ISIS Working Group Radia Perlman and Chris Gunner Internet-draft Digital Equipment Corp. June 1993 Routing over Nonbroadcast Multiaccess Links Table of Contents 1. Status of this Memo 3 2. Abstract 3 3. Conventions 4 4. Introduction 4 4.1. CLNP Addresses 6 4.2. Finding Neighbors across NBMA Links 6 4.3. Types Of Nodes Attached To NBMA 7 4.4. ES-IS For NBMA 9 4.5. IP Endnodes on NBMA 10 4.6. IS-IS On NBMA 11 4.6.1. ISs Finding Each Other 11 4.6.2. Reliable And Efficient LSP Distribution Across NBMA 12 4.7. Packet Encapsulation 12 4.8. Security 13 5. Configuration Information 15 5.1. Simple-ES, Configured-ES, Passive-IS, Configured-Passive-IS 15 5.2. Dynamically-Learned-ESs 16 5.3. Nonpassive-ISs 17 6. Databases 20 6.1. Kept By Simple-ES, Configured-ES, Passive-IS, And Configured-Passive-IS 20 6.2. Kept By Dynamically-Learned ES 21 6.3. Kept By Level 1 ISs 22 6.4. Kept By Level 2 ISs 22 6.5. Additional Information Kept By Designated Router 23 7. Protocols 25 7.1. Electing A Designated Router 25 7.2. Finding An IS 27 7.3. Forwarding Across NBMA 27 7.4. Fragmentation Of The DR-Hello 28 7.5. Maintenance Of The Destination Cache 28 7.6. NBMA Configuration Information Included In LSPs 29 8. Packet Formats 29 8.1. Unchanged Packet Formats 30 Perlman (Internet-Draft expires end December 1993) [Page 1] Internet-Draft Routing over NBMA Links June 1993 8.2. Initial Fields in all the ES-IS and IS-IS SMDS Packets 30 8.3. SMDS ES Hello 32 8.4. SMDS DR-to-ES Hello 33 8.5. SMDS Level 1 IS Hello 33 8.6. SMDS Level 2 IS Hello 35 8.7. Redirect 35 9. Acronyms used in this Specification 37 10. References 37 11. Working Group Information 38 12. Authors' Addresses 38 Perlman (Internet-Draft expires end December 1993) [Page 2] Internet-Draft Routing over NBMA Links June 1993 1. Status of this Memo This document is an Internet Draft describing how to run connectionless network layer protocols, and in particular, Integrated IS-IS, ES-IS, and CLNP over Multiaccess nonbroadcast links (NBMAs). A previous version was originally written for SMDS; however, the concepts apply equally well to other "clouds", like ISDN, X.25, or even a backbone WAN network running some network layer protocol. This is not directly applicable to frame relay, however, since frame relay does not have true addressing. Frame relay is really just a collection of point to point links. Although the previous document was originally written for connectionless OSI network layer protocols (CLNP, ES-IS, and IS-IS), the concepts (other than use of embedded DTE addresses) apply to other connectionless network layer protocols (for instance, IP) as well. This document is significantly revised from the original to be more general, both in terms of type of NBMA link and in terms of type of network layer running over it. Internet Drafts are working documents of the Internet Engineering Task Force (IETF), its Areas, and its Working Groups. Note that other groups may also distribute working documents as Internet Drafts. Internet Drafts are draft documents valid for a maximum of six months. This Internet draft expires at the end of December 1993. Internet drafts may be updated, replaced, or obsoleted by other documents at any time. It is not appropriate to use Internet Drafts as reference material or to cite them other than as a "working draft" or "work in progress". Please check the I-D abstract listing contained in each Internet Draft directory to learn the current status of this or any other Internet Draft. This is a draft document of the ISIS working group. Distribution of this memo is unlimited. Please send comments to the ISIS working group: isis@merit.edu 2. Abstract This document assumes basic familiarity with CLNP, ES-IS, IS-IS, ARP, and IP. The design in this document attempts to minimize routing control traffic and manual configuration. The issues involve judicious use of CLNP addressing whenever possible, Perlman (Internet-Draft expires end December 1993) [Page 3] Internet-Draft Routing over NBMA Links June 1993 protocol differentiation (also sometimes called encapsulation) for coexistence with other protocols running over the NBMA, enabling ESs to find an active IS, enabling ISs to find each other, optimizing routes across NBMA (eliminating double-hopping across NBMA), and efficient and reliable distribution of LSPs (link state packets) across NBMA. 3. Conventions The following language conventions are used in the items of specification in this document: 1. MUST, SHALL, or MANDATORY -- the item is an absolute requirement 2. SHOULD or RECOMMENDED -- the item should generally be followed for all but exceptional circumstances 3. MAY or OPTIONAL -- the item is truly optional and may be followed or ignored according to the needs of the implementor. 