<?xmlversion="1.0" encoding="US-ASCII"?> <!-- This template is for creating an Internet Draft using xml2rfc, which is available here: http://xml.resource.org. -->version='1.0' encoding='UTF-8'?> <!DOCTYPE rfc [<!-- One method to get references from the online citation libraries. There has to be one entity for each item to be referenced. An alternate method (rfc include) is described in the references. --> <!ENTITY RFC2104 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2104.xml"> <!ENTITY RFC2119 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2119.xml"> <!ENTITY RFC2747 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2747.xml"> <!ENTITY RFC3209 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3209.xml"> <!ENTITY RFC4090 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.4090.xml"> <!ENTITY RFC2961 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2961.xml"> <!ENTITY RFC2205 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2205.xml"> <!ENTITY RFC4558 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.4558.xml"> <!ENTITY RFC3473 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3473.xml"> <!ENTITY RFC5063 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.5063.xml"><!ENTITYRFC8370 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.8370.xml">nbsp " "> <!ENTITYRFC8796 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.8796.xml">zwsp "​"> <!ENTITYRFC5920 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.5920.xml">nbhy "‑"> <!ENTITYRFC8174 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.8174.xml"> <!ENTITY RFC8126 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.8126.xml">wj "⁠"> ]><?xml-stylesheet type='text/xsl' href='rfc2629.xslt' ?> <!-- used by XSLT processors --> <!-- For a complete list and description of processing instructions (PIs), please see http://xml.resource.org/authoring/README.html. --> <!-- Below are generally applicable Processing Instructions (PIs) that most I-Ds might want to use. (Here they are set differently than their defaults in xml2rfc v1.32) --> <?rfc strict="yes" ?> <!-- give errors regarding ID-nits and DTD validation --> <!-- control the table of contents (ToC) --> <?rfc toc="yes"?> <!-- generate a ToC --> <?rfc tocdepth="4"?> <!-- the number of levels of subsections in ToC. default: 3 --> <!-- control references --> <?rfc symrefs="yes"?> <!-- use symbolic references tags, i.e, [RFC2119] instead of [1] --> <?rfc sortrefs="yes" ?> <!-- sort the reference entries alphabetically --> <!-- control vertical white space (using these PIs as follows is recommended by the RFC Editor) --> <?rfc compact="yes" ?> <!-- do not start each main section on a new page --> <?rfc subcompact="no" ?> <!-- keep one blank line between list items --> <!-- end of list of popular I-D processing instructions --><rfc xmlns:xi="http://www.w3.org/2001/XInclude" category="std" docName="draft-ietf-mpls-ri-rsvp-frr-22" number="9705" ipr="pre5378Trust200902" submissionType="IETF" consensus="true"updates="4090"> <!-- category values: std, bcp, info, exp, and historic ipr values: trust200902, noModificationTrust200902, noDerivativesTrust200902, or pre5378Trust200902 you can add the attributes updates="NNNN" and obsoletes="NNNN" they will automatically be output with "(if approved)" --> <!-- ***** FRONT MATTER ***** -->obsoletes="" updates="4090" tocInclude="true" tocDepth="4" symRefs="true" sortRefs="true" version="3" xml:lang="en" > <front><!-- The abbreviated title is used in the page header - it is only necessary if the full title is longer than 39 characters --><titleabbrev="RI-RSVP FRR Bypass">Refresh-intervalabbrev="RI-RSVP-FRR Bypass">Refresh-Interval IndependentFRRRSVP Fast Reroute FacilityProtection </title> <!-- add 'role="editor"' below for the editors if appropriate --> <!-- Another author who claims to be an editor -->Protection</title> <seriesInfo name="RFC" value="9705"/> <authorinitials="C. "initials="C." surname="Ramachandran" fullname="Chandra Ramachandran"> <organization>Juniper Networks, Inc.</organization> <address> <email>csekar@juniper.net</email> </address> </author> <authorinitials="T. "initials="T." surname="Saad" fullname="Tarek Saad"> <organization>Cisco Systems, Inc.</organization> <address> <email>tsaad@cisco.com</email> </address> </author> <authorinitials="I. "initials="I." surname="Minei" fullname="Ina Minei"> <organization>Google, Inc.</organization> <address> <email>inaminei@google.com</email> </address> </author> <authorinitials="D. "initials="D." surname="Pacella" fullname="Dante Pacella"> <organization>Verizon, Inc.</organization> <address> <email>dante.j.pacella@verizon.com</email> </address> </author> <dateyear="2024" /> <!-- If the month and year are both specified and are the current ones, xml2rfc will fill in the current day for you. If only the current year is specified, xml2rfc will fill in the current day and month for you. If the year is not the current one, it is necessary to specify at least a month (xml2rfc assumes day="1" if not specified for the purpose of calculating the expiry date). With drafts it is normally sufficient to specify just the year. --> <!-- Meta-data Declarations --> <area>Routing</area> <workgroup>MPLS Working Group</workgroup> <!-- WG name at the upperleft corner of the doc, IETF is fine for individual submissions. If this element is not present, the default is "Network Working Group", which is used by the RFC Editor as a nod to the history of the IETF. --> <keyword>template</keyword> <!-- Keywords will be incorporated into HTML output files in a meta tag but they have no effect on text or nroff output. If you submit your draft to the RFC Editor, the keywords will be used for the search engine. -->year="2025" month="January"/> <area>RTG</area> <workgroup>mpls</workgroup> <keyword>ri-rsvp-frr</keyword> <keyword>RI-RSVP-FRR</keyword> <abstract> <t>The RSVP-TE Fast Reroute (FRR) extensions specified in RFC 4090definesdefine two local repair techniques to reroute Label Switched Path (LSP) traffic over pre-established backuptunnel.tunnels. Facility backup method allows one or more LSPs traversing a connected link or node to be protected using a bypass tunnel. The many-to-one nature of local repair technique is attractive from a scalability point of view. This document enumerates facility backup procedures in RFC 4090 that rely on refreshtimeout and hence maketimeout, hence, making facility backup method refresh-interval dependent. The RSVP-TE extensions defined in this document will enhance the facility backup protection mechanism by making the corresponding procedures refresh-intervalindependentindependent, andhencehence, compatible withRefresh-intervalthe Refresh-Interval Independent RSVP (RI-RSVP) capability specified in RFC 8370. Hence, this document updates RFC 4090 in order to support the RI-RSVP capability specified in RFC 8370. </t> </abstract><note title="Requirements Language"> <t>The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 <xref target="RFC2119"/> <xref target="RFC8174"/> when, and only when, they appear in all capitals, as shown here. </t> </note></front> <middle> <sectionanchor="intro" title="Introduction">anchor="intro"> <name>Introduction</name> <t>RSVP-TE relies on a periodic refresh of RSVP messages to synchronize and maintain the states related to the Label Switched Path (LSP)related statesalong the reserved path. In the absence of refresh messages, the LSP-related states are automatically deleted. Reliance on periodic refreshes and refresh timeouts are problematic from the scalability point of view. The number of RSVP-TE LSPs that a router needs to maintain has been growing in service providernetworksnetworks, and the implementations should be capable of handlingincreaseincreases in LSP scale. </t> <t><xref target="RFC2961"/> specifies mechanisms to eliminate the reliance on periodicrefreshrefreshes and refreshtimeouttimeouts of RSVP messages and enables a router to increase the message refresh interval to values much longer than the default 30 seconds defined in <xref target="RFC2205"/>. However, the protocol extensions defined in <xref target="RFC4090"/> for supporting Fast Reroute (FRR) using bypass tunnels implicitly rely on short refresh timeouts tocleanupclean up stale states. </t> <t>In order to eliminate the reliance on refresh timeouts, the routers should unambiguously determine when a particular LSP state should be deleted. In scenarios involving<xref target="RFC4090"/>FRR using bypasstunnels,tunnels <xref target="RFC4090"/>, additional explicittear downteardown messages are necessary.Refresh-intervalThe Refresh-Interval IndependentRSVPRSVP-TE FRR (RI-RSVP-FRR) extensions specified in this documentconsistsconsist of procedures to enable LSP state cleanup that are essential in supporting the RI-RSVP capability for<xref target="RFC4090"/>FRR using bypasstunnels.tunnels from <xref target="RFC4090"/>. </t> <sectionanchor="intro_motivation" title="Motivation">anchor="intro_motivation"> <name>Motivation</name> <t>Base RSVP <xref target="RFC2205"/> maintains state via the generation of RSVPPath/ResvPath and Resv refresh messages. Refresh messages are used to both synchronize state between RSVP neighbors and to recover from lost RSVP messages. The use of Refresh messages to cover many possible failures has resulted in a number of operational problems.<list style="hanging"> <t hangText="-">One</t> <ul> <li>One problem relates to RSVP control plane scaling due to periodic refreshes of Path and Resvmessages, anothermessages.