into a router that will
assist as in method 2), and a routing protocol is carried
out in which node B's network layer address is divulged.
Solution 1 requires the least amount of configuration and
protocol overhead. Therefore, it is recommended but not
required that the nodes in a CLNP net attached to NBMA via IS R
use R's NBMA address in their IDP. If a destination's IDP
contains the NBMA address to which packets for that destination
are to be forwarded, communication to that destination is
possible without forwarding by an IS, manual configuration, or
previous routing protocol exchange. If CLNP addresses are not
assigned this way communication is still possible via one of the
other two methods. It is possible to use all three methods in a
particular network. Configuration and protocol overhead savings
is directly proportional to the number of nodes in which
embedded NBMA addresses can be used.
NBMA addresses cannot be embedded in IPv4 addresses (which in
this document we'll simply refer to as "IP" addresses. If IP
addressing is used, then some combination of methods 2 and 3
must be employed.
4.3. Types Of Nodes Attached To NBMA
There are the following types of ESs connected to NBMA:
1. "Simple-ES": A simple ES is one that has its NBMA address
embedded in its network layer address. ISs do not have to
keep track of such an ES, since it will automatically be
reachable. Although a simple-ES need not be continually in
contact with ISs (as would be the case if the ES needed to
keep the network informed of its existence), such an ES
does need to be able to find an IS quickly in the event
that it needs to transmit a packet to an IDP that is not
obviously reachable on the NBMA net. The message that it
sends is an ES Hello. The act of sending the message is
known as "pinging".
Again note that NBMA addresses cannot be embedded in IP
addresses, so no IP nodes can be of type Simple-ES
Perlman (Internet-Draft expires end December 1993) [Page 7]
Internet-Draft Routing over NBMA Links June 1993
Also note that an entire network of nodes might be
connected via a router, R, to NBMA. If all of the nodes
reachable from R have R's NBMA address embedded in their
network layer address, then all the node in that portion of
the network (including R) are Simple-ESs from the point of
view of that NBMA.
2. "Configured-ES": A Configured-ES is an ES that does not
have its NBMA address in its network layer address, but
whose network/NBMA address pair has been configured into
all the nonpassive ISs (see types of ISs) on NBMA. A
configured-ES does not need to keep in contact with ISs,
since all the ISs have been manually configured to know how
to reach the ES. However, as with a Simple-ES, a
Configured-ES does need to be able to find an IS quickly in
the event that it needs to transmit a packet to something
other than a Simple-ES.
3. "Dynamically-Learned ES": A Dynamically-Learned-ES is an ES
that does not fit either category 1 or 2. Therefore, it
needs to find and keep in constant contact with the DR
(Designated Router), in order for the DR to know about the
ES's network layer and NBMA address, and for the DR to
inform the other routers about that ES. It is highly
desirable to avoid the necessity for having any
Dynamically-Learned-ESs since keeping the network informed
about these ESs consumes bandwidth.
There are the following types of ISs:
1. "Passive-IS": A Passive-IS, R, attaches a portion of the
network to NBMA, and the NBMA address of R is embedded in
R's network layer address, and in the network layer address
of all the nodes attached to the NBMA through R. From the
point of view of all the other nodes on NBMA, all the nodes
attachable through R (including R) are Simple-ESs.
As with Simple-ESs, IP addressing does not allow the use of
Passive-ISs. Passive-ISs are only possible with CLNP
addresses.
2. "Configured-Passive-IS": This is analogous to a
Configured-ES. A Configured-Passive-IS is an IS R that,
although it attaches nodes to NBMA that do not have R's
NBMA address embedded in their network layer address, can
still behave like a Passive-IS because all Nonpassive-ISs
on NBMA have been configured with the address prefixes
reachable through R.
3. "Nonpassive-IS": An IS that runs IS-IS. It is possible for
Perlman (Internet-Draft expires end December 1993) [Page 8]
Internet-Draft Routing over NBMA Links June 1993
an IS to be configured to be a Nonpassive-IS even if all
the nodes it can reach off NBMA have the appropriate
network layer address. In most cases, however, this would
be undesirable, since running IS-IS consumes bandwidth. In
general, the Nonpassive-ISs will be those that attach a
portion of the CLNP network to the NBMA that is too
topologically complex to exploit embedded NBMA addresses,
or attaches a portion of the IP network with a large and
dynamically changing set of IP addresses, so that
configuration is less desirable than protocol exchange.
4.4. ES-IS For NBMA
Note that only CLNP uses ES-IS. On 802 LANs, the equivalent IP
protocol is ARP. We'll discuss IP endnodes on NBMA in the next
section.
ES-IS for NBMA is functionally similar to ES-IS for 802 LANs.
It is necessary for the ESs to find an IS and for the ISs to
find all the Dynamically Discovered ESs. The difference is that
on 802 LANs, ESs continually multicast to the ISs, and the ISs
continually multicast to the ESs. This is undesirable on SMDS
since it consumes too much bandwidth. Simple-ESs and
Configured-ESs will not require periodic exchange of Hello
messages. Instead, a Simple-ES will be configured with a set of
addresses for reaching ISs, and will send a message requiring a
reply to that set of addresses when the need for an IS arises.
A Dynamically-Learned-ES will need to periodically send ES
Hellos to a Nonpassive-IS, since otherwise the network will not
know how to route to that ES. Since the ES must know whether its
ES Hello is reaching an IS, the IS will have to periodically
reassure the ES that it is up and receiving the ES Hellos.
Therefore ES-IS for a Dynamically-Learned-ES is very similar to
ES-IS for 802 LANs. On an 802 LAN, the ES periodically sends ES
Hellos to the multicast "all-ISs". In the NBMA case the ES,
once it finds the DR, only sends a single ES Hello, and it sends
it to the DR (periodically). The DR periodically sends IS
Hellos to that ES. The way the ES finds the DR is that the ES
initially sends to some configured set of addresses of ISs. An
IS other than the DR that receives an ES-Hello transmits a Hello
Redirect, redirecting that ES to the DR's NBMA address. The ES,
as a result of receiving the Hello Redirect, sends an ES Hello
to the indicated SMDS address, which will cause the DR to start
transmitting DR-ES Hellos to the ES. An ES that is receiving
DR-ES Hellos transmits ES Hellos only to the NBMA address from
which it is receiving DR-ES Hellos.
In order for a Dynamically-Learned-ES and the DR to find each
Perlman (Internet-Draft expires end December 1993) [Page 9]
Internet-Draft Routing over NBMA Links June 1993
other, at least one of the following must have occurred:
1. the ES will have been configured with NMBA addresses for
reaching ISs, and the DR receives messages on one of those
configured addresses, or an IS which is currently up has
received the ES's Hello and sent a Hello Redirect
2. at least one IS that is currently up has been configured
with an NBMA address which that ES receives.
Both mechanisms are provided to allow the flexibility of
configuration at the ES, configuration at the ISs, or some
combination.