4. Introduction IS-IS has been designed to operate over point to point links, and over LANs. NMBA links such as SMDS and X.25 do not fit either model. An NBMA link is not like a point to point link because it is multiaccess and requires a data link destination address. Note that in this document we refer to the address on the NBMA link as a "data link address" -- providers of the NBMA might very well refer to the address in the NBMA cloud as a "network layer address". From the point of view of CLNP or IP which is running on top of the NBMA, however, the NBMA is a data link. An NBMA link is not like a LAN because it is a tariffed service, costs across it cannot be assumed to be the same for all destinations, bandwidth use should be more conservative than on a LAN, and multicast, if provided at all, does not serve the same function as multicast on a LAN (for instance, in SMDS group address recipients have to be preconfigured, and there is a limit to the number of recipients of any SMDS group address). On NMBA the NBMA individual address of a station is determined at subscription time by the service provider. Most NMBAs do not provide multicast at all. SMDS does provide something which looks deceptively similar to multicast and is called "group addressing". A group address is assigned by the SMDS service Perlman (Internet-Draft expires end December 1993) [Page 4] Internet-Draft Routing over NBMA Links June 1993 provider (in contrast to an 802 LAN, where the multicast addresses can be known beforehand and specified in the spec), and the list of the individual members of the group has to be configured by the service provider (in contrast to an 802 LAN, where any node can listen to any address). The membership of an SMDS group cannot change dynamically. There are three basic pieces to the Network Layer which are covered by this document. The first is the data packet format and the addressing structure (both CLNP and IP are discussed). The second piece is the handshaking protocol between neighbor ESs and ISs, which enables ISs to keep track of adjacent ESs and ESs to keep track of at least one IS. It also enables nodes to keep a correspondence between Network Layer addresses and Data Link Layer addresses (ARP is discussed, but only to explain why it is inappropriate in the NBMA case and how to handle IP without it). The third piece is IS-IS, which is the intra-domain routing protocol. The original document specified exact packet formats for use over SMDS. This document is more conceptual, and will not specify packets exactly (like giving packet type numbers). Instead it will specify what needs to be contained in the packets. Variable length fields in packets are encoded as "options", with an octet that specifies the option type, a length field specifying the length of the data associated with the option, and a field with the data associated with the option. Option types with associated data fields that are likely to be very long are specified with a 2 octet length field. Option types with data which would not exceed 256 octets are specified with a 1 octet length field. This specification only relates to ISs (routers) and ESs (endnodes) directly connected to NBMAs. No changes are required to ISs and ESs not directly connected to an NBMA. Note that the packets defined in this document never propagate beyond the NBMA. They are used for negotiating with neighbors across the NBMA. Packets that do get forwarded (for instance, link state packets, data packets) are not affected by this document, other than the definition of how they are encapsulated with an NBMA header while traversing NBMA. The packets in this document have the same packet types and basic function as packets defined in ES-IS and IS-IS for neighbor handshaking. However, since neighbor handshaking protocols are technology dependent, the encoding of the packets for NBMA are different from the packets defined for 802 LANs or point to point links. Perlman (Internet-Draft expires end December 1993) [Page 5] Internet-Draft Routing over NBMA Links June 1993 4.1. CLNP Addresses There are certain ways in which CLNP addresses can be used that are