</li> <li>Another problem relates to the reliability and latency of RSVPsignaling. </t> </list> <list style="hanging"> <t hangText="-">Ansignaling.</li> <li>An additional problem is the time to clean up the stale state after a tear message is lost. For more on theseproblemsproblems, seeSection 1 of RSVP Refresh Overhead Reduction Extensions<xreftarget="RFC2961"/>. </t> </list> </t>target="RFC2961" sectionFormat="of" section="1"/>.</li> </ul> <t>The problems listed above adversely affect RSVP control planescalabilityscalability, and RSVP-TE <xref target="RFC3209"/> inherited these problems from standard RSVP. Procedures specified in <xref target="RFC2961"/> address the above-mentioned problems by eliminating dependency on refreshes for state synchronization and for recovering from lost RSVP messages, and also by eliminating dependency on refresh timeout for stale state cleanup. Implementing these procedures allows implementations to improve RSVP-TE control plane scalability. For more details on eliminating dependency on refreshtimeouttimeouts for stale state cleanup, refer to"Refresh-interval Independent RSVP" section 3 of RSVP-TE Scaling Techniques<xreftarget="RFC8370"/>.target="RFC8370" sectionFormat="of" section="3"/>. </t> <t>However, the facility backup protection procedures specified in <xref target="RFC4090"/> do not fully address stale state cleanup as the procedures depend on refresh timeouts for stale state cleanup. The updated facility backup protection procedures specified in this document, in combination with RSVP-TE Scaling Techniques <xref target="RFC8370"/>, eliminate this dependency on refresh timeouts for stale state cleanup. </t> <t>The procedures specified in this document assume reliable delivery of RSVP messages, as specified in <xref target="RFC2961"/>. Therefore,this document makes support for<xref target="RFC2961"/> is apre-requisite.prerequisite for this document. </t> </section> </section> <sectionanchor="terminology" title="Terminology"> <t>Theanchor="terms-abbrevs"> <name>Abbreviations and Terminology</name> <t> The key words "<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>", "<bcp14>REQUIRED</bcp14>", "<bcp14>SHALL</bcp14>", "<bcp14>SHALL NOT</bcp14>", "<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>", "<bcp14>RECOMMENDED</bcp14>", "<bcp14>NOT RECOMMENDED</bcp14>", "<bcp14>MAY</bcp14>", and "<bcp14>OPTIONAL</bcp14>" in this document are to be interpreted as described in BCP 14 <xref target="RFC2119"/> <xref target="RFC8174"/> when, and only when, they appear in all capitals, as shown here. </t> <t> In addition, the reader is expected to be familiar with the terminology in <xref target="RFC2205"/>, <xref target="RFC3209"/>, <xref target="RFC4090"/>, <xref target="RFC4558"/>, <xreftarget="RFC8370"/>target="RFC8370"/>, and <xref target="RFC8796"/>. </t><t>Phop node: Previous-hop<section anchor="abbrevs"> <name>Abbreviations</name> <dl> <dt>PHOP:</dt><dd>Previous-Hop (can refer to a router or node along thelabel switched path </t> <t>PPhop node: Previous-Previous-hopLSP)</dd> <dt>PPHOP:</dt><dd>Previous-Previous-Hop (can refer to a router or node along thelabel switched path </t> <t>Nhop node: Next-hopLSP)</dd> <dt>NHOP:</dt><dd>Next-Hop (can refer to a router or node along thelabel switched path </t> <t>NNhop node: Next-Next-hopLSP)</dd> <dt>NNHOP:</dt><dd>Next-Next-Hop (can refer to a router or node along thelabel switched path </t> <t>PLR: PointLSP)</dd> <dt>PLR:</dt><dd>Point of Local Repair (can refer to a router as defined in <xreftarget="RFC4090"/> </t> <t>MP: Mergetarget="RFC4090"/>)</dd> <dt>MP:</dt><dd>Merge Point (can refer to a router as defined in <xreftarget="RFC4090"/> </t> <t>LP-MP node:target="RFC4090"/>)</dd> <dt>LP-MP:</dt><dd>Link-Protecting Merge Point (can refer to a router or node at the tail of a Link-Protecting bypasstunnel </t> <t>NP-MP node:tunnel</dd> <dt>NP-MP:</dt><dd>Node-Protecting Merge Point (can refer to a router or node at the tail of a Node-Protecting bypasstunnel </t> <t>RRO: Recordtunnel</dd> <dt>PSB:</dt><dd>Path State Block</dd> <dt>RSB:</dt><dd>Reservation State Block</dd> <dt>RRO:</dt><dd>Record Route Objectas(as defined in <xreftarget="RFC3209"/> </t> <t>TED: Traffictarget="RFC3209"/>)</dd> <dt>TED:</dt><dd>Traffic EngineeringDatabase </t> <t>LSP state: The combination of "path state" maintained as Path State Block (PSB) and "reservation state" maintained as Reservation State Block (RSB) forms an individual LSP state on an RSVP-TE speaker </t> <t>RI-RSVP: TheDatabase</dd> <dt>RI-RSVP:</dt><dd>Refresh-Interval Independent RSVP (the set of procedures defined inSection 3 of RSVP-TE Scaling Techniques<xref section="3" sectionFormat="of" target="RFC8370"/> to eliminate RSVP's reliance on periodic messagerefreshes </t> <t>B-SFRR-Ready: Bypass Summary FRR Ready Extended Association object defined in Summaryrefreshes)</dd> <dt>RI-RSVP-FRR:</dt><dd>Refresh-Interval Independent RSVP-TE FRRextensions <xref target="RFC8796"/> and is added by the PLR for each protected LSP. </t> <t>RI-RSVP-FRR: The(the set of procedures defined in this document to eliminate RSVP's relianceofon periodic message refreshes when supporting facility backup protection <xreftarget="RFC4090"/> </t> <t>Conditional PathTear: Atarget="RFC4090"/>)</dd> </dl> </section> <section anchor="terms"> <name>Terminology</name> <dl> <dt>B-SFRR-Ready:</dt><dd>Bypass Summary FRR Ready Extended ASSOCIATION object as defined in <xref target="RFC8796"/> and added by the PLR for each protected LSP</dd> <dt>Conditional PathTear:</dt><dd>A PathTear message containing a suggestion to a receiving downstream router to retain the path state if the receiving router is anNP-MP </t> <t>Remote PathTear: ANP-MP</dd> <dt>Remote PathTear:</dt><dd>A PathTear message sent from aPoint of Local Repair (PLR)PLR to the MP to delete the LSP state on the MP if the PLR had not previously sent the backupPathpath statereliably </t>reliably</dd> <dt>LSP state</dt><dd>The combination of "path state" maintained as a PSB and "reservation state" maintained as an RSB forms an individual LSP state on an RSVP-TE speaker</dd> </dl> </section> </section> <sectionanchor="prob_desc" title="Problem Description">anchor="prob_desc"> <name>Problem Description</name> <figurealign="center" anchor="example_network" title="Example Topology">anchor="example_network"> <name>Example Topology</name> <artwork align="center"><![CDATA[ E / \ / \ / \ / \ / \ / \ A ----- B ----- C ----- D \ / \ / \ / \ / \ / \ / F ]]></artwork> </figure> <t>In the topology in <xref target="example_network"/>, consider a large number of LSPs from A to D transiting B and C. Assume that refresh interval has been configured to be as longofas the order of minutes and that refresh reduction extensions are enabled on all routers. </t><t>Also<t>In addition, assume that node protection has been configured for the LSPs and the LSPs are protected by each router in the followingway <list style="hanging"> <t hangText="-">Away: </t> <ul> <li>A has made node protection available using bypass LSP A->-> E->-> C; A is the PLR and C is theNP-MP </t> </list> <list style="hanging"> <t hangText="-">BNP-MP.</li> <li>B has made node protection available using bypass LSP B->-> F->-> D; B is the PLR and D is theNP-MP </t> </list> <list style="hanging"> <t hangText="-">CNP-MP.</li> <li>C has made link protection available using bypass LSP C->-> B->-> F->-> D; C is the PLR and D is theLP-MP </t> </list> </t> <t>InLP-MP.</li> </ul> <t> In the above condition, assume that the B-C link fails. The following is the sequence of events that is expected to occur for all protected LSPs under normal conditions.<list style="hanging"> <t hangText="1.">B</t> <ol type="Step %d."> <li anchor="step1">B performs a local repair andre-directsredirects LSP traffic over the bypass LSP B->-> F-> D. </t> </list> <list style="hanging"> <t hangText="2.">B-> D.</li> <li anchor="step2">B also creates a backup state for the LSP and triggers the sending of a backup LSP state to D over the bypass LSP B->-> F-> D. </t> </list> <list style="hanging"> <t hangText="3.">D-> D.</li> <li anchor="step3">D receives the backup LSP states and merges the backups with the protectedLSPs. </t> </list> <list style="hanging"> <t hangText="4.">AsLSPs.</li> <li anchor="step4">As the link on C, over which the LSP states are refreshed, has failed, C will no longer receive state refreshes. Consequently, the protected LSP states on C will time out and C will send thetear downteardown messages for all LSPs. As each router should consider itself as an MP, C will time out the state only after waiting for an additional duration equal to the refreshtimeout. </t> </list> </t>timeout.</li> </ol> <t>While the above sequence of events has been described in <xref target="RFC4090"/>, there are a few problems for which no mechanism has been specifiedexplicitly. <list style="hanging"> <t hangText="-">Ifexplicitly: </t> <ul> <li>If the protected LSP on C times out before D receives signaling for the backup LSP, then D would receive a PathTear from C prior to receiving signaling for the backup LSP, thus resulting in deleting the LSP state. This would be possible at scale even with the default refreshtime. </t> </list> <list style="hanging"> <t hangText="-">If upon the link failuretime.