Note that the configuration information for Configured-ESs is
different from the configuration information for
Dynamically-Learned-ESs. The configuration information at an IS
for a Dynamically-Learned-ES is an NBMA address that will reach
that ES. It might be an NBMA group address that will reach that
ES and many others (SMDS is the only NBMA that provides a form
of group addresses) or it might be an NBMA individual address.
Information for Dynamically-Learned-ESs may be configured into
only a subset of ISs (and possibly none of the ISs provided that
the Dynamically-Learned-ES has been configured with NBMA
addresses for reaching ISs). In contrast, information for
Configured-ESs must be configured into every Nonpassive-IS, and
it consists of the unicast NBMA address, CLNP address pair for
that ES.
The other part of ES-IS on 802 LANs involves having ISs sending
Redirect messages, and ESs keeping a cache of (destination
Network Layer address, Data Link address to forward to)
correspondence. That portion of ES-IS will remain the same on
NBMA, although Redirects will also be sent to ISs, and ISs will
also keep Redirect caches.
4.5. IP Endnodes on NBMA
Note: This is a section that got added hurriedly so review this
carefully!
On 802 LANs, the equivalent protocol to ES-IS for IP is ARP.
There have been proposals to use ARP over NBMA by persuading the
NBMA provider to support a form of multicast (as in SMDS). The
proposal in this document does not depend on a multicast
capability provided by the NBMA, and may result in less traffic
over the NBMA than an approach based on ARP. Furthermore, this
proposal may be more convenient since adding a listener to a
multicast group in SMDS involves informing the service provider
Perlman (Internet-Draft expires end December 1993) [Page 10]
Internet-Draft Routing over NBMA Links June 1993
and waiting for them to update their group address lists. With
this proposal a new node can be added more quickly and
conveniently.
An IP endnode on NBMA would be configured with a mask of
255.255.255.255, so that it would assume nothing was a direct
neighbor on NBMA. It would find an IS through the method in the
previous section (i.e., having a set of NBMA addresses for
reaching routers, and pinging those addresses to find an IS).
Because IP addressing does not allow embedded NBMA addresses,
there cannot be an IP endnode which is a Simple-ES. However, it
is possible to have a Configured-ES, with the same rule -- that
all the nonpassive ISs have to have been configured with the
IP/NBMA address of the ES. Dynamically Discovered IP ESs will
have to periodically send ES Hellos to the Designated Router.
To prevent all packets from being forwarded across the NBMA to
the DR, the DR will send Redirects. The Redirect message
defined in ICMP does not contain the data link address --
instead it contains the IP address of, presumably, a different
router. The ES receiving a Redirect must then do an ARP to find
the data link address. This mechanism will not work on NBMA,
since it depends on the ability to broadcast an ARP. Therefore
the Redirect message sent to an IP node must contain an NBMA
address. And a Redirect will not necessarily redirect to
another router -- it might redirect to the destination ES, if
that also resides on the NBMA.
4.6. IS-IS On NBMA
There are two parts of IS-IS relevant to NBMA:
1. how all the ISs find each other and elect a Designated
Router
2. how LSPs are reliably and efficiently broadcast across NBMA
4.6.1. ISs Finding Each Other
On 802 LANs, ISs find each other by multicasting IS Hellos to a
multicast address that does not need to be manually configured
because it is a predefined number and appears in the
specification of IS-IS. This is not possible in NBMA. Even in an
NBMA like SMDS that provides a multicast function, the actual
SMDS group address is assigned by the SMDS provider.
Perlman (Internet-Draft expires end December 1993) [Page 11]
Internet-Draft Routing over NBMA Links June 1993
This design allows but does not require use of an NBMA multicast
facility, if it exists. We will assume that there are zero or
more NBMA group addresses assigned for reaching ISs (in SMDS
there are a limited number of recipients for an SMDS group
address). Each IS will be configured with a set of addresses for
reaching other ISs. The configured addresses can be any mixture
of NBMA individual and NBMA group addresses. By exchanging IS
Hellos, the ISs eventually decide upon a Designated Router, and
thereafter all ISs send IS Hellos only to the DR, and the DR
sends IS Hellos to all the ISs, listing in the IS Hellos all the
other ISs that are up.
4.6.2. Reliable And Efficient LSP Distribution Across NBMA
An NBMA IS that has an LSP to transmit across NBMA unicasts the
LSP to the DR. The DR transmits it to all the ISs. There are no
explicit acknowledgments. Instead, the DR periodically transmits
CSNPs, which summarize the state of the LSP database. If based
on the CSNP an IS discovers a discrepancy between its own LSP
database and the DR's, the IS retransmits the missing LSP to the
DR or requests the DR's LSP, as appropriate.
Note that there are really two models for sending LSPs across
NBMA. The one in the previous model is the one used by IS-IS on
802 LANs. The other possibility is the model used by OSPF on
802 LANs. OSPF has a router send the LSP to the DR, the DR send
the LSP to all the routers on the LAN, and each router sends an
acknowledgment to the DR. The DR is responsible therefore for
keeping track, per neighbor, of which ones have acknowledged
which LSPs. There is an engineering tradeoff between the two
approaches. If there are many ISs, and new LSPs arrive
reasonably frequently, then the CSNP mechanism will be more
efficient. If there are few ISs, and LSPs happen very
infrequently, then the OSPF mechanism will be more efficient.
However, since LSPs need to be sent periodically, on the order
of every 1/2 hour, we feel the overhead of the periodic CSNP is
justified, and the CSNP mechanism is probably simpler and more
robust since it involves keeping less state.
4.7. Packet Encapsulation
There has to be a method of distinguishing packets from
different protocols. Some links (such as Ethernet) provide a
protocol type field, administered by the standards body that
defines the link. Unfortunately, many NBMAs (X.25 and SMDS, for
two examples) do not provide a protocol type field. There are
various conventions that could be made:
Perlman (Internet-Draft expires end December 1993) [Page 12]
Internet-Draft Routing over NBMA Links June 1993
1. A protocol type field could be invented as the first part
of what the NBMA views as the "data" field. Some authority
would need to assign protocol type values, or the
convention could be, for instance, to use Ethernet protocol
types. Unfortunately, not all protocols have been assigned
an Ethernet protocol type.
2. IEEE believes in SAPs, but actually uses SAPs like protocol
types. But given that only 6 bits are assignable, very few
protocols can have SAP values assigned. There is one SAP,
known as the "SNAP SAP" which means "other", and when DSAP
and SSAP=SNAP, there is a 5 byte protocol type field. Some
protocols have 5 byte protocol types. Protocols that have
2 byte Ethernet types assigned can use SAP encoding by
using a 5 byte SAP consisting of the 2 byte Ethernet
protocol type concatenated with 3 bytes of 0.
The convention is that 802.2 encapsulation is used for protocols
running on SMDS. OSI CLNS has a SAP assigned, so the data
portion of the SMDS packet will have the fields:
1. DSAP (1 octet) = fe hex
2. SSAP (1 octet) = fe hex
3. CTL (1 octet) = 3
4. Start of CLNS packet -- NLPID is the first octet, which is
81 hex for CLNP, 82 hex for ES-IS and 83 hex for IS-IS.