particularly convenient for NBMA links. To understand this, it is necessary to understand a little about CLNP addresses. A CLNP address consists of: +--------------------+----------+--------------------+-----+ | IDP | LOC-AREA | ID | SEL | +--------------------+----------+--------------------+-----+ NBMA addresses are usually X.121 or E.164. There is a mapping between most NBMA addresses and IDPs. For example, SMDS addresses are E.164 addresses. The first octet of the IDP (called the "AFI") in a CLNP address specifies the type of address encoded in the IDP. One type is an E.164 address. Therefore it is possible to learn, from the initial portion of the IDP, that an address is an E.164 address, and examination further into the IDP can yield information such as country code, area code, exchange, and finally the entire E.164 address. For another example, X.25 uses X.121 addresses. There is a value of the AFI that specifies X.121. The first part of the X.121 address is called the "DNIC" and specifies which X.25 network is being used, and the rest of the address is an address specific to that X.25 network. Level 2 IS-IS routing of CLNP routes to CLNP address prefixes. Therefore an IS attached to SMDS can be configured to advertise that it can reach any E.164 address, or be more specific about addresses by including a longer address prefix. An IS attached to a particular X.25 network can be configured to advertise that it can reach any address on that particular X.25 network. (Note: it is unfortunate that E.164 addresses do not contain the equivalent of the DNIC to say which network the address resides on. It would be nice to add to CLNP a new AFI which would mean "E.164 address plus a "which network" field". The structure of such an IDP would be new-AFI.whichnet.E.164. The "which net" field should be 2 octets and globally administered by some organization. Without that things will still work but routing might not be optimal and less address aggregation might be possible.) 4.2. Finding Neighbors across NBMA Links There are three basic methods for reaching node B across NBMA: 1. Node B's NBMA address is embedded in its network layer Perlman (Internet-Draft expires end December 1993) [Page 6] Internet-Draft Routing over NBMA Links June 1993 address 2. Node B's NBMA and network layer address have been configured, either directly into the node trying to reach node B, or into a router that will assist a node trying to reach B by issuing a Redirect or some similar mechanism. 3. Node B's NBMA address has been manually configured into the node trying to reach node B (or into a router that will assist as in method 2), and a routing protocol is carried out in which node B's network layer address is divulged. Solution 1 requires the least amount of configuration and protocol overhead. Therefore, it is recommended but not required that the nodes in a CLNP net attached to NBMA via IS R use R's NBMA address in their IDP. If a destination's IDP contains the NBMA address to which packets for that destination are to be forwarded, communication to that destination is possible without forwarding by an IS, manual configuration, or previous routing protocol exchange. If CLNP addresses are not assigned this way communication is still possible via one of the other two methods. It is possible to use all three methods in a particular network. Configuration and protocol overhead savings is directly proportional to the number of nodes in which embedded NBMA addresses can be used. NBMA addresses cannot be embedded in IPv4 addresses (which in this document we'll simply refer to as "IP" addresses. If IP addressing is used, then some combination of methods 2 and 3 must be employed. 4.3. Types Of Nodes Attached To NBMA There are the following types of ESs connected to NBMA: 1. "Simple-ES": A simple ES is one that has its NBMA address embedded in its network layer address. ISs do not have to keep track of such an ES, since it will automatically be reachable. Although a simple-ES need not be continually in contact with ISs (as would be the case if the ES needed to keep the network informed of its existence), such an ES does need to be able to find an IS quickly in the event that it needs to transmit a packet to an IDP that is not obviously reachable on the NBMA net. The message that it sends is an ES Hello. The act of sending the message is known as "pinging". Again note that NBMA addresses cannot be embedded in IP addresses, so