</li> <li>If C is to keep state until itstimeout,timeout upon the link failure, then with a long refreshintervalinterval, this may result in a large amount of stale state on C. Alternatively, ifupon the link failureC is to delete the state and send a PathTear toD,D upon the link failure, then this would result in deleting the state on D, thus deleting the LSP. D needs a reliable mechanism to determine whether or not it is an MPor notto overcome thisproblem. </t> </list> <list style="hanging"> <t hangText="-">Ifproblem.</li> <li>If head-end A attempts to tear down the LSP afterstep 1<xref target="step1" format="none">Step 1</xref> but beforestep 2<xref target="step2" format="none">Step 2</xref> of the above sequence, then B may receive thetear downteardown message beforestep 2<xref target="step2" format="none">Step 2</xref> and delete the LSP state from its state database. If B deletes its state without informing D, with a long refreshintervalinterval, this could cause a (large) buildup of stale state onD. </t> </list> <list style="hanging"> <t hangText="-">IfD.</li> <li>If B fails to perform a local repair instep 1,<xref target="step1" format="none">Step 1</xref>, then B will delete the LSP state from its state database without informing D. As B deletes its state without informing D, with a long refreshintervalinterval, this could cause a (large) buildup of stale state onD. </t> </list> </t>D.</li> </ul> <t>The purpose of this document is to provide solutions to the aboveproblemsproblems, which will then make it practical to scale up to a large number of protected LSPs in the network. </t> </section> <sectionanchor="solution" title="Solution Aspects">anchor="solution"> <name>Solution Aspects</name> <t>The solution consists of fiveparts. <list style="hanging"> <t hangText="-">Utilizeparts:</t> <ol> <li>Utilize the MP determination mechanism specified in RSVP-TE Summary FRR <xref target="RFC8796"/> that enables the PLR to signal the availability of local protection to the MP. In addition, introduce PLR and MP procedures to establishNode-ID based helloa Node-ID-based Hello session between the PLR and the MP to detect router failures and to determine capability. See <xref target="sig_handshake"/> of this document for more details. This part of the solutionre-usesreuses some of the extensions defined inRSVP-TE Summary FRR<xref target="RFC8796"/> andRSVP-TE Scaling Techniques<xref target="RFC8370"/>, and the subsequentsub-sectionssubsections will list the extensions in thesedraftsdocuments that are utilized in thisdocument. </t> </list> <list style="hanging"> <t hangText="-">Handledocument.</li> <li>Handle upstream link or node failures by cleaning up LSP states if the node has not found itself as an MP through the MP determination mechanism. See <xref target="failures"/> of this document for moredetails. </t> </list> <list style="hanging"> <t hangText="-">Introducedetails.</li> <li>Introduce extensions to enable a router to send atear downteardown message to the downstream router that enables the receiving router to conditionally delete its local LSP state. See <xref target="cnd_path_tear"/> of this document for moredetails. </t> </list> <list style="hanging"> <t hangText="-">Enhancedetails.</li> <li>Enhance facility backup protection by allowing a PLR to directly send atear downteardown message to the MP without requiring the PLR to either have a working bypass LSP or have already signaled the backup LSP state. See <xref target="rem_tear"/> of this document for moredetails. </t> </list> <list style="hanging"> <t hangText="-">Introducedetails.</li> <li>Introduce extensions to enable the above procedures to be backward compatible with routers along the LSPpathrunningimplementationimplementations that do not support these procedures. See <xref target="compatible"/> of this document for moredetails. </t> </list> </t>details.</li> </ol> <sectionanchor="adv_capability" title="Requirement onanchor="adv_capability"> <name>Requirement for RFC 4090 CapableNodeNodes toadvertiseAdvertise the RI-RSVPCapability">Capability</name> <t>A node supporting facility backup protection <xref target="RFC4090"/>MUST NOT<bcp14>MUST NOT</bcp14> set the RI-RSVP flag(I bit)(I-bit) that is defined inSection 3.1 of RSVP-TE Scaling Techniques<xreftarget="RFC8370"/>target="RFC8370" sectionFormat="of" section="3.1"/> unless it supports all the extensions specified in the rest of this document. Hence, this document updates <xref target="RFC4090"/> by defining extensions and additional procedures over facility backup protection <xref target="RFC4090"/> in order to advertise the RI-RSVP capability <xref target="RFC8370"/>. However, if a node supporting facility backup protection <xref target="RFC4090"/> does set the RI-RSVP capability(I bit)(I-bit) but does not support all the extensions specified in the rest of this document, then it may result in lingering stale states due to the long refresh intervals recommended by <xref target="RFC8370"/>. This can also disrupt normal Fast Reroute (FRR)operation.operations. <xref target="cap_bit_without_support"/> of this document delvesoninto this in detail. </t> </section> <sectionanchor="sig_handshake" title="Signalinganchor="sig_handshake"> <name>Signaling HandshakebetweenBetween PLR andMP">MP</name> <sectionanchor="sig_plr_behavior" title="PLR Behavior">anchor="sig_plr_behavior"> <name>PLR Behavior</name> <t>As per the facility backup procedures <xref target="RFC4090"/>, when an LSP becomes operational on a node and the "local protection desired" flag has been set in the SESSION_ATTRIBUTE object carried in the Path message corresponding to the LSP, then the node attempts to make local protection available for the LSP.<list style="hanging"> <t hangText="-">If</t> <ul> <li>If the "node protection desired" flag is set, then the node tries to become a PLR by attempting to createaan NP-bypass LSP to theNNhopNNHOP node avoiding theNhopNHOP node on a protectedLSP path.LSP. In case node protection could not be made available, the node attempts to create an LP-bypass LSP to theNhopNHOP node avoiding only the link that the protected LSP takes to reach theNhop </t> </list> <list style="hanging"> <t hangText="-">IfNHOP.</li> <li>If the "node protection desired" flag is not set, then the PLR attempts to create an LP-bypass LSP to theNhopNHOP node avoiding the link that the protected LSP takes to reach theNhop </t> </list> </t>NHOP.</li> </ul> <t>With regard to the PLR procedures described above andthat arespecified in <xref target="RFC4090"/>, this document specifies the following additional procedures to support RI-RSVP <xreftarget="RFC8370"/>. <list style="hanging"> <t hangText="-">Whiletarget="RFC8370"/>.</t> <ul> <li>While selecting the destination address of the bypass LSP, the PLRMUST<bcp14>MUST</bcp14> select the router ID of theNNhopNNHOP orNhopNHOP node from the Node-ID sub-object included in the RROobjectthat is carried in the most recent Resv message corresponding to the LSP. If the MP has not included a Node-ID sub-object in the Resv RRO and if the PLR and the MP are in the same area, then the PLR may utilize the TED to determine the router ID corresponding to the interface address that is included by the MP in theRRO object.RRO. If the NP-MP in a different IGP area has not included a Node-ID sub-object inRRO object,the RRO, then the PLRMUST<bcp14>MUST</bcp14> execute backward compatibility procedures as if the downstream nodes along the LSP do not support the extensions defined in the document (see <xreftarget="dnstr_no_support"/>). </t> </list> <list style="hanging"> <t hangText="-">Thetarget="dnstr_no_support"/>).</li> <li>The PLRMUST<bcp14>MUST</bcp14> also include its router ID in a Node-ID sub-object in the RROobjectthat is carried in any subsequent Path message corresponding to the LSP. Whileincluding its router ID in the Node-ID sub-object carried in the outgoing Path message,doing so, the PLRMUST<bcp14>MUST</bcp14> include the Node-ID sub-object after including its IPv4/IPv6 address or unnumbered interface IDsub-object. </t> </list> <list style="hanging"> <t hangText="-">Insub-object.</li> <li>In parallel to the attempt made to create an NP-bypass or an LP-bypass, the PLRMUST<bcp14>MUST</bcp14> initiate aNode-ID basedNode-ID-based Hello session to theNNhopNNHOP orNhopNHOP node respectively along the LSP to establish the RSVP-TE signaling adjacency. This Hello session is used to detect MP node failure as well as to determine the capability of the MP node.IfThe PLR <bcp14>MUST</bcp14> conclude that the MP supports the refresh-interval independent FRR procedures defined in this document if the MP has set the I-bit in the CAPABILITY object <xref target="RFC8370"/> carried in the Hello message corresponding to theNode-ID basedNode-ID-based Hellosession, then the PLR MUST conclude that the MP supports refresh-interval independent FRR procedures defined in this document.session. If the MP has not sentNode-ID basedNode-ID-based Hello messages or has not set the I-bit in the CAPABILITY object <xref target="RFC8370"/>, then the PLRMUST<bcp14>MUST</bcp14> execute backward compatibility procedures defined in <xref target="dnstr_no_support"/> of thisdocument. </t> </list> <list style="hanging"> <t hangText="-">Whendocument.</li> <li>When the PLR associates a bypass to a protected LSP, itMUST<bcp14>MUST</bcp14> include a B-SFRR-Ready ExtendedAssociationASSOCIATION object <xref target="RFC8796"/> and trigger a Path message to be sent for the LSP. If a B-SFRR-Ready ExtendedAssociationASSOCIATION object is included in the Path message corresponding to the LSP, the encoding and object ordering rules specified in RSVP-TE Summary FRR <xref target="RFC8796"/>MUST<bcp14>MUST</bcp14> be followed. In addition to those rules, the PLRMUST<bcp14>MUST</bcp14> set the Association Source in the object to its Node-IDaddress. </t> </list> </t>address.