I do not know if IP has a SAP assigned. If not, it will have
DSAP=SSAP=aa hex (SNAP SAP), CTL=3, and protocol type = 3 bytes
of 0 followed by the protocol type assigned to IP for Ethernet.
For NBMA other than SMDS, say X.25, I do know know what
encapsulation convention has been made.
4.8. Security
In order to prevent an unauthorized node on NBMA from sending
messages claiming to be an IS or ES, it must be possible to
configure the nodes on NBMA to require a password before
believing a node to be a valid neighbor. The link to NBMA is
configured with a password to include in a Hello message or
Hello Redirect, as well as a set of passwords acceptable in a
received Hello message or Hello Redirect. If no transmit
password is configured, then the password option is not included
in the packet. If no receive passwords are configured, then the
Perlman (Internet-Draft expires end December 1993) [Page 13]
Internet-Draft Routing over NBMA Links June 1993
password option, if it appears in a received Hello or Hello
Redirect message, is ignored.
An ES is configured with a single transmit password, and a set
of receive passwords acceptable in a received IS to ES Hello or
Hello Redirect. A level 1 IS is configured with a transmit
password to be included in the level 1 IS Hello and Hello
Redirect and a (potentially different) password to be included
in the IS to ES Hello and a Hello Redirect sent to an ES. It is
also configured with a set of receive passwords acceptable in ES
Hellos, and a set of receive passwords acceptable in level 1 IS
Hellos and Hello Redirects. A level 2 IS configured to consider
the NBMA network as level 2 only is configured with a single
transmit password for level 2 IS Hellos and Hello Redirects, and
a set of receive passwords acceptable in received level 2 IS
Hellos and Hello Redirects. A level 2 IS that considers the NBMA
net as both level 1 and level 2 has the configuration for both
level 1 and level 2. It is possible for passwords to be the same
(for instance, the receive and transmit password can be the
same, and/or the level 1 and level 2 passwords can be the same).
Security can be added to an existing deployed network running on
NBMA without disruption. For example, assume the level 1 ISs in
a network are running without any password checking. That means
that no level 1 ISs are configured with transmit or receive
passwords. All nodes are therefore transmitting Hellos and Hello
Redirects without the password option, and are all ignoring the
password option in received Hellos and Hello Redirects. To add a
password, the network manager must configure all nodes, one by
one, to transmit a particular password. Then, after all nodes
have been configured to transmit the password, configure the
receive password set in each IS, one by one, to be the specified
password.
Note that an intruder cannot fool existing nodes to transmit the
password. An IS sends the password only in a Hello message
transmitted to an NBMA address it has been configured to
transmit to, or to an NBMA address it has been informed of by a
node it already trusts (because of having received a valid
password from the node in a Hello or a Hello Redirect, or having
been configured with its address, or because of having been told
of its NBMA address in a Hello message with a valid password).
An intruder can do some damage by sending data Redirect
messages. Adding a password to the data Redirect message has
some problems:
1. The data message does not contain a password, and it would
therefore be possible for an intruder to trick an IS into
sending a Redirect message (containing a password), by
Perlman (Internet-Draft expires end December 1993) [Page 14]
Internet-Draft Routing over NBMA Links June 1993
sending it a data message it will need to forward.
2. It must be possible to believe a Redirect from an IS in a
different area. It is not advisable to require nodes to be
configured with passwords from other areas.
For these reasons, there is no password in the data Redirect.
Instead the following mechanism is provided. Assume node N
receives a Redirect from NBMA address A advising N to forward
traffic for destination D to NBMA address B. N must reject the
Redirect unless A is the NBMA address to which N would transmit
packets with destination address D.
As a performance optimization, if N is an ES that has the null
set as the configured set of receive passwords, or an IS with
the null set as the configured set of IS receive passwords
(level 1 or level 2), then N may skip the validity check on the
data Redirect.
5. Configuration Information
5.1. Simple-ES, Configured-ES, Passive-IS, Configured-Passive-IS
The following information must be configured into ESs and ISs of
types Simple-ES, Configured-ES, Passive-IS, or
Configured-Passive-IS that are attached to NBMA.
1. Set of NBMA addresses for reaching ISs. Each of these
addresses may be an NBMA group address or an NBMA
individual address.
2. (CLNP ESs only) Set of CLNP address prefixes reachable on
NBMA
a. CLNP address prefix
b. flag indicating NBMA address is to be extracted from
the IDP, or if flag is false, an NBMA address or set of
NBMA addresses to which packets for that CLNP address
prefix is to be forwarded
3. Minimum time (in seconds) between pings of any one
configured NBMA address for reaching ISs
4. Time (in seconds) to give up on one NBMA address for
finding an IS and switching to pinging the next one on the
list
Perlman (Internet-Draft expires end December 1993) [Page 15]
Internet-Draft Routing over NBMA Links June 1993
5. Transmit password -- a variable length value to be included
in ES Hellos. If no password is configured (or a null
password is configured), the password option is not
included in ES Hellos.
6. Set of receive passwords -- a set of variable length
values. If none are configured (the set is the null set),
then the password option, if it is included in received IS
Hellos and Hello Redirects, is ignored. If the set is not
null, then one of the values must appear in a received IS
Hello or Redirect or the message will be discarded as
invalid.
5.2. Dynamically-Learned-ESs
1. Set of NBMA addresses for reaching ISs. Each of these
addresses may be an NBMA group address or an NBMA
individual address.
2. (CLNP ESs only) Set of CLNP address prefixes reachable on
NBMA
a. CLNP address prefix
b. flag indicating NBMA address is to be extracted from
the IDP, or if flag is false, an NBMA address or set of
NBMA addresses to which packets for that CLNP address
prefix is to be forwarded
3. Hello Timer. Number of seconds between transmission of
Hello Messages by this ES.
4. (SMDS only) SMDS Group address (if any) that this node
receives packets on, as an ES.
5. (CLNP only) Flag as to whether to send Level 1 ES Hello or
Level 2 ES Hello
6. If Level 2 ES Hello, a set of CLNP address prefixes to
advertise
7. Transmit password -- a variable length value to be included
in ES Hellos. (optional)
8. Set of receive passwords -- a set of variable length
values. If none are configured (the set is the null set),
then the password option, if it appears in a received IS
Hello or Hello Redirect, is ignored. If the set is not
null, then one of the values must appear in a received IS
Perlman (Internet-Draft expires end December 1993) [Page 16]
Internet-Draft Routing over NBMA Links June 1993
Hello or Hello Redirect or the message will be discarded as
invalid.
5.3. Nonpassive-ISs
The following information must be configured into Nonpassive-ISs
that are attached to NBMA, with the following exceptions. If an
IS is a level 1 IS, the fields corresponding to level 2
information are not configured. If an IS is a level 2 IS, then
the relevant configuration information depends on how the link
is configured. If the link is configured as "level 2 only", then
only the level 2 information applies. Otherwise, both the level
1 and level 2 information is applicable.