no IP nodes can be of type Simple-ES Perlman (Internet-Draft expires end December 1993) [Page 7] Internet-Draft Routing over NBMA Links June 1993 Also note that an entire network of nodes might be connected via a router, R, to NBMA. If all of the nodes reachable from R have R's NBMA address embedded in their network layer address, then all the node in that portion of the network (including R) are Simple-ESs from the point of view of that NBMA. 2. "Configured-ES": A Configured-ES is an ES that does not have its NBMA address in its network layer address, but whose network/NBMA address pair has been configured into all the nonpassive ISs (see types of ISs) on NBMA. A configured-ES does not need to keep in contact with ISs, since all the ISs have been manually configured to know how to reach the ES. However, as with a Simple-ES, a Configured-ES does need to be able to find an IS quickly in the event that it needs to transmit a packet to something other than a Simple-ES. 3. "Dynamically-Learned ES": A Dynamically-Learned-ES is an ES that does not fit either category 1 or 2. Therefore, it needs to find and keep in constant contact with the DR (Designated Router), in order for the DR to know about the ES's network layer and NBMA address, and for the DR to inform the other routers about that ES. It is highly desirable to avoid the necessity for having any Dynamically-Learned-ESs since keeping the network informed about these ESs consumes bandwidth. There are the following types of ISs: 1. "Passive-IS": A Passive-IS, R, attaches a portion of the network to NBMA, and the NBMA address of R is embedded in R's network layer address, and in the network layer address of all the nodes attached to the NBMA through R. From the point of view of all the other nodes on NBMA, all the nodes attachable through R (including R) are Simple-ESs. As with Simple-ESs, IP addressing does not allow the use of Passive-ISs. Passive-ISs are only possible with CLNP addresses. 2. "Configured-Passive-IS": This is analogous to a Configured-ES. A Configured-Passive-IS is an IS R that, although it attaches nodes to NBMA that do not have R's NBMA address embedded in their network layer address, can still behave like a Passive-IS because all Nonpassive-ISs on NBMA have been configured with the address prefixes reachable through R. 3. "Nonpassive-IS": An IS that runs IS-IS. It is possible for Perlman (Internet-Draft expires end December 1993) [Page 8] Internet-Draft Routing over NBMA Links June 1993 an IS to be configured to be a Nonpassive-IS even if all the nodes it can reach off NBMA have the appropriate network layer address. In most cases, however, this would be undesirable, since running IS-IS consumes bandwidth. In general, the Nonpassive-ISs will be those that attach a portion of the CLNP network to the NBMA that is too topologically complex to exploit embedded NBMA addresses, or attaches a portion of the IP network with a large and dynamically changing set of IP addresses, so that configuration is less desirable than protocol exchange. 4.4. ES-IS For NBMA Note that only CLNP uses ES-IS. On 802 LANs, the equivalent IP protocol is ARP. We'll discuss IP endnodes on NBMA in the next section. ES-IS for NBMA is functionally similar to ES-IS for 802 LANs. It is necessary for the ESs to find an IS and for the ISs to find all the Dynamically Discovered ESs. The difference is that on 802 LANs, ESs continually multicast to the ISs, and the ISs continually multicast to the ESs. This is undesirable on SMDS since it consumes too much bandwidth. Simple-ESs and Configured-ESs will not require periodic exchange of Hello messages. Instead, a Simple-ES will be configured with a set of addresses for reaching ISs, and will send a message requiring a reply to that set of addresses when the need for an IS arises. A Dynamically-Learned-ES will need to periodically send ES Hellos to a Nonpassive-IS, since otherwise the network will not know how to route to that ES. Since the ES must know whether its ES Hello is reaching an IS, the IS will have to periodically reassure the ES that it is up and receiving the ES Hellos. Therefore ES-IS for a Dynamically-Learned-ES is very similar to ES-IS for 802 LANs. On an 802 LAN, the ES periodically sends ES Hellos to the multicast "all-ISs". In the NBMA case the ES, once it finds the DR, only sends a single ES Hello, and it sends it to the DR (periodically). The DR periodically sends IS Hellos to that ES. The way