</li> </ul> </section> <sectionanchor="sig_rem_adjacency" title="Remoteanchor="sig_rem_adjacency"> <name>Remote SignalingAdjacency">Adjacency</name> <t>ANode-ID basedNode-ID-based RSVP-TE Hello session is one in which a Node-ID is used in the source and the destination address fields of RSVP Hello messages <xref target="RFC4558"/>. This document extendsNode-ID basedNode-ID-based RSVP Hellosessionsessions to track the state of any RSVP-TE neighbor that is not directly connected by at least one interface. In order to applyNode-ID basedNode-ID-based RSVP-TE Hellosessionsessions between any two routers that are not immediate neighbors, the router that supports the extensions defined in the documentMUST<bcp14>MUST</bcp14> set the TTL to 255 in all outgoingNode-ID basedNode-ID-based Hello messages exchanged between the PLR and the MP. The default hello interval for this Node-IDhelloHello sessionMUST<bcp14>MUST</bcp14> be set to the default specified in RSVP-TE Scaling Techniques <xref target="RFC8370"/>. </t> <t>In the rest of thedocumentdocument, theterm "signaling adjacency", or "remoteterms "signaling adjacency" and "remote signalingadjacency" refersadjacency" refer specifically to the RSVP-TE signaling adjacency. </t> </section> <sectionanchor="sig_mp_behavior" title="MP Behavior">anchor="sig_mp_behavior"> <name>MP Behavior</name> <t>With regard to the MP procedures that are defined in <xreftarget="RFC4090"/>target="RFC4090"/>, this document specifies the following additional procedures to support RI-RSVP as defined in <xref target="RFC8370"/>. </t> <t>Each node along an LSPpathsupporting the extensions defined in this documentMUST<bcp14>MUST</bcp14> also include its router ID in the Node-ID sub-object of the RROobjectthat is carried in the Resv message of the corresponding LSP. If the PLR has not included a Node-ID sub-object in the RROobjectthat is carried in the Path message and if the PLR is in a different IGP area, then the routerMUST NOT<bcp14>MUST NOT</bcp14> execute the MP procedures specified in this document for those LSPs. Instead, the nodeMUST<bcp14>MUST</bcp14> execute backward compatibility procedures defined in <xref target="upstr_no_support"/> of this document as if the upstream nodes along the LSP do not support the extensions defined in this document. </t> <t>A node receiving a Path message shoulddetermine whetherdetermine:</t> <ul> <li>whether the message contains a B-SFRR-Ready ExtendedAssociationASSOCIATION object with its own address as the bypass destination addressand whetherand</li> <li>whether it has an operational Node-ID signaling adjacency with the Associationsource. IfSource.</li> </ul> <t>The node <bcp14>MUST</bcp14> execute the backward compatibility procedures defined in <xref target="upstr_no_support"/> of this document if:</t> <ul> <li>the PLR has not included the B-SFRR-Ready ExtendedAssociation object or if thereASSOCIATION object,</li> <li>there is no operational Node-ID signaling adjacency with the PLR identified by the Associationsource address or if theSource address, or</li> <li>the PLR has not advertised the RI-RSVP capability in itsNode-ID basedNode-ID-based Hellomessages, then the node MUST execute the backward compatibility procedures defined in <xref target="upstr_no_support"/> of this document. </t>messages.</li> </ul> <t>If a matching B-SFRR-Ready ExtendedAssociationASSOCIATION object is found ininthe Path message and if there is an operational remote Node-ID signaling adjacency with the PLR (identified by the Associationsource)Source) that has advertised the RI-RSVP capability (I-bit) <xref target="RFC8370"/>, then the nodeMUST<bcp14>MUST</bcp14> consider itself as the MP for the PLR. The matching and ordering rules for Bypass Summary FRR Extended Association specified in RSVP-TE Summary FRR <xref target="RFC8796"/>MUST<bcp14>MUST</bcp14> be followed by the implementations supporting this document.<list style="hanging"> <t hangText="-">If</t> <ul> <li>If a matching Bypass Summary FRR Extended Association object is included by thePPhopPPHOP node of an LSP and if a corresponding Node-ID signaling adjacency exists with thePPhopPPHOP node, then the routerMUST<bcp14>MUST</bcp14> conclude it is theNP-MP. </t> </list> <list style="hanging"> <t hangText="-">IfNP-MP.</li> <li>If a matching Bypass Summary FRR Extended Association object is included by thePhopPHOP node of an LSP and if a corresponding Node-ID signaling adjacency exists with thePhopPHOP node, then the routerMUST<bcp14>MUST</bcp14> conclude it is theLP-MP. </t> </list> </t>LP-MP.</li> </ul> </section> <sectionanchor="sig_rem_state" title=""Remote"anchor="sig_rem_state"> <name>"Remote" State onMP">MP</name> <t>Once a router concludes it is the MP for a PLR running refresh-interval independent FRR procedures as described in the preceding section, itMUST<bcp14>MUST</bcp14> create a remote path state for the LSP. The only difference between the"remote""remote" path state and the LSP state is the RSVP_HOP object. The RSVP_HOP object in a"remote""remote" path state contains the address that the PLR uses to send Node-IDhelloHello messages to the MP. </t> <t>The MPMUST<bcp14>MUST</bcp14> consider the"remote""remote" path state corresponding to the LSP automatically deleted if:<list style="hanging"> <t hangText="-">The</t> <ul> <li>the MP later receives a Path message for the LSP with no matching B-SFRR-Ready ExtendedAssociationASSOCIATION object corresponding to the PLR's IP address contained in the PathRRO, or </t> </list> <list style="hanging"> <t hangText="-">TheRRO,</li> <li>the Node-ID signaling adjacency with the PLR goesdown, or </t> </list> <list style="hanging"> <t hangText="-">Thedown,</li> <li>the MP receives backup LSP signaling for the LSP from thePLR or </t> </list> <list style="hanging"> <t hangText="-">ThePLR,</li> <li>the MP receives a PathTear for the LSP,or </t> </list> <list style="hanging"> <t hangText="-">Theor</li> <li>the MP deletes the LSP state on a local policy or an exceptionevent </t> </list> </t>event.</li> </ul> <t>The purpose of"remote""remote" path state is to enable the PLR to explicitly tear down the path and reservation states corresponding to the LSP by sending a tear message for the"remote""remote" path state. Such a message tearing down"remote"the "remote" path state is called"Remote""Remote" PathTear. </t> <t>The scenarios in which a"Remote""Remote" PathTear is applied are described in <xref target="rem_tear"/> of this document. </t> </section> </section> <sectionanchor="failures" title="Impactanchor="failures"> <name>Impact of Failures on LSPState">State</name> <t>This section describes the procedures that must be executed upon different kinds of failures by nodes along the path of the LSP. The procedures that must be executed upon detecting RSVP signaling adjacency failures do not impact the RSVP-TE graceful restart mechanisms(<xref target="RFC3473"/>,<xreftarget="RFC5063"/>).target="RFC3473"/> <xref target="RFC5063"/>. If a node executing these procedures acts as a helper for a neighboring router, then the signaling adjacency with the neighbor will be declared as having failed only after taking into account the grace period extended for the neighbor by this node acting as a helper. </t> <t>Node failures are detected from the state of Node-IDhelloHello sessions established with immediate neighbors. RSVP-TE Scaling Techniques <xref target="RFC8370"/> recommends that each node establish Node-IDhelloHello sessions with all its immediate neighbors.Non-immediateA non-immediate PLR or MP failure is detected from the state of remote signaling adjacency established according to <xref target="sig_rem_adjacency"/> of this document. </t> <sectionanchor="failures_nonmp" title="Non-MP Behavior">anchor="failures_nonmp"> <name>Non-MP Behavior</name> <t>When a router detects thePhopPHOP link or thePhopPHOP node failure for an LSP and the router is not an MP for the LSP, then itMUST<bcp14>MUST</bcp14> send a Conditional PathTear (refer to <xref target="cnd_path_tear"/> of this document) and delete the PSB and RSB states corresponding to the LSP. </t> </section> <sectionanchor="failures_lpmp" title="LP-MP Behavior">anchor="failures_lpmp"> <name>LP-MP Behavior</name> <t>When thePhopPHOP link for an LSP fails on a router that is an LP-MP for the LSP, the LP-MPMUST<bcp14>MUST</bcp14> retain the PSB and RSB states corresponding to the LSPtilluntil the occurrence of any of the followingevents. <list style="hanging"> <t hangText="-">Theevents: </t> <ul> <li>the Node-ID signaling adjacency with thePhopPHOP PLR goesdown, or </t> </list> <list style="hanging"> <t hangText="-">Thedown,</li> <li>the MP receives a normal or"Remote""Remote" PathTear for its PSB,or </t> </list> <list style="hanging"> <t hangText="-">Theor</li> <li>the MP receives a ResvTear for itsRSB. </t> </list> </t>RSB.