1. Link type: either "level 2 only" or "both level 1 and level
2". (If the IS is a level 1 only IS, then "both level 1 and
level 2" just means level 1.)
2. CLNP Level 1 Configured-ES addresses. Each entry contains:
a. ID, ID length octets (ID length is a constant for the
routing domain and is most likely equal to 6)
b. NBMA address
3. IP Confingured-ES addresses. Each entry contains:
a. IP address, 4 octets
b. NBMA address
4. Preconfigured CLNP Address Prefixes
a. CLNP address prefix
b. flag indicating NBMA address is to be extracted from
the IDP, or if flag is false, an NBMA address or set of
NBMA addresses to which packets for that CLNP address
prefix is to be forwarded
5. Link Costs. Each entry contains:
a. NBMA address prefix length specified in number of bits,
1 octet
b. NBMA address prefix
c. Cost from this node to a node with the above NBMA
address prefix
Perlman (Internet-Draft expires end December 1993) [Page 17]
Internet-Draft Routing over NBMA Links June 1993
The cost across NBMA to a particular NBMA address S is the
cost configured for the longest NBMA address prefix that
matches S.
6. (SMDS only) Level 1 IS SMDS Group Address. The SMDS group
address this node receives packets on as a level 1 IS, 8
octets. This field configured to 0 means this node is not a
member of a multicast group for receiving level 1 routing
information
7. (SMDS only) Level 2 IS SMDS Group Address. The SMDS group
address this node receives packets on as a level 2 IS, 8
octets. This field configured to 0 means this node is not a
member of a multicast group for receiving level 2 routing
information.
8. Priority for becoming Level 1 designated router, 1 octet
9. Priority for becoming Level 2 designated router, 1 octet
10. ES NBMA addresses. NBMA addresses (individual and/or group)
for reaching Dynamically Discovered ESs. Each entry
consists of:
a. NBMA address
11. Level 1 IS NBMA addresses. NBMA addresses (individual
and/or group) for reaching other level 1 ISs. Each entry
consists of:
a. NBMA address
12. Level 2 IS NBMA addresses. NBMA addresses (individual
and/or group) for reaching other level 2 ISs. Each entry
consists of:
a. NBMA address
13. Level 1 IS to IS Hello Timer -- 2 octets. Time in seconds
between periodic transmission of IS Hello messages to the
level 1 Designated Router (or if this node is the level 1
DR for that area, to all the level 1 ISs in that area)
14. Level 2 IS to IS Hello Timer -- 2 octets. Time in seconds
between periodic transmission of IS Hello messages to the
level 2 Designated Router (or if this node is the level 2
DR, to all the level 2 ISs)
15. IS to ES Hello Timer -- 2 octets. Time in seconds between
transmission of Hello messages to the ESs on NBMA which
Perlman (Internet-Draft expires end December 1993) [Page 18]
Internet-Draft Routing over NBMA Links June 1993
have transmitted ES Hellos, which is only relevant if this
node is Designated Router. If this node is level 1 DR, then
DR to ES Hellos are transmitted to those ESs that have
transmitted level 1 ES Hellos. If this node is level 2 DR,
then DR to ES Hellos are transmitted to those ESs that have
transmitted level 2 ES Hellos (which advertise CLNP address
prefixes).
16. Redirect cache holding timer -- 2 octets. The value to put
into Redirect messages as the holding timer.
17. Level 1 IS Transmit password -- a variable length value to
be included in level 1 IS Hellos and Hello Redirects.
(optional)
18. Level 1 IS set of receive passwords -- a set of variable
length values. If the set is the null set then the password
option, if it appears in a received Level 1 IS Hello and
Hello Redirect, is ignored. If the set is not null, then
one of the configured values must appear in a received IS
Hello or Hello Redirect or the packet will be discarded as
invalid.
19. ES set of receive passwords -- a set of variable length
values. If the set is the null set, then the password
option (if it appears) in received ES Hellos is ignored. If
the set is not null, then one of the configured values must
appear in a received ES Hello or the ES Hello will be
discarded as invalid.
20. ES Transmit password -- a variable length value to be
included in the DR to ES Hello and Hello Redirect.
(optional)
21. Level 2 Transmit password -- a variable length value to be
included in level 2 IS Hellos and Hello Redirects.
(optional)
22. Level 2 Set of receive passwords -- a set of variable
length values. If the set is the null set, then the
password option (if it appears) in received Level 2 IS
Hellos and Hello Redirects is ignored. If the set is not
null, then one of the values must appear in a received
Level 2 IS Hello or Hello Redirect or the packet will be
discarded as invalid.
23. Time for remembering a manually configured ES or IS NBMA
address reported in an IS-Hello in option types 1 or 3.
This is used only by the DR (but must be configured into
all ISs, since any IS might become DR). It is 1 octet,
Perlman (Internet-Draft expires end December 1993) [Page 19]
Internet-Draft Routing over NBMA Links June 1993
specified in minutes, with a default of 10. If no IS has
reported an NBMA address in option types 1 or 3 in an
IS-Hello the DR has received within this amount of time,
that address is discarded from the DR's dynamic database of
configured addresses reported by IS neighbors.
6. Databases
6.1. Kept By Simple-ES, Configured-ES, Passive-IS, And
Configured-Passive-IS
1. Active IS Information
a. NBMA address
b. Holding Timer
c. Time since cache entry verified, either by receipt of
IS Hello or receipt of data packet forwarded from that
NBMA address
2. Backup Active IS Information (other ISs that answered the
ping)
a. NBMA address
b. Holding Timer
c. Time since cache entry verified, either by receipt of
IS Hello or receipt of data packet forwarded from that
NBMA address
3. IS NBMA addresses pinged -- for each configured NBMA
address for reaching nonpassive ISs, a timestamp as to when
a ping was last sent to that address
4. Destination cache
a. Network Layer addresses. This takes the form:
(1) In the case of CLNP it takes the form of a CLNP
address prefix (or optionally, for implementation
simplicity, complete NSAP address)
(2) In the case of IP it takes the form of an IP
(address, mask) pair (or optionally, for
implementation simplicity, merely a 32 bit IP
address)
Perlman (Internet-Draft expires end December 1993) [Page 20]
Internet-Draft Routing over NBMA Links June 1993
b. Set of NBMA addresses for reaching network layer
addresses that match this prefix or address,mask pair,
with a pointer indicating which one was chosen most
recently in the round robin use of the preconfigured
set of NBMA addresses. Once traffic is received from an
NBMA address, the set of addresses is replaced by the
single NBMA address.