the ES finds the DR is that the ES initially sends to some configured set of addresses of ISs. An IS other than the DR that receives an ES-Hello transmits a Hello Redirect, redirecting that ES to the DR's NBMA address. The ES, as a result of receiving the Hello Redirect, sends an ES Hello to the indicated SMDS address, which will cause the DR to start transmitting DR-ES Hellos to the ES. An ES that is receiving DR-ES Hellos transmits ES Hellos only to the NBMA address from which it is receiving DR-ES Hellos. In order for a Dynamically-Learned-ES and the DR to find each Perlman (Internet-Draft expires end December 1993) [Page 9] Internet-Draft Routing over NBMA Links June 1993 other, at least one of the following must have occurred: 1. the ES will have been configured with NMBA addresses for reaching ISs, and the DR receives messages on one of those configured addresses, or an IS which is currently up has received the ES's Hello and sent a Hello Redirect 2. at least one IS that is currently up has been configured with an NBMA address which that ES receives. Both mechanisms are provided to allow the flexibility of configuration at the ES, configuration at the ISs, or some combination. Note that the configuration information for Configured-ESs is different from the configuration information for Dynamically-Learned-ESs. The configuration information at an IS for a Dynamically-Learned-ES is an NBMA address that will reach that ES. It might be an NBMA group address that will reach that ES and many others (SMDS is the only NBMA that provides a form of group addresses) or it might be an NBMA individual address. Information for Dynamically-Learned-ESs may be configured into only a subset of ISs (and possibly none of the ISs provided that the Dynamically-Learned-ES has been configured with NBMA addresses for reaching ISs). In contrast, information for Configured-ESs must be configured into every Nonpassive-IS, and it consists of the unicast NBMA address, CLNP address pair for that ES. The other part of ES-IS on 802 LANs involves having ISs sending Redirect messages, and ESs keeping a cache of (destination Network Layer address, Data Link address to forward to) correspondence. That portion of ES-IS will remain the same on NBMA, although Redirects will also be sent to ISs, and ISs will also keep Redirect caches. 4.5. IP Endnodes on NBMA Note: This is a section that got added hurriedly so review this carefully! On 802 LANs, the equivalent protocol to ES-IS for IP is ARP. There have been proposals to use ARP over NBMA by persuading the NBMA provider to support a form of multicast (as in SMDS). The proposal in this document does not depend on a multicast capability provided by the NBMA, and may result in less traffic over the NBMA than an approach based on ARP. Furthermore, this proposal may be more convenient since adding a listener to a multicast group in SMDS involves informing the service provider Perlman (Internet-Draft expires end December 1993) [Page 10] Internet-Draft Routing over NBMA Links June 1993 and waiting for them to update their group address lists. With this proposal a new node can be added more quickly and conveniently. An IP endnode on NBMA would be configured with a mask of 255.255.255.255, so that it would assume nothing was a direct neighbor on NBMA. It would find an IS through the method in the previous section (i.e., having a set of NBMA addresses for reaching routers, and pinging those addresses to find an IS). Because IP addressing does not allow embedded NBMA addresses, there cannot be an IP endnode which is a Simple-ES. However, it is possible to have a Configured-ES, with the same rule -- that all the nonpassive ISs have to have been configured with the IP/NBMA address of the ES. Dynamically Discovered IP ESs will have to periodically send ES Hellos to the Designated Router. To prevent all packets from being forwarded across the NBMA to the DR, the DR will send Redirects. The Redirect message defined in ICMP does not contain the data link address -- instead it contains the IP address of, presumably, a different router. The ES receiving a Redirect must then do an ARP to find the data link address. This mechanism will not work on NBMA, since it depends on the ability to broadcast an ARP. Therefore the Redirect message sent to an IP node must contain an NBMA address. And a Redirect will not necessarily redirect to another router -- it might redirect to the destination ES, if