</li> </ul> <t>When a router that is an LP-MP for an LSP detectsPhopPHOP node failure from the Node-ID signaling adjacency state, the LP-MPMUST<bcp14>MUST</bcp14> send a normal PathTear and delete the PSB and RSB states corresponding to the LSP. </t> </section> <sectionanchor="failures_npmp" title="NP-MP Behavior">anchor="failures_npmp"> <name>NP-MP Behavior</name> <t>When a router that is an NP-MP for an LSP detectsPhopPHOP linkfailure,failure orPhopPHOP node failure from the Node-ID signaling adjacency, the routerMUST<bcp14>MUST</bcp14> retain the PSB and RSB states corresponding to the LSPtilluntil the occurrence of any of the followingevents. <list style="hanging"> <t hangText="-">Theevents: </t> <ul> <li>the remote Node-ID signaling adjacency with thePPhopPPHOP PLR goesdown, or </t> </list> <list style="hanging"> <t hangText="-">Thedown,</li> <li>the MP receives a normal or"Remote""Remote" PathTear for its PSB,or </t> </list> <list style="hanging"> <t hangText="-">Theor</li> <li>the MP receives a ResvTear for itsRSB. </t> </list> </t>RSB.</li> </ul> <t>When a router that is an NP-MP for an LSPdiddoes not detect thePhopPHOP link or thePhopPHOP nodefailure,failure but receives a Conditional PathTear from thePhopPHOP node, then the routerMUST<bcp14>MUST</bcp14> retain the PSB and RSB states corresponding to the LSPtilluntil the occurrence of any of the followingevents. <list style="hanging"> <t hangText="-">Theevents: </t> <ul> <li>the remote Node-ID signaling adjacency with thePPhopPPHOP PLR goesdown, or </t> </list> <list style="hanging"> <t hangText="-">Thedown,</li> <li>the MP receives a normal or"Remote""Remote" PathTear for its PSB,or </t> </list> <list style="hanging"> <t hangText="-">Theor</li> <li>the MP receives a ResvTear for itsRSB. </t> </list> </t>RSB.</li> </ul> <t>Receiving a Conditional PathTear from thePhopPHOP node will not impact the"remote""remote" state from thePPhopPPHOP PLR. Note that thePhopPHOP node must have sent the Conditional PathTear as it was not an MP for the LSP (see <xref target="failures_nonmp"/> of this document). </t> <t>In the example topology in <xref target="example_network"/>, we assume C&and D are the NP-MPs for the PLRs A& Band B, respectively.NowNow, when the A-B link fails,asB will delete the LSP state, because B is not an MP and itsPhopPHOP link hasfailed, B will delete the LSP statefailed (this behavior is required for unprotectedLSPs -LSPs; refer to <xref target="failures_nonmp"/> of this document). In the data plane, that would require B to delete the label forwarding entry corresponding to the LSP.SoThus, if B's downstream nodes C and D continue to retain state, it would not be correct for D to continue to assume itself as the NP-MP for the PLR B. </t> <t>The mechanism that enables D to stop considering itself as the NP-MP for B and delete the corresponding"remote""remote" path state is given below.<list style="hanging"> <t hangText="1.">When</t> <ol> <li>When C receives a Conditional PathTear from B, it decides to retain the LSP state as it is the NP-MP of the PLR A. It also checks whetherPhopPHOP B had previously signaled availability of node protection. As B had previously signaled NP availability by including the B-SFRR-Ready ExtendedAssociationASSOCIATION object, C removes the B-SFRR-Ready ExtendedAssociationASSOCIATION object containing the Association Source set to B from the Path message andtriggertriggers a Path toD. </t> </list> <list style="hanging"> <t hangText="2.">WhenD.</li> <li>When D receives the Path message, it realizes that it is no longer the NP-MP for B and so it deletes the corresponding"remote""remote" path state. D does not propagate the Path further down because the only change is that the B-SFRR-Ready ExtendedAssociationASSOCIATION object corresponding to Association Source B is no longer present in the Pathmessage. </t> </list> </t>message.</li> </ol> </section> <sectionanchor="failures_lpnpmp" title="Behavioranchor="failures_lpnpmp"> <name>Behavior of a Routerthat is bothThat Is Both the LP-MP andNP-MP">NP-MP</name> <t>A router may simultaneously be the LP-MPas well asand the NP-MP for thePhopPHOP andthe PPhopPPHOP nodesrespectivelyof anLSP.LSP, respectively. If thePhopPHOP link fails on such a node, the nodeMUST<bcp14>MUST</bcp14> retain the PSB and RSB states corresponding to the LSPtilluntil the occurrence of any of the followingevents. <list style="hanging"> <t hangText="-">Bothevents: </t> <ul> <li>both Node-ID signaling adjacencies withPhopPHOP andPPhopPPHOP nodes godown, or </t> </list> <list style="hanging"> <t hangText="-">Thedown,</li> <li>the MP receives a normal or"Remote""Remote" PathTear for its PSB,or </t> </list> <list style="hanging"> <t hangText="-">Theor</li> <li>the MP receives a ResvTear for itsRSB. </t> </list> </t>RSB.</li> </ul> <t>If a router that is both an LP-MP and an NP-MP detectsPhopPHOP node failure, then the nodeMUST<bcp14>MUST</bcp14> retain the PSB and RSB states corresponding to the LSPtilluntil the occurrence of any of the followingevents. <list style="hanging"> <t hangText="-">Theevents: </t> <ul> <li>the remote Node-ID signaling adjacency with thePPhopPPHOP PLR goesdown, or </t> </list> <list style="hanging"> <t hangText="-">Thedown,</li> <li>the MP receives a normal or"Remote""Remote" PathTear for its PSB,or </t> </list> <list style="hanging"> <t hangText="-">Theor</li> <li>the MP receives a ResvTear for itsRSB. </t> </list> </t>RSB.</li> </ul> </section> </section> <sectionanchor="cnd_path_tear" title="Conditional PathTear">anchor="cnd_path_tear"> <name>Conditional PathTear</name> <t>In the example provided in <xref target="failures_npmp"/> of this document, B deletes the PSB and RSB states corresponding to the LSP once B detects itsPhopPHOP linkwenthas gone down as B is not an MP. If B were to send a PathTear normally, then C would delete the LSP state immediately. In order to avoid this, there should be some mechanism by which B can indicate to C that B does not require the receiving node to unconditionally delete the LSP state immediately. For this, BMUST<bcp14>MUST</bcp14> add a new optional CONDITIONS object in the PathTear. The CONDITIONS object is defined in <xref target="cnd_path_tear_obj"/> of this document. If node C also understands the new object, then CMUST NOT<bcp14>MUST NOT</bcp14> delete the LSP state if it is an NP-MP. </t> <sectionanchor="cnd_path_tear_send" title="Sendinganchor="cnd_path_tear_send"> <name>Sending the ConditionalPathTear">PathTear</name> <t>A router that is not an MP for an LSPMUST<bcp14>MUST</bcp14> delete the PSB and RSB states corresponding to the LSP if thePhopPHOP link or thePhopPHOP Node-ID signaling adjacency goes down (see <xref target="failures_nonmp"/> of this document). The routerMUST<bcp14>MUST</bcp14> send a Conditional PathTear if the following are alsotrue. <list style="hanging"> <t hangText="-">Thetrue: </t> <ul> <li>the ingress has requested node protection for theLSP, and </t> </list> <list style="hanging"> <t hangText="-">NoLSP and</li> <li>no PathTear is received from the upstreamnode </t> </list> </t>node.</li> </ul> </section> <sectionanchor="cnd_path_tear_recv" title="Processinganchor="cnd_path_tear_recv"> <name>Processing the ConditionalPathTear">PathTear</name> <t>When a router that is not an NP-MP receives a Conditional PathTear, the nodeMUST<bcp14>MUST</bcp14> delete the PSB and RSB states corresponding to theLSP,LSP and process the Conditional PathTear by considering it as a normal PathTear. Specifically, the nodeMUST NOT<bcp14>MUST NOT</bcp14> propagate the Conditional PathTear downstream but remove the optional object and send a normal PathTear downstream. </t> <t>When a node that is an NP-MP receives a Conditional PathTear, itMUST NOT<bcp14>MUST NOT</bcp14> delete the LSP state. The nodeMUST<bcp14>MUST</bcp14> check whether thePhopPHOP node had previously included the B-SFRR-Ready ExtendedAssociationASSOCIATION object in the Path. If the object had been included previously by thePhop,PHOP, then the node processing the Conditional PathTear from thePhop MUSTPHOP <bcp14>MUST</bcp14> remove the corresponding object and trigger a Path downstream. </t> <t>If a Conditional PathTear is received from a neighbor that has not advertised support (refer to <xref target="compatible"/> of this document) for the new procedures defined in this document, then the nodeMUST<bcp14>MUST</bcp14> consider the message as a normal PathTear. The nodeMUST<bcp14>MUST</bcp14> propagate the normal PathTear downstream and delete the LSP state. </t> </section> <sectionanchor="cnd_path_tear_obj" title="CONDITIONS Object">anchor="cnd_path_tear_obj"> <name>CONDITIONS Object</name> <t>Any implementation that does not support a Conditional PathTear needs to ignore the new object but process the message as a normal PathTear without generating any error. For this reason, the Class-Num of the new object follows the pattern10bbbbbb10bbbbbb, where'b'"b" represents a bit. (The behavior for objects of this type is specified inSection 3.10 of<xreftarget="RFC2205"/>).target="RFC2205" sectionFormat="of" section="3.10"/>.) </t> <t>The new object is calledas "CONDITIONS"the "CONDITIONS" objectthatand will specify the conditions under which default processing rules of the RSVP-TE messageMUST<bcp14>MUST</bcp14> be invoked. </t> <t>The object has the followingformat:format:</t> <figurealign="left" anchor="fig_conditions" title="CONDITIONS Object"> <artwork> <![CDATA[anchor="fig_conditions"> <name>CONDITIONS Object</name> <artwork align="left"><![CDATA[ 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Length | Class | C-type | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Flags (Reserved) |M| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+]]> </artwork>]]></artwork> </figure><?rfc subcompact="yes" ?