c. Time since entry verified by incoming message (data
message from the CLNP address/NBMA pair stored in this
entry, or receipt of a Redirect with that pair
specified)
6.2. Kept By Dynamically-Learned ES
1. Designated Router Information
a. NBMA address
b. Holding Timer
c. Time since DR-ES Hello received
2. Destination cache
a. Network Layer addresses. This takes the form:
(1) In the case of CLNP it takes the form of a CLNP
address prefix (or optionally, for implementation
simplicity, complete NSAP address)
(2) In the case of IP it takes the form of an IP
(address, mask) pair (or optionally, for
implementation simplicity, merely a 32 bit IP
address)
b. Set of NBMA addresses for reaching network layer
addresses that match this prefix or address,mask pair,
with a pointer indicating which one was chosen most
recently in the round robin use of the preconfigured
set of NBMA addresses. Once traffic is received from an
NBMA address, the set of addresses is replaced by the
single NBMA address.
c. Time since entry verified by incoming message (data
message from the CLNP address/NBMA pair stored in this
entry, or receipt of a Redirect with that pair
specified)
Perlman (Internet-Draft expires end December 1993) [Page 21]
Internet-Draft Routing over NBMA Links June 1993
6.3. Kept By Level 1 ISs
Note that in the usual case all CLNP ISs on NBMA will be level 2
ISs, because they will have different IDPs (since the
recommended use of CLNP addressing over NBMA is to use the NBMA
point of attachment as the IDP). However, in certain rare cases,
such as running with DECnet Phase IV compatible addresses it may
be convenient to assign addresses such that running level 1
IS-IS over NBMA makes sense.
1. Designated Router information (kept by ISs other than the
DR) -- information from DR's IS Hello, plus
a. NBMA address
b. Holding Timer
c. Time since Hello Received from DR
2. Adjacency Information for NBMA neighbors (kept by ISs other
than the DR) -- This information is received from the DR-IS
Hello. It includes the CLNP ID/NBMA address correspondence
for all nodes in the area reachable across NBMA
3. Flags for which Level 1 LSPs need to be transmitted over
NBMA
4. Redirect Database (for getting rid of extra hop
suboptimality on NBMA)
a. CLNP address prefix, or IP address, mask pair
b. NBMA address
c. holding timer
d. Time since entry verified by incoming message.
6.4. Kept By Level 2 ISs
Note that a level 2 IS is also a level 1 IS, so it keeps both
databases, unless the NBMA circuit is marked "level 2 only"
1. Designated Router information (kept by ISs other than the
DR) -- information from DR's IS Hello, plus
a. NBMA address
b. Holding Timer
Perlman (Internet-Draft expires end December 1993) [Page 22]
Internet-Draft Routing over NBMA Links June 1993
c. Time since Hello Received from DR
2. Adjacency Information for NBMA neighbors (kept by ISs other
than the DR) -- This information is received from the DR-IS
Hello. It includes the CLNP ID/NBMA address correspondence
for all nodes in the area reachable across NBMA.
3. Flags for which Level 2 LSPs need to be transmitted over
NBMA
4. Redirect Database (for getting rid of extra hop
suboptimality on NBMA)
a. CLNP address prefix or IP address, mask pair
b. NBMA address
c. holding timer
d. Time since entry verified by incoming message.
6.5. Additional Information Kept By Designated Router
(Note that in the case of a level 2 IS that has the circuit
marked as "both level 1 and level 2") it will have two copies of
this database, one for level 1 and one for level 2
1. Dynamically Discovered Neighbor ESs
a. NBMA address
b. Network Layer address. In the case of CLNP this is a
set of CLNP IDs (if level 1), or set of CLNP address
prefixes (if level 2). Address prefixes are variable
length, up to 20 octets. In the case of IP, it is an
IP address, mask pair. The mask will be
255.255.255.255 if the ES is really an ES. It may be
different from 255.255.255.255 is the "ES" is really a
passive IS.
c. Holding Timer
d. Time since Hello received
e. NBMA group address this ES receives messages on (if
any)
2. IS Neighbors
Perlman (Internet-Draft expires end December 1993) [Page 23]
Internet-Draft Routing over NBMA Links June 1993
a. unicast NBMA address for this IS neighbor (discovered
based on the source address in the NBMA header of the
IS Hello received from this IS)
b. ID
c. Holding Timer
d. Time since Hello Received
e. NBMA group address this IS neighbor receives messages
on (if any)
f. Cost of the link across NBMA to this neighbor IS
3. If level 1, L1-IS-NBMA-BROADCAST-ADDRESSES. If level 2,
L2-IS-NBMA-BROADCAST-ADDRESSES. The minimal set of NBMA
addresses that will reach all ISs of the appropriate level.
This includes all manually configured NBMA addresses as
configured into the DR or received by the DR in IS Hellos
(in option type 1), that will reach all ISs. All reported
and configured NBMA group addresses are included, and any
NBMA individual addresses for ISs that are not known to be
included in any of the multicast groups are included.
4. ES-NBMA-BROADCAST-ADDRESSES. The minimal set of NBMA
addresses that will reach all the Dynamically-Learned ESs
from which ES Hellos have been received. This is the set of
NBMA addresses reported in received IS Hellos (in option
type 3), plus NBMA unicast addresses from which ES Hellos
are received, minus those unicast addresses from ESs that
report reachability via an NBMA group address, plus any
NBMA group addresses advertised in ES Hellos.
5. Manually configured NBMA addresses for ISs, as discovered
through option type 1 in received IS-Hellos. Each entry
contains:
a. NBMA address
b. Most recent time that address was reported in any
received IS Hello
6. Manually configured NBMA addresses for ESs, as discovered
through option type 3 in received IS-Hellos. Each entry
contains:
a. NBMA address
b. Most recent time that address was reported in any
Perlman (Internet-Draft expires end December 1993) [Page 24]
Internet-Draft Routing over NBMA Links June 1993
received IS Hello
7. Protocols
7.1. Electing A Designated Router
Election of a DR is done independently in each area on NBMA, and
among the level 2 ISs on NBMA. The protocol assumes each IS is
configured with some number of addresses of neighbor ISs, but
that no such list is necessarily complete. The configured
addresses can be NBMA group addresses and/or NBMA individual
addresses. One IS gets elected Designated Router. The DR
transmits DR-IS-Hellos periodically to all configured NBMA
addresses for ISs, which are those that it has been configured
with as well as others it learns about through received
IS-Hellos. All ISs other than the DR transmit an IS-Hello
periodically, but only to the DR. The DR includes in its
DR-IS-Hello a list of all the ISs on NBMA.
This protocol minimizes IS Hello traffic, and allows incomplete
configuration (for instance, it allows a new IS to be installed
by merely configuring the new IS with the NBMA address of any
other IS).
Each IS starts out assuming it is DR. An IS that thinks it is DR
transmits DR-IS-Hellos periodically to each of its manually
configured NBMA addresses for IS neighbors. It also receives
IS-Hellos from other ISs, which contain the NBMA addresses those
ISs have been manually configured with to reach IS neighbors.