that also resides on the NBMA. 4.6. IS-IS On NBMA There are two parts of IS-IS relevant to NBMA: 1. how all the ISs find each other and elect a Designated Router 2. how LSPs are reliably and efficiently broadcast across NBMA 4.6.1. ISs Finding Each Other On 802 LANs, ISs find each other by multicasting IS Hellos to a multicast address that does not need to be manually configured because it is a predefined number and appears in the specification of IS-IS. This is not possible in NBMA. Even in an NBMA like SMDS that provides a multicast function, the actual SMDS group address is assigned by the SMDS provider. Perlman (Internet-Draft expires end December 1993) [Page 11] Internet-Draft Routing over NBMA Links June 1993 This design allows but does not require use of an NBMA multicast facility, if it exists. We will assume that there are zero or more NBMA group addresses assigned for reaching ISs (in SMDS there are a limited number of recipients for an SMDS group address). Each IS will be configured with a set of addresses for reaching other ISs. The configured addresses can be any mixture of NBMA individual and NBMA group addresses. By exchanging IS Hellos, the ISs eventually decide upon a Designated Router, and thereafter all ISs send IS Hellos only to the DR, and the DR sends IS Hellos to all the ISs, listing in the IS Hellos all the other ISs that are up. 4.6.2. Reliable And Efficient LSP Distribution Across NBMA An NBMA IS that has an LSP to transmit across NBMA unicasts the LSP to the DR. The DR transmits it to all the ISs. There are no explicit acknowledgments. Instead, the DR periodically transmits CSNPs, which summarize the state of the LSP database. If based on the CSNP an IS discovers a discrepancy between its own LSP database and the DR's, the IS retransmits the missing LSP to the DR or requests the DR's LSP, as appropriate. Note that there are really two models for sending LSPs across NBMA. The one in the previous model is the one used by IS-IS on 802 LANs. The other possibility is the model used by OSPF on 802 LANs. OSPF has a router send the LSP to the DR, the DR send the LSP to all the routers on the LAN, and each router sends an acknowledgment to the DR. The DR is responsible therefore for keeping track, per neighbor, of which ones have acknowledged which LSPs. There is an engineering tradeoff between the two approaches. If there are many ISs, and new LSPs arrive reasonably frequently, then the CSNP mechanism will be more efficient. If there are few ISs, and LSPs happen very infrequently, then the OSPF mechanism will be more efficient. However, since LSPs need to be sent periodically, on the order of every 1/2 hour, we feel the overhead of the periodic CSNP is justified, and the CSNP mechanism is probably simpler and more robust since it involves keeping less state. 4.7. Packet Encapsulation There has to be a method of distinguishing packets from different protocols. Some links (such as Ethernet) provide a protocol type field, administered by the standards body that defines the link. Unfortunately, many NBMAs (X.25 and SMDS, for two examples) do not provide a protocol type field. There are various conventions that could be made: Perlman (Internet-Draft expires end December 1993) [Page 12] Internet-Draft Routing over NBMA Links June 1993 1. A protocol type field could be invented as the first part of what the NBMA views as the "data" field. Some authority would need to assign protocol type values, or the convention could be, for instance, to use Ethernet protocol types. Unfortunately, not all protocols have been assigned an Ethernet protocol type. 2. IEEE believes in SAPs, but actually uses SAPs like protocol types. But given that only 6 bits are assignable, very few protocols can have SAP values assigned. There is one SAP, known as the "SNAP SAP" which means "other", and when DSAP and SSAP=SNAP, there is a 5 byte protocol type field. Some protocols have 5 byte protocol types. Protocols that have 2 byte Ethernet types assigned can use SAP encoding by using a 5 byte SAP consisting of the 2 byte Ethernet protocol type concatenated with 3 bytes of 0. The convention is that 802.2 encapsulation is used for protocols running on SMDS. OSI CLNS has a SAP assigned, so the data portion of the SMDS packet will have the fields: 1. DSAP (1 octet) = fe hex 2. SSAP (1 octet) = fe hex 3. CTL (1 octet) = 3 4. Start of CLNS packet -- NLPID is the first octet, which is 81 hex for CLNP, 82 hex