> <list style="none"> <t>Class: TBA1<br></br> C-type: 1<br></br> Flags is a 32<dl spacing="compact" newline="false"> <dt>Class:</dt> <dd>135</dd> <dt>C-type:</dt> <dd>1</dd> <dt>Flags:</dt> <dd>32 bitfield. Bitfield</dd> <dt>M:</dt> <dd>Bit 31 is the Merge-point condition (M)bit:bit. If the M bit is set to 1, then the PathTear messageMUST<bcp14>MUST</bcp14> be processed according to the receiver router role,i.e.i.e., if the receiving router is an MP or not for the LSP. If it is not set, then the PathTear messageMUST<bcp14>MUST</bcp14> be processed as a normal PathTear message for theLSP.<br></br> BitsLSP.</dd> </dl> <t>Bits 0-30 arereserved,reserved; theyMUST<bcp14>MUST</bcp14> be set to zero on transmission andMUST<bcp14>MUST</bcp14> be ignored onreceipt.<br></br> </t> </list> </t>receipt.</t> </section> </section> <sectionanchor="rem_tear" title="Remoteanchor="rem_tear"> <name>Remote StateTeardown">Teardown</name> <t>If the ingress wants to tear down the LSP because of a management event while the LSP is being locally repaired at a transit PLR, it would not be desirable to waittilluntil the completion of backup LSP signaling to perform state cleanup. In this case, the PLRMUST<bcp14>MUST</bcp14> send a"Remote""Remote" PathTear message instructing the MP to delete the PSB and RSB states corresponding to the LSP. The TTL in the"Remote""Remote" PathTear messageMUST<bcp14>MUST</bcp14> be set to 255. Doing this enables LSP state cleanup when the LSP is being locally repaired. </t> <t>Consider that node C in the example topology (<xref target="example_network"/>) has gone down and node B locally repairs theLSP. <list style="hanging"> <t hangText="1.">IngressLSP: </t> <ol> <li>Ingress A receives a management event to tear down theLSP. </t> </list> <list style="hanging"> <t hangText="2.">ALSP.</li> <li>A sends a normal PathTear for the LSP toB. </t> </list> <list style="hanging"> <t hangText="3.">AssumeB.</li> <li>Assume B has not initiated the backup signaling for the LSP during local repair. To enable LSP state cleanup, B sends a"Remote""Remote" PathTear with the destination IP address set to that of the node D used in the Node-ID signaling adjacency withD,D and the RSVP_HOP object containing the local address used in the Node-ID signalingadjacency. </t> </list> <list style="hanging"> <t hangText="4.">Badjacency.</li> <li>B then deletes the PSB and RSB states corresponding to theLSP. </t> </list> <list style="hanging"> <t hangText="5.">On DLSP.</li> <li>On D, there would be a remote signaling adjacency withBB, and so D accepts the"Remote""Remote" PathTear anddeletedeletes the PSB and RSB states corresponding to theLSP. </t> </list> </t>LSP.</li> </ol> <sectionanchor="lcl_repair_fail" title="PLRanchor="lcl_repair_fail"> <name>PLR Behavior on Local RepairFailure">Failure</name> <t>If local repair fails on the PLR after a failure, the PLRMUST<bcp14>MUST</bcp14> send a"Remote""Remote" PathTear to the MP. The purpose of this is to clean up LSP state from the PLR to theEgress.egress. Upon receiving the PathTear, the MPMUST<bcp14>MUST</bcp14> delete the states corresponding to the LSP and also propagate the PathTeardownstreamdownstream, thereby achieving state cleanup from all downstream nodes up to the LSP egress. Note that in the case of link protection, the PathTearMUST<bcp14>MUST</bcp14> be directed to the LP-MP's Node-ID IP address rather than theNhopNHOP interface address. </t> </section> <sectionanchor="resv_rro_chng" title="PLRanchor="resv_rro_chng"> <name>PLR Behavior on Resv RROChange">Change</name> <t>When a PLR router that has already made NP available for an LSP detects a change in the RRO carried in the Resv message that indicates that the router's former NP-MP is no longer present on the path of the LSP, then the routerMUST<bcp14>MUST</bcp14> send a"Remote""Remote" PathTear directly to its former NP-MP. </t> <t>In the example topology in <xref target="example_network"/>, assume node A has made node protection available for an LSP and C has concluded it is the NP-MP for PLR A. When the B-C linkfailsfails, then C, implementing the procedure specified in <xref target="failures_lpnpmp"/> of this document, will retain the states corresponding to the LSPuntil:until one of the following occurs:</t> <ul> <li>the remote Node-ID signaling adjacency with A goesdown, or adown or</li> <li>a PathTear or a ResvTear is received for its PSB orRSB respectively. IfRSB, respectively.</li> </ul> <t>If B also has made node protection available, B will eventually complete backup LSP signaling with its NP-MP D and trigger a Resv to A with RRO changed. The new RRO of the LSP carried in the Resv will not contain C. When A processes the Resv message with a new RRO not containingC -C, its former NP-MP,AA, sends a"Remote""Remote" PathTear to C. When C receives the"Remote""Remote" PathTear for its PSB state, C will send a normal PathTear downstream to D and delete both the PSB and RSB states corresponding to the LSP. As D has already received backup LSP signaling from B, D will retain the control plane and forwarding states corresponding to the LSP. </t> </section> <sectionanchor="lcl_repair_preempt" title="LSPanchor="lcl_repair_preempt"> <name>LSP PreemptionduringDuring LocalRepair">Repair</name> <sectionanchor="lcl_repair_preempt_lpnp" title="Preemptionanchor="lcl_repair_preempt_lpnp"> <name>Preemption on LP-MPafter PhopAfter PHOP LinkFailure">Failure</name> <t>If an LSP is preempted on an LP-MP after itsPhopPHOP link has already failed but the backup LSP has not been signaled yet as part of the local repair procedure, then the nodeMUST<bcp14>MUST</bcp14> send a normal PathTear and delete both the PSB and RSB states corresponding to the LSP. As the LP-MP has retained the LSP state expecting the PLR to initiate backup LSP signaling, preemption would bring down the LSP and the node would not be LP-MPany moreanymore, requiring the node to clean up the LSP state. </t> </section> <sectionanchor="lcl_repair_preempt_npmp" title="Preemptionanchor="lcl_repair_preempt_npmp"> <name>Preemption on NP-MPafter PhopAfter PHOP LinkFailure">Failure</name> <t>If an LSP is preempted on an NP-MP after itsPhopPHOP link has already failed but the backup LSP has not been signaled yet, then the nodeMUST<bcp14>MUST</bcp14> send a normal PathTear and delete the PSB and RSB states corresponding to the LSP. As the NP-MP has retained the LSP state expecting the PLR to initiate backup LSP signaling, preemption would bring down the LSP and the node would not be NP-MPany moreanymore, requiring the node to clean up LSP state. </t> <t>Consider that the B-C link goes down on the same example topology (<xref target="example_network"/>). As C is the NP-MP for the PLR A, C will retain the LSP state.<list style="hanging"> <t hangText="1.">The</t> <ol> <li>The LSP is preempted onC. </t> </list> <list style="hanging"> <t hangText="2.">CC.</li> <li>C will delete the RSB state corresponding to the LSP.ButHowever, C cannot send a PathErr or a ResvTear to the PLR A because the backup LSP has not been signaledyet. </t> </list> <list style="hanging"> <t hangText="3.">Asyet.</li> <li>As the only reason for C having retained state afterPhopPHOP node failure was that it was an NP-MP, C sends a normal PathTear to D anddeletealso deletes its PSBstate also.state. D would also delete the PSB and RSB states on receiving a PathTear fromC. </t> </list> <list style="hanging"> <t hangText="4.">BC.</li> <li>B starts backup LSP signaling to D.ButHowever, as D does not have the LSP state, it will reject the backup LSP Path message and send a PathErr toB. </t> </list> <list style="hanging"> <t hangText="5.">BB.</li> <li>B will delete its reservation and send a ResvTear toA. </t> </list> </t>A.</li> </ol> </section> </section> </section> <sectionanchor="compatible" title="Backwardanchor="compatible"> <name>Backward CompatibilityProcedures"> <t>"Refresh intervalProcedures</name> <t>"Refresh-Interval IndependentFRR" or RI-RSVP-FRR refersRSVP-TE FRR" and "RI-RSVP-FRR" refer to the set of procedures defined in this document to eliminate the relianceofon periodic refreshes. The extensions proposed in RSVP-TE Summary FRR <xref target="RFC8796"/> may apply to implementations that do not support RI-RSVP-FRR. On the other hand, RI-RSVP-FRR extensions relating to LSP statecleanupcleanup, namely Conditional and"Remote" PathTear"Remote" PathTears, require support from one-hop and two-hop neighboring nodes along theLSP path. SoLSP. Thus, procedures that fall under the LSP state cleanup categoryMUST NOT<bcp14>MUST NOT</bcp14> be turned on if any of the nodes involved in the node protection FRRi.e.(i.e., the PLR, theMPMP, and the intermediate node in the case ofNP, doesNP) do not support RI-RSVP-FRR extensions. Note that for LSPs requesting link protection, only the PLR and the LP-MPMUST<bcp14>MUST</bcp14> support the extensions. </t> <sectionanchor="compat_detect" title="Detectinganchor="compat_detect"> <name>Detecting Support forRefresh intervalRefresh-Interval IndependentFRR">RSVP-TE FRR</name> <t>An implementation supporting RI-RSVP-FRR extensionsMUST<bcp14>MUST</bcp14> set theflag "Refresh interval Independent RSVP" orRI-RSVP Capable flag in the CAPABILITY object carried in Hello messages as specified in RSVP-TE Scaling Techniques <xref target="RFC8370"/>. If an implementation does not set the flag even if it supports RI-RSVP-FRR extensions, then its neighbors will view the node as any node that does not support the extensions.