The DR combines all these addresses and transmits DR-IS-Hellos
to all of those addresses, plus all the NBMA addresses from
which it receives IS-Hellos, with one exception. Since some of
the manually configured addresses might be NBMA group addresses,
some ISs might receive multiple copies of the DR-IS-Hellos,
which would be wasteful. Therefore the IS-Hello contains the
NBMA group address (if any) that the transmitting IS receives
messages on. Then the DR can eliminate NBMA unicast addresses
that are already being covered by any NBMA group addresses in
the set.
An IS stops thinking itself DR if it receives a DR-IS-Hello from
an IS "more qualified" to be DR (which is based on ID and
configured priority). An IS that thinks some other IS is DR
stops sending DR-IS-Hellos and instead sends IS-Hellos, and only
to the IS it thinks is the DR.
One additional message is a "Hello-Redirect". This is
transmitted by an IS R1, that thinks IS R2 is DR. R1 transmits a
Perlman (Internet-Draft expires end December 1993) [Page 25]
Internet-Draft Routing over NBMA Links June 1993
"Hello-Redirect" in response to receiving an IS-Hello from R3
(since R3 sent an IS-Hello to R1, that means that R3 thinks R1
is DR). The Hello-Redirect informs R3 that R2's NBMA address is
really the DR. When R3 receives the Hello-Redirect, it transmits
a single IS-Hello to the NBMA address in the Hello-Redirect, but
does not otherwise change its perception of the DR. Only after
it receives a DR-IS-Hello from R2 will R3 change its perception
of the DR.
The protocol is as follows:
1. If a DR other than SELF is known, periodically (IS to IS
Hello Timer) transmit IS-Hello messages to the DR. The
IS-Hello contains the transmitting IS's NBMA individual
address (the source address in the NBMA header), an NBMA
group address on which it receives messages (if any), and
the NBMA addresses (group and/or individual) it was
configured with for reaching IS neighbors.
2. If the Holding Timer expires without receipt of a
DR-IS-Hello from the DR, delete all information about the
DR and assume SELF is DR.
3. If IS R1 which thinks R2 is DR receives an IS-Hello from
R3, R1 sends R3 a Hello-Redirect, informing R3 about R2.
4. If IS R3 receives a Hello-Redirect, informing it of R2, R3
transmits a single IS-Hello to R2, but does not change any
of its state about the DR.
5. If IS R1 which thinks R2 is DR receives a DR-IS-Hello from
R4, and R4 has a higher priority for becoming DR than R2
(based on ID and priority), then R1 deletes the information
about R2 and keeps R4 as DR.
6. If IS R1 thinks itself to be DR, it combines all the
configured NBMA addresses for ISs that it either was
configured with or that it learned through IS-Hello
messages. It adds to that set the NBMA addresses from which
it receives IS-Hellos. It then deletes from the set of
unicast addresses, those NBMA addresses of ISs that claim
to be included in an NBMA group address in the set. This
list of addresses is the one that R1 periodically transmits
DR-IS-Hello messages to. It is called the
IS-NBMA-BROADCAST-ADDRESSES.
The DR inserts into its DR-IS Hello a list of the ID, NBMA
address pairs of each IS from whom it has recently received
an IS-Hello. This list is used so that ISs other than the
DR can forward to each other directly over NBMA (i.e., they
Perlman (Internet-Draft expires end December 1993) [Page 26]
Internet-Draft Routing over NBMA Links June 1993
can know the NBMA address associated with their neighbor
ISs).
7.2. Finding An IS
Simple-ESs, Configured-ESs, Passive-ISs, and
Configured-Passive-ISs do not maintain continual contact with a
non-passive IS, as nonpassive ISs and Dynamically-Learned ESs
do. They find an IS on an as-needed basis by "pinging". They are
configured with a set of NBMA addresses (group and/or
individual) for reaching ISs. When they need an IS, they send an
ES Hello (with Holding Timer 0) to each configured address,
round robin, until a reply (in the form of a DR-ES Hello or
Hello Redirect) is received. An ES Hello with holding timer=0 is
known as a "ping".
An IS that receives an ES Hello with Holding Timer equal to 0
replies with a DR-ES Hello (if the receiving IS is the DR) or a
Hello Redirect (if the receiving IS is other than the DR). ES
implementations may choose to store only the NBMA address of the
DR (the one from which a DR-ES is received, or the NBMA address
in received Hello Redirects), or it may choose to store more
NBMA addresses for ISs as backups.
The ISs that receive ES Hellos with Holding Timer=0 reply with a
single packet (DR-ES Hello or Hello Redirect) to the NBMA
address from which the ES Hello was received, but do not
otherwise store information from the received ES Hello.
7.3. Forwarding Across NBMA
Only the DR gets IS Hellos from all the ISs and ES Hellos from
all the dynamically discovered ESs. The DR will put the network
layer addresses of all the reachable ESs and ISs in the
pseudonode LSP, so all the nonpassive ISs will learn which nodes
are reachable across NBMA. However, the NBMA address will not
appear in the pseudonode LSP. To enable ISs to communicate
directly, the DR's IS Hello will include the ID, NBMA address
pairs of all ISs. It will not include all the dynamically
discovered ESs in the Hello, however. Instead an IS other than
the DR that needs to transmit to a dynamically discovered ES
will first transmit to the DR, and then receive a Redirect.
The reason the DR-IS Hello contains a list of ISs but not ESs is
that it is more important to quickly learn about ISs that have
gone down than ESs. If a Redirect cache entry for an ES no
longer works, it means the ES is unreachable, whereas if an IS
goes down, any Redirect cache entries indicating traffic should
Perlman (Internet-Draft expires end December 1993) [Page 27]
Internet-Draft Routing over NBMA Links June 1993
be forwarded to that IS become black holes for destinations that
might be reachable through a different IS.
7.4. Fragmentation Of The DR-Hello
The DR-IS Hello might become very large due to its including the
IS Adjacency information, which is the list of ID, NBMA address
pairs of all the IS adjacencies on NBMA.
The DR-IS Hello is encoded so that partial information can
appear and be processed. This is done by including an address
range when list of addresses appears. Then receiving ISs can
adjust the portion of their adjacency database or NBMA transmit
list that is included in that range, based solely on the
information in one DR-IS Hello fragment.
7.5. Maintenance Of The Destination Cache
Assume a packet is received with destination D, either from
Transport or from a link (in the case of an IS).
1. (only relevant if packet arrived from Transport and the
Transport/Network Layer interface allows a notification by
Transport that it is not successfully communicating with
that destination). If Transport indicates a problem
communicating with D, then delete the cache entry for D. If
no cache entry exists for D, and this node is a simple ES
or passive IS, delete knowledge of the active IS (which
will cause re-pinging to find a new active IS).
2. If a cache entry in the destination cache exists for D,
then
a. if only a single NBMA address is indicated in the
cache, send to that NBMA address
b. if a set of NBMA addresses is given in the cache, find
the one after the one most recently used, update the
round robin pointer, and send to that NBMA address
3. Else (no cache entry exists), if this node is a nonpassive
IS, and a route to D has been learned through the IS-IS
protocol which is of smaller cost or a more specific
address match than any address prefix that matches D that
has been configured for the NBMA circuit, then route
according to the IS-IS learned path.