for ES-IS and 83 hex for IS-IS. I do not know if IP has a SAP assigned. If not, it will have DSAP=SSAP=aa hex (SNAP SAP), CTL=3, and protocol type = 3 bytes of 0 followed by the protocol type assigned to IP for Ethernet. For NBMA other than SMDS, say X.25, I do know know what encapsulation convention has been made. 4.8. Security In order to prevent an unauthorized node on NBMA from sending messages claiming to be an IS or ES, it must be possible to configure the nodes on NBMA to require a password before believing a node to be a valid neighbor. The link to NBMA is configured with a password to include in a Hello message or Hello Redirect, as well as a set of passwords acceptable in a received Hello message or Hello Redirect. If no transmit password is configured, then the password option is not included in the packet. If no receive passwords are configured, then the Perlman (Internet-Draft expires end December 1993) [Page 13] Internet-Draft Routing over NBMA Links June 1993 password option, if it appears in a received Hello or Hello Redirect message, is ignored. An ES is configured with a single transmit password, and a set of receive passwords acceptable in a received IS to ES Hello or Hello Redirect. A level 1 IS is configured with a transmit password to be included in the level 1 IS Hello and Hello Redirect and a (potentially different) password to be included in the IS to ES Hello and a Hello Redirect sent to an ES. It is also configured with a set of receive passwords acceptable in ES Hellos, and a set of receive passwords acceptable in level 1 IS Hellos and Hello Redirects. A level 2 IS configured to consider the NBMA network as level 2 only is configured with a single transmit password for level 2 IS Hellos and Hello Redirects, and a set of receive passwords acceptable in received level 2 IS Hellos and Hello Redirects. A level 2 IS that considers the NBMA net as both level 1 and level 2 has the configuration for both level 1 and level 2. It is possible for passwords to be the same (for instance, the receive and transmit password can be the same, and/or the level 1 and level 2 passwords can be the same). Security can be added to an existing deployed network running on NBMA without disruption. For example, assume the level 1 ISs in a network are running without any password checking. That means that no level 1 ISs are configured with transmit or receive passwords. All nodes are therefore transmitting Hellos and Hello Redirects without the password option, and are all ignoring the password option in received Hellos and Hello Redirects. To add a password, the network manager must configure all nodes, one by one, to transmit a particular password. Then, after all nodes have been configured to transmit the password, configure the receive password set in each IS, one by one, to be the specified password. Note that an intruder cannot fool existing nodes to transmit the password. An IS sends the password only in a Hello message transmitted to an NBMA address it has been configured to transmit to, or to an NBMA address it has been informed of by a node it already trusts (because of having received a valid password from the node in a Hello or a Hello Redirect, or having been configured with its address, or because of having been told of its NBMA address in a Hello message with a valid password). An intruder can do some damage by sending data Redirect messages. Adding a password to the data Redirect message has some problems: 1. The data message does not contain a password, and it would therefore be possible for an intruder to trick an IS into sending a Redirect message (containing a password), by Perlman (Internet-Draft expires end December 1993) [Page 14] Internet-Draft Routing over NBMA Links June 1993 sending it a data message it will need to forward. 2. It must be possible to believe a Redirect from an IS in a different area. It is not advisable to require nodes to be configured with passwords from other areas. For these reasons, there is no password in the data Redirect. Instead the following mechanism is provided. Assume node N receives a Redirect from NBMA address A advising N to forward traffic for destination D to NBMA address B. N must reject the Redirect unless A is the NBMA address to which N would transmit packets with destination address D. As a performance optimization, if N is an ES that has the null set as the configured set of receive passwords, or an IS with the null set as the configured set of IS receive passwords (level 1 or level 2), then N may skip the validity check on the data Redirect. 