<list style="hanging"> <t hangText="-">As</t> <ul> <li>As nodes supporting the RI-RSVP-FRR extensions initiateNode-ID basedNode-ID-based signaling adjacency with all immediate neighbors, such a node on the path of a protected LSP can determine whether itsPhopPHOP andNhopNHOP neighbors support RI-RSVP-FRRenhancements. </t> </list> <list style="hanging"> <t hangText="-">Asenhancements.</li> <li>As nodes supporting the RI-RSVP-FRR extensions also initiateNode-ID basedNode-ID-based signaling adjacency with theNNhopNNHOP along the path of the LSPrequestedrequesting node protection (see <xref target="sig_plr_behavior"/> of this document), each node along the LSPpathcan determine whether itsNNhopNNHOP node supports RI-RSVP-FRR enhancements. If theNNhopNNHOP (a) does not reply to remote Node-ID Hello messages or (b) does not set the RI-RSVP flag in the CAPABILITY object carried in its Node-ID Hello messages, then the node acting as the PLR can conclude thatNNhopNNHOP does not support RI-RSVP-FRRextensions. </t> </list> <list style="hanging"> <t hangText="-">Ifextensions.</li> <li>If node protection is requested for an LSP and if (a) thePPhopPPHOP node has not included a matching B-SFRR-Ready ExtendedAssociationASSOCIATION object in its Pathmessages ormessages, (b) thePPhopPPHOP node has not initiated remote Node-ID Hellomessagesmessages, or (c) thePPhopPPHOP node does not set the RI-RSVP flag in the CAPABILITY object carried in its Node-ID Hello messages, then the nodeMUST<bcp14>MUST</bcp14> conclude that the PLR does not support RI-RSVP-FRRextensions. </t> </list> </t>extensions.</li> </ul> </section> <sectionanchor="compat_procedures" title="Proceduresanchor="compat_procedures"> <name>Procedures for BackwardCompatibility">Compatibility</name> <t>Every node that supports RI-RSVP-FRRMUST<bcp14>MUST</bcp14> support the procedures defined in this section in order to support backward compatibility for thosesubsetsubsets of LSPs that also traverse nodes that do not support RI-RSVP-FRR. </t> <sectionanchor="dnstr_no_support" title="Lackanchor="dnstr_no_support"> <name>Lack ofsupportSupport on DownstreamNode">Nodes</name> <t>The procedures on the downstream direction are asfollows. <list style="hanging"> <t hangText="-">Iffollows:</t> <ul> <li>If a node finds that theNhopNHOP node along the LSP does not support the RI-RSVP-FRR extensions, then the nodeMUST<bcp14>MUST</bcp14> reduce the"refresh period""refresh period" in the TIME_VALUES object carried in the Path messages to the default short refreshinterval. </t> </list> <list style="hanging"> <t hangText="-">Ifinterval.</li> <li>If node protection is requested for the LSP and theNNhopNNHOP node along the LSPpathdoes not support the RI-RSVP-FRR extensions, then the nodeMUST<bcp14>MUST</bcp14> reduce the"refresh period""refresh period" in the TIME_VALUES object carried in the Path messages to the default short refreshinterval. </t> </list> </t>interval.</li> </ul> <t>If a node reduces the refresh time using the above procedures, itMUST NOT<bcp14>MUST NOT</bcp14> send any"Remote""Remote" PathTear or Conditional PathTear message to the downstreamnode. </t>node.</t> <t>Consider the example topology in <xref target="example_network"/>. If C does not support the RI-RSVP-FRR extensions,then: <list style="hanging"> <t hangText="-">Athen:</t> <ul> <li>A and B reduce the refresh time to the default short refresh interval of 30 seconds and trigger a Pathmessage </t> </list> <list style="hanging"> <t hangText="-">Ifmessage.</li> <li>If B is not an MP and ifPhopthe PHOP link of B fails, B cannot send a Conditional PathTear to C but times out the PSB state from A normally. Note that B can only normally time out the PSB state Anormally onlyif A did not set the long refresh in the TIME_VALUES object carried in the Path messages sentearlier. </t> </list> </t>earlier.</li> </ul> </section> <sectionanchor="upstr_no_support" title="Lackanchor="upstr_no_support"> <name>Lack ofsupportSupport on UpstreamNode">Nodes</name> <t>The procedures on the upstream direction are asfollows. <list style="hanging"> <t hangText="-">Iffollows:</t> <ul> <li>If a node finds that thePhopPHOP node along the LSPpathdoes not support the RI-RSVP-FRR extensions, then the nodeMUST<bcp14>MUST</bcp14> reduce the"refresh period""refresh period" in the TIME_VALUES object carried in the Resv messages to the default short refreshinterval. </t> </list> <list style="hanging"> <t hangText="-">Ifinterval.</li> <li>If node protection is requested for the LSP and thePhopPHOP node along the LSPpathdoes not support the RI-RSVP-FRR extensions, then the nodeMUST<bcp14>MUST</bcp14> reduce the"refresh period""refresh period" in the TIME_VALUES object carried in the Path messages to the default short refresh interval (thus, theNhopNHOP can use compatible values when sending aResv). </t> </list> <list style="hanging"> <t hangText="-">IfResv).</li> <li>If node protection is requested for the LSP and thePPhopPPHOP node does not support the RI-RSVP-FRR extensions, then the nodeMUST<bcp14>MUST</bcp14> reduce the"refresh period""refresh period" in the TIME_VALUES object carried in the Resv messages to the default short refreshinterval. </t> </list> <list style="hanging"> <t hangText="-">Ifinterval.</li> <li>If the node reduces the refresh time using the above procedures, itMUST NOT<bcp14>MUST NOT</bcp14> execute MP procedures specified in <xref target="failures"/> of thisdocument. </t> </list> </t>document.</li> </ul> </section> <sectionanchor="incr_deploy" title="Incremental Deployment">anchor="incr_deploy"> <name>Incremental Deployment</name> <t>The backward compatibility procedures described in the previoussub-sectionssubsections imply that a router supporting the RI-RSVP-FRR extensions specified in this document can apply the procedures specified inthethis document either in the downstream or upstream direction of an LSP, depending on the capability of the routers downstream or upstream in theLSP path. <list style="hanging"> <t hangText="-">RI-RSVP-FRRLSP. </t> <ul> <li>RI-RSVP-FRR extensions and procedures are enabled for downstream Path,PathTearPathTear, and ResvErr messages corresponding to an LSP if link protection is requested for the LSP and theNhopNHOP node supports theextensions </t> </list> <list style="hanging"> <t hangText="-">RI-RSVP-FRRextensions.</li> <li>RI-RSVP-FRR extensions and procedures are enabled for downstream Path,PathTearPathTear, and ResvErr messages corresponding to an LSP if node protection is requested for the LSP and bothNhop & NNhopNHOP and NNHOP nodes support theextensions </t> </list> <list style="hanging"> <t hangText="-">RI-RSVP-FRRextensions.</li> <li>RI-RSVP-FRR extensions and procedures are enabled for upstream PathErr,ResvResv, and ResvTear messages corresponding to an LSP if link protection is requested for the LSP and thePhopPHOP node supports theextensions </t> </list> <list style="hanging"> <t hangText="-">RI-RSVP-FRRextensions.</li> <li>RI-RSVP-FRR extensions and procedures are enabled for upstream PathErr,ResvResv, and ResvTear messages corresponding to an LSP if node protection is requested for the LSP and bothPhopPHOP andthe PPhopPPHOP nodes support theextensions </t> </list> </t>extensions.</li> </ul> <t>For example, if an implementation supporting the RI-RSVP-FRR extensions specified in this document is deployed on all routers in a particular region of the network and if all the LSPs in the network request node protection, then the FRR extensions will only be applied for the LSP segments that traverse the particular region. This will aid incremental deployment of these extensions and also allow reaping the benefits of the extensions in portions of the network where it is supported. </t> </section> </section> </section> <sectionanchor="cap_bit_without_support" title="Consequenceanchor="cap_bit_without_support"> <name>Consequences of Advertising RI-RSVPwithout RI-RSVP-FRR">Without RI-RSVP-FRR</name> <t>If a node supporting facility backup protection <xref target="RFC4090"/> sets the RI-RSVP capability(I bit)(I-bit) but does not support the RI-RSVP-FRR extensions, due to an implementation bug or configuration error, then it leaves room for the stale state to linger around for an inordinate period of time or for disruption of normal FRRoperationoperations (see <xref target="prob_desc"/> of this document). Consider the example topology<xref target="example_network"/>(<xref target="example_network"/>) provided in this document.<list style="hanging"> <t hangText="-">Assume</t> <ul> <li>Assume node B does set the RI-RSVP capability in itsNode-ID basedNode-ID-based Hello messages even though it does not support RI-RSVP-FRR extensions. When B detects the failure of itsPhopPHOP link along an LSP, it will not send a Conditional PathTear to C as required by the RI-RSVP-FRR procedures. If B simply leaves the LSP state without deleting, then B may end up holding on to the stale state until the (long) refreshtimeout. </t> </list> <list style="hanging"> <t hangText="-">Insteadtimeout.</li> <li>Instead of node B, assume node C does set the RI-RSVP capability in itsNode-id basedNode-ID-based Hello messages even though it does not support RI-RSVP-FRR extensions. When B details the failure of itsPhopPHOP link along an LSP, it will send a Conditional PathTear to C as required by the RI-RSVP-FRR procedures.But,However, C would not recognize the condition encoded in the PathTear and end up tearing down theLSP. </t> </list> <list style="hanging"> <t hangText="-">AssumeLSP.