4. Else (no cache entry exists, no better information has been
Perlman (Internet-Draft expires end December 1993) [Page 28]
Internet-Draft Routing over NBMA Links June 1993
learned through IS-IS), if D matches a configured address
prefix, then
a. if the configuration information indicates the NBMA
address is to be extracted from D's IDP, then extract
the NBMA address and transmit the packet
b. if the configuration information is instead a specific
NBMA address, then transmit the packet to that NBMA
address
c. if the configuration information instead is a set of
NBMA addresses, then make a cache entry for (D, set of
NBMA addresses, round robin pointer). Send the packet
to the first NBMA address in the list and start the
round robin pointer there.
5. Else (no cache entry for D, D does not match any configured
address prefix)
a. if an IS assumed to be active is known, transmit the
packet to that IS's NBMA address
b. Else (no active IS is known), perform the procedure of
pinging the IS addresses. Hold the packet until an IS
responds to the ping, but discard the packet if no
responses are received from any of the ISs.
7.6. NBMA Configuration Information Included In LSPs
If network layer addresses (IDs for level 1 CLNP, address
prefixes for level 2 CLNP, (IP address, mask) pairs for IP) are
manually configured as being reachable across NBMA, they must
appear in LSPs so that ISs that are not connected to NBMA can
reach those addresses. It is wasteful for all the ISs on NBMA to
include those addresses in their LSPs. Therefore, an IS includes
in its LSP only those manually configured addresses that are not
already included in the pseudonode LSP for NBMA. As a result if
all nonpassive ISs on NBMA are configured with the same set of
reachable addresses for NBMA, only the DR will report those
addresses in an LSP (the pseudonode LSP). If the nonpassive ISs
are incompletely configured, then all ISs on NBMA that have been
configured with a reachable address that the DR has not been
configured with will report that reachable address in their LSP.
Redirects will eliminate extra hops across NBMA due to
incompletely configured information.
8. Packet Formats
Perlman (Internet-Draft expires end December 1993) [Page 29]
Internet-Draft Routing over NBMA Links June 1993
8.1. Unchanged Packet Formats
1. CLNP packets (data packet and error report)
2. IP packets (data packets)
3. LSPs (Level 1 and level 2)
4. CSNPs (Level 1 and level 2)
5. PSNPs (Level 1 and level 2)
The remainder of this section describes the ES-IS and IS-IS
Packet formats proposed for SMDS. Packet formats might be
different for different types of NBMA. For instance, the NBMA
address might not be 8 bytes.
8.2. Initial Fields in all the ES-IS and IS-IS SMDS Packets
All the packets start out with the following fields:
# of octets
+---------+
| NLPID | 1
+---------+
| Version | 1
+---------+
| length | 2
+---------+
| Type | 1
+---------+
1. NLPID (Network Layer Protocol ID) will be 82 hex for ES-IS
or 83 hex for IS-IS
2. Version, the constant 1
3. Length, the total length of the CLNS packet
4. Type, the type of packet:
1 => SMDS ES Hello (ES-IS pkt): type 2
2 => SMDS DR-ES Hello (ES-IS pkt): type 4
3 => SMDS Level 1 IS Hello (IS-IS pkt): type 0f hex
Perlman (Internet-Draft expires end December 1993) [Page 30]
Internet-Draft Routing over NBMA Links June 1993
4 => SMDS Level 2 IS Hello (IS-IS pkt): type 10 hex
5 => SMDS Redirect (ES-IS): type 6
Some have "options", which are encoded as:
# of octets
+---------+
| type | 1
+---------+
| length | 1 or 2 (depending on option type)
+---------+
| value | variable
+---------+
1. type, the type of option
2. length, the length in octets of the "data" field
3. data, the data associated with the option
The defined types for SMDS options are:
1. preconfigured SMDS addresses for reaching ISs, option type
1
2. IS adjacencies, option type 2
3. preconfigured SMDS addresses for reaching ESs, option type
3
4. area addresses, option type 4
5. password, option type 5
In addition, there are options that appear in ES-IS packets as
defined in ISO 9542. These options have a length field which is
1 octet. The ISO 9542-defined options may appear in the
functionally equivalent SMDS ES-IS packets defined in this
document, in which case they would have the option codes and
functions (and a length field of 1 octet) as defined in ISO
9542. Those options are:
1. security, option type c5 hex
2. quality of service maintenance, option type c3 hex
3. priority, option type cd hex
4. address mask, option type e1 hex
Perlman (Internet-Draft expires end December 1993) [Page 31]
Internet-Draft Routing over NBMA Links June 1993
5. SNPA mask, option type e2 hex
6. suggested ES configuration timer, option type c6 hex
8.3. SMDS ES Hello
Only dynamically discovered ESs send ES Hellos. Usually an SMDS
ES will have to send a level 2 ES Hello because its IDP will not
equal the IDP of an IS reachable across SMDS.
A level 1 ES Hello is distinguished from a level 2 ES Hello
based on the "level" flag.
1. NLPID, 1 octet, 82 hex (for ES-IS)
2. Version, 1 octet, the constant 1
3. Length, 2 octets, the total length of the packet
4. Packet Type
5. Holding Time, 2 octets, the value in seconds, equal to 3
times Hello Timer
6. level, 1 octet -- the top 7 bits are reserved. The bottom
bit=1 to indicate this is a level 2 ES Hello.
7. Number of source addresses, 1 octet. In a leve1 1 ES Hello,
each source address consists of the ID portion of the CLNP
address. In a level 2 ES Hello, each source address
consists of an octet specifying the address length, and an
octet specifying the address. In level 2 ES Hellos, the
addresses advertised are CLNP address prefixes.
8. Source address
9. Source address
10. ...
11. Source address
12. Options
a. Password
(1) Option type, 1 octet = 5
(2) length, 1 octet
Perlman (Internet-Draft expires end December 1993) [Page 32]
Internet-Draft Routing over NBMA Links June 1993
(3) password
8.4. SMDS DR-to-ES Hello
1. NLPID, 1 octet, 82 hex (for ES-IS)
2. Version, 1 octet, the constant 1
3. Length, 2 octets, the total length of the packet
4. Packet Type
5. Holding Time, 2 octets, the value in seconds, equal to 3
times Hello Timer
6. Options
a. Password
(1) Option type, 1 octet = 5
(2) length, 1 octet
(3) password
8.5. SMDS Level 1 IS Hello
This packet type is used both for a non-DR to send an ISH to the
DR, and for the DR to send its ISH to the other ISs.
1. NLPID, 1 octet, 83 hex (for IS-IS)
2. Version, 1 octet, the constant 1
3. Length, 2 octets, the total length of the packet
4. Packet Type
5. Holding Time, 2 octets, the value in seconds, equal to 3
times Hello Timer
6. DR flag, 1 octet -- the top 7 bits are reserved. The bottom
bit=1 indicates the transmitting IS considers itself to be
the DR.
7. ID length, 1 octet, the number of octets this IS thinks is
in the ID field of a CLNP address
Perlman (Internet-Draft expires end December 1993) [Page 33]
Internet-Draft Routing over NBMA Links June 1993
8. Maximum area addresses, 1 octet, the maximum number of area
addresses this IS is prepared to keep
9. Priority, 1 octet, the configured priority of this IS for
becoming DR
10. Circuit type, 1 octet, 1=level 1 only, 2=level 2 only,
3=both level 1 and level 2
11. ID, (ID length octets)
12. SMDS group address (or 0 if none) this IS receives messages
on, 8 octets -- this field is only present when the ISH is
transmitted by a non-DR
13. Options
a. Area addresses
(1) Option type, 1 octet = 4
(2) length, 1 octet, a multiple of 8
(3) list of area addresses
(a) Address length, 1 octet
(b) Area Address
b. Preconfigured SMDS addresses for reaching ISs (only
transmitted by non-DR)
(1) Option type, 1 octet = 1
(2) length, 2 octets, a multiple of 8
(3) list of SMDS addresses
c. Preconfigured SMDS addresses for reaching ESs (only
transmitted by non-DR)
(1) Option type, 1 octet = 3
(2) length, 2 octets, a multiple of 8
(3) list of SMDS addresses
d. IS addresses (only transmitted by DR)
(1) option type, 1 octet = 2
Perlman (Internet-Draft expires end December 1993) [Page 34]
Internet-Draft Routing over NBMA Links June 1993
(2) length, 2 octets, ID length*2 plus a multiple of
8+ID Length
(3) Numerically lowest ID reported in this IS Hello
(4) Numerically highest ID reported in this IS Hello
(5) ID, SMDS address pairs for nonpassive ISs that have
been sending IS Hellos to the DR
e. Password
(1) Option type, 1 octet = 5
(2) length, 1 octet
(3) password
8.6. SMDS Level 2 IS Hello
This has the same format as an SMDS Level 1 IS Hello. The only
difference is the packet type.
8.7. Redirect
This type of packet is used as a Hello Redirect and as a Data
Redirect. It is used for Level 1 and Level 2 Hello Redirection.
A Hello Redirect is used when an IS receives a Hello from an IS
or an ES, and that IS does not think itself to be the DR. The
packet informs the transmitter of the Hello of the SMDS address
of the actual DR. A level 1 IS Hello Redirect is sent in
response to a level 1 Hello, and directs towards the level 1 DR.
A level 2 IS Hello Redirect is sent in response to a level 2
Hello, and directs towards the level 2 DR.
A Data Redirect is transmitted by an IS R to the SMDS address
from which R received a CLNP packet for forwarding, when R
forwards the packet back across the same SMDS network from which
the CLNP packet was received.
1. NLPID, 1 octet, 82 hex
2. Version, 1 octet, the constant 1
3. Length, 2 octets, the total length of the packet
4. Packet Type
Perlman (Internet-Draft expires end December 1993) [Page 35]
Internet-Draft Routing over NBMA Links June 1993
5. Flags, 1 octet
6 1 1 # of bits
+----------+-------+-----+
| reserved | level | H/D |
+----------+-------+-----+
"level" is 0 for level 1, 1 for level 2. "H/D" is 0 for
Data Redirect, 1 for Hello Redirect
6. SMDS address, 8 octets: In the case of a Hello Redirect, it
is the SMDS address of the DR. In the case of a Data
Redirect, it is the SMDS address to forward to for that
destination, and all destinations matching that address
prefix.
7. Password (only present in Hello Redirect)
8. Holding Time, 2 octets, only present in Data Redirect, and
is in units of seconds
9. CLNP destination address length, 1 octet, only present in
Data Redirect
10. CLNP destination address, variable length, only present in
Data Redirect
Perlman (Internet-Draft expires end December 1993) [Page 36]
Internet-Draft Routing over NBMA Links June 1993
9. Acronyms used in this Specification
CLNP -- Connectionless Network Layer Protocol. CLNP is the
data packet format, including the standard for addressing.
CLNS -- Connectionless Network Layer Service. CLNS includes
the protocols CLNP, ES-IS and IS-IS.
DR -- Designated Router, the IS on a multiaccess link
elected to be the focal point for information about the
multiaccess link.
ES -- End system (i.e., an endnode)
IS -- Intermediate system (i.e., a router)
ES-IS -- Protocol between neighbor ESs and ISs
IS-IS -- Protocol between ISs (includes ISs exchanging
routing information so as to compute routes, as well as
aprotocol for neighbor ISs to find and keep track of each
other)
LSP -- Link State Packet
10. References
[1]TR-TSV-000772 issue 1, May 1991, "Generic System Requirements
in support of Switched Multi-Megabit Data Service".
[2]TR-TSV-001060 issue 1, December 1991, "Switched Multi-Megabit
Data Service Generic Requirements for Exchange Access and
Intercompany Service Arrangements".
[3]ISO 8473, "Protocol for Providing the Connectionless-Mode
Network Service" (CLNP)
[4]ISO 9542, "End System to Intermediate System Routeing
Exchange Protocol for Use with the Protocol for Defining the
Connectionless-Mode Network Service" (ES-IS)
[5]ISO 10589, "Intermediate System to Intermediate System
Intra-Domain Routeing Exchange Protocol for Use in
Conjunction with the Protocol for Providing the
Connectionless-mode Network Service" (IS-IS)
[6]SMDS Interest Group document SIG-TS-004/1993
Perlman (Internet-Draft expires end December 1993) [Page 37]
Internet-Draft Routing over NBMA Links June 1993
11. Working Group Information
The current co-chairs of the ISIS working group are:
Ross Callon
Wellfleet Communications Inc.
2 Federal Street
Billerica MA 01821
USA
Phone: (508) 436 3936
Email: rcallon@wellfleet.com
Chris Gunner
Digital Equipment Corp.
550 King Street
Littleton MA 01460-1289
USA
Phone: (508) 486 7792
Fax: (508) 486 5279
Email: gunner@dsmail.enet.dec.com
The working group mailing list is:
isis@merit.edu
Subscription requests should be sent to:
isis-request@merit.edu
12. Authors' Addresses
Radia Perlman
Digital Equipment Corp.
550 King Street
Littleton MA 01460-1289
USA
Phone: (508) 486 7648
Fax: (508) 486 5279
Email: perlman@dsmail.enet.dec.com
Perlman (Internet-Draft expires end December 1993) [Page 38]
Internet-Draft Routing over NBMA Links June 1993
Chris Gunner
Digital Equipment Corp.
550 King Street
Littleton MA 01460-1289
USA
Phone: (508) 486 7792
Fax: (508) 486 5279
Email: gunner@dsmail.enet.dec.com
Perlman (Internet-Draft expires end December 1993) [Page 39]