</li> <li>Assume node B does set the RI-RSVP capability in itsNode-ID basedNode-ID-based Hello messages even though it does not support RI-RSVP-FRR extensions.AlsoIn addition, assume local repair is about to commence on node B for an LSP that has only requested linkprotection. Thatprotection, that is, B has not initiated the backup LSP signaling for the LSP. If node B receives a normal PathTear at this time from ingress A because of a management event initiated on A, then B simply deletes the LSP state without sending a Remote PathTear to the LP-MPC. So,C, so C may end up holding on to the stale state until the (long) refreshtimeout. </t> </list> </t>timeout.</li> </ul> </section> </section> <sectionanchor="Security" title="Security Considerations">anchor="Security"> <name>Security Considerations</name> <t>The security considerations pertaining to the original RSVP protocol<xref(<xref target="RFC2205"/>, <xreftarget="RFC3209"/>target="RFC3209"/>, and <xreftarget="RFC5920"/>target="RFC5920"/>) remain relevant. When using RSVPCryptographic Authenticationcryptographic authentication <xref target="RFC2747"/>, more robust algorithms such as HMAC-SHA256, HMAC-SHA384, or HMAC-SHA512 <xreftarget="RFC2104"/><xreftarget="RFC2104"/> <xref target="FIPS-180-4"/>SHOULD<bcp14>SHOULD</bcp14> be used when computing the keyed message digest where possible. </t> <t>This document extends the applicability ofNode-ID basedNode-ID-based Hellosessionsessions between immediate neighbors. TheNode-ID basedNode-ID-based Hello session between the PLR and the NP-MP may require the two routers to exchange Hello messages with a non-immediate neighbor.So,Therefore, the implementationsSHOULD<bcp14>SHOULD</bcp14> provide the option to configureNode-ID neighboreither a specific neighbor or global Node-ID authentication key to authentication messages received from Node-ID neighbors. The network administratorSHOULD<bcp14>SHOULD</bcp14> utilize this option to enable RSVP-TE routers to authenticate Node-ID Hello messages received with a TTL greater than 1. ImplementationsSHOULD<bcp14>SHOULD</bcp14> also provide the option to specify a limit on the number ofNode-ID basedNode-ID-based Hello sessions that can be established on a router supporting the extensions defined in this document. </t> </section> <sectionanchor="IANA" title="IANA Considerations">anchor="IANA"> <name>IANA Considerations</name> <sectionanchor="IANA_Conditions" title="CONDITIONS Object">anchor="IANA_Conditions"> <name>CONDITIONS Object</name> <t>IANA maintains theClass"Class Names, Class Numbers, and ClassTypes registriesTypes" registry in the"RSVP parameters""RSVP Parameters" registry group (seehttp://www.iana.org/assignments/rsvp-parameters/rsvp-parameters.xml).<eref target="http://www.iana.org/assignments/rsvp-parameters/"/>). IANAis requested to extendhas extended these registries by adding a new Class Number (in the 10bbbbbb range) andassignassigning a new C-Type under this Class Number, as described below (see <xref target="cnd_path_tear_obj"/>):<artwork> <![CDATA[</t> <table anchor="table1"> <name>Class Names, ClassNumberNumbers, and ClassName Reference TBA1 CONDITIONS This document ]]> </artwork> <t>ClassTypes</name> <thead> <tr> <th>Class Number</th> <th>Class Name</th> <th>Reference</th> </tr> </thead> <tbody> <tr> <td>135</td> <td>CONDITIONS</td> <td>RFC 9705</td> </tr> </tbody> </table> <table anchor="table2"> <name>Class Typeof C-typesor C-Types -TBA1 CONDITIONS </t> <artwork> <![CDATA[ Value Class Name Reference 1 CONDITIONS This document ]]> </artwork>135 CONDITIONS</name> <thead> <tr> <th>Value</th> <th>Description</th> <th>Reference</th> </tr> </thead> <tbody> <tr> <td>1</td> <td>CONDITIONS</td> <td>RFC 9705</td> </tr> </tbody> </table> <t>IANAis requested to addhas added anew sub-registry for "CONDITIONSsubregistry called "CONDITIONS ObjectFlags"Flags" as shown below. Assignments of additional Class Type values for Class Name"CONDITIONS""CONDITIONS" are to be performed via"IETF Review""IETF Review" <xref target="RFC8126"/>.</t><artwork> <![CDATA[ Bit Number 32-bit Value Name Reference 0-30 Unassigned 31 0x0001 Merge-point This document ]]> </artwork><table anchor="table3"> <name>CONDITIONS Object Flags</name> <thead> <tr> <th>Bit Number</th> <th>32-Bit Value</th> <th>Name</th> <th>Reference</th> </tr> </thead> <tbody> <tr> <td>0-30</td> <td></td> <td>Unassigned</td> <td></td> </tr> <tr> <td>31</td> <td>0x0001</td> <td>Merge-point</td> <td>RFC 9705</td> </tr> </tbody> </table> <t>All assignments in thissub-registrysubregistry are to be performed via"IETF Review""IETF Review" <xref target="RFC8126"/>.</t></t></section> </section><!-- This PI places the pagebreak correctly (before the section title) in the text output. --> <?rfc needLines="8" ?></middle> <back> <references> <name>References</name> <references> <name>Normative References</name> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.2119.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.2747.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.3209.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.4090.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.2961.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.2205.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.4558.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.3473.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.5063.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8126.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8174.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8370.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8796.xml"/> </references> <references> <name>Informative References</name> <reference anchor="FIPS-180-4" target="https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf"> <front> <title>Secure Hash Standard</title> <author> <organization>National Institute of Standards and Technology</organization> </author> <date month="August" year="2015"/> </front> <seriesInfo name="FIPS PUB" value="180-4"/> <seriesInfo name="DOI" value="10.6028/NIST.FIPS.180-4"/> </reference> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.2104.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.5920.xml"/> </references> </references> <section anchor="Acknowledgements"title="Acknowledgements">numbered="false"> <name>Acknowledgements</name> <t>We are very grateful toYakov Rekhter<contact fullname="Yakov Rekhter"/> for his contributions to the development of the idea and thorough review of the content of thedraft.document. We are thankful toRaveendra Torvi and Yimin Shen<contact fullname="Raveendra Torvi"/> and <contact fullname="Yimin Shen"/> for their comments and inputs on early versions of thedraft.document. We also thankAlexander Okonnikov<contact fullname="Alexander Okonnikov"/> for his review and comments on thedraft.document. </t> </section><!-- Possibly a 'Contributors' section ... --><section anchor="Contributors"title="Contributors"> <t> Markus Jork<br></br> Junipernumbered="false"> <name>Contributors</name> <contact fullname="Markus Jork"> <organization>Juniper Networks,Inc.<br></br> Email: mjork@juniper.net </t> <t> Harish Sitaraman<br></br> Individual Contributor<br></br> Email: harish.ietf@gmail.com </t> <t> VishnuInc.</organization> <address> <email>mjork@juniper.net</email> </address> </contact> <contact fullname="Harish Sitaraman"> <organization>Individual Contributor</organization> <address> <email>harish.ietf@gmail.com</email> </address> </contact> <contact fullname="Vishnu PavanBeeram<br></br> JuniperBeeram"> <organization>Juniper Networks,Inc.<br></br> Email: vbeeram@juniper.net </t> <t> Ebben Aries<br></br> JuniperInc.</organization> <address> <email>vbeeram@juniper.net</email> </address> </contact> <contact fullname="Ebben Aries"> <organization>Juniper Networks,Inc.<br></br> Email: exa@juniper.com </t> <t> Mike Taillon<br></br> CiscoInc.</organization> <address> <email>exa@juniper.com</email> </address> </contact> <contact fullname="Mike Taillon"> <organization>Cisco Systems,Inc.<br></br> Email: mtaillon@cisco.com </t>Inc.</organization> <address> <postal/> <email>mtaillon@cisco.com</email> </address> </contact> </section></middle> <back> <!-- References split into informative and normative --> <!-- There are 2 ways to insert reference entries from the citation libraries: 1. define an ENTITY at the top, and use "ampersand character"RFC2629; here (as shown) 2. simply use a PI "less than character"?rfc include="reference.RFC.2119.xml"?> here (for I-Ds: include="reference.I-D.narten-iana-considerations-rfc2434bis.xml") Both are cited textually in the same manner: by using xref elements. If you use the PI option, xml2rfc will, by default, try to find included files in the same directory as the including file. You can also define the XML_LIBRARY environment variable with a value containing a set of directories to search. These can be either in the local filing system or remote ones accessed by http (http://domain/dir/... ).--> <references title="Normative References"> &RFC2119; &RFC2747; &RFC3209; &RFC4090; &RFC2961; &RFC2205; &RFC4558; &RFC3473; &RFC5063; &RFC8126; &RFC8174; &RFC8370; &RFC8796; </references> <references title="Informative References"> <reference anchor="FIPS-180-4"> <front> <title>Secure Hash Standard</title> <author> <organization>National Institute of Standards and Technology</organization> </author> <date month="August" year="2015"/> </front> <seriesInfo name="FIPS" value="180-4"/> </reference> &RFC2104; &RFC5920; </references></back> </rfc>