5. Configuration Information 5.1. Simple-ES, Configured-ES, Passive-IS, Configured-Passive-IS The following information must be configured into ESs and ISs of types Simple-ES, Configured-ES, Passive-IS, or Configured-Passive-IS that are attached to NBMA. 1. Set of NBMA addresses for reaching ISs. Each of these addresses may be an NBMA group address or an NBMA individual address. 2. (CLNP ESs only) Set of CLNP address prefixes reachable on NBMA a. CLNP address prefix b. flag indicating NBMA address is to be extracted from the IDP, or if flag is false, an NBMA address or set of NBMA addresses to which packets for that CLNP address prefix is to be forwarded 3. Minimum time (in seconds) between pings of any one configured NBMA address for reaching ISs 4. Time (in seconds) to give up on one NBMA address for finding an IS and switching to pinging the next one on the list Perlman (Internet-Draft expires end December 1993) [Page 15] Internet-Draft Routing over NBMA Links June 1993 5. Transmit password -- a variable length value to be included in ES Hellos. If no password is configured (or a null password is configured), the password option is not included in ES Hellos. 6. Set of receive passwords -- a set of variable length values. If none are configured (the set is the null set), then the password option, if it is included in received IS Hellos and Hello Redirects, is ignored. If the set is not null, then one of the values must appear in a received IS Hello or Redirect or the message will be discarded as invalid. 5.2. Dynamically-Learned-ESs 1. Set of NBMA addresses for reaching ISs. Each of these addresses may be an NBMA group address or an NBMA individual address. 2. (CLNP ESs only) Set of CLNP address prefixes reachable on NBMA a. CLNP address prefix b. flag indicating NBMA address is to be extracted from the IDP, or if flag is false, an NBMA address or set of NBMA addresses to which packets for that CLNP address prefix is to be forwarded 3. Hello Timer. Number of seconds between transmission of Hello Messages by this ES. 4. (SMDS only) SMDS Group address (if any) that this node receives packets on, as an ES. 5. (CLNP only) Flag as to whether to send Level 1 ES Hello or Level 2 ES Hello 6. If Level 2 ES Hello, a set of CLNP address prefixes to advertise 7. Transmit password -- a variable length value to be included in ES Hellos. (optional) 8. Set of receive passwords -- a set of variable length values. If none are configured (the set is the null set), then the password option, if it appears in a received IS Hello or Hello Redirect, is ignored. If the set is not null, then one of the values must appear in a received IS Perlman (Internet-Draft expires end December 1993) [Page 16] Internet-Draft Routing over NBMA Links June 1993 Hello or Hello Redirect or the message will be discarded as invalid. 5.3. Nonpassive-ISs The following information must be configured into Nonpassive-ISs that are attached to NBMA, with the following exceptions. If an IS is a level 1 IS, the fields corresponding to level 2 information are not configured. If an IS is a level 2 IS, then the relevant configuration information depends on how the link is configured. If the link is configured as "level 2 only", then only the level 2 information applies. Otherwise, both the level 1 and level 2 information is applicable. 1. Link type: either "level 2 only" or "both level 1 and level 2". (If the IS is a level 1 only IS, then "both level 1 and level 2" just means level 1.) 2. CLNP Level 1 Configured-ES addresses. Each entry contains: a. ID, ID length octets (ID length is a constant for the routing domain and is most likely equal to 6) b. NBMA address 3. IP Confingured-ES addresses. Each entry contains: a. IP address, 4 octets b. NBMA address 4. Preconfigured CLNP Address Prefixes a. CLNP address prefix b. flag indicating NBMA address is to be extracted from the IDP, or if flag is false, an NBMA address or set of NBMA addresses to which packets for that CLNP address prefix is to be forwarded 5. Link Costs. Each entry contains: a. NBMA address prefix length specified in number of bits, 1 octet b. NBMA address prefix c. Cost from this node to a node with the above NBMA address prefix Perlman (Internet-Draft expires end December 1993) [Page 17] Internet-Draft Routing over NBMA Links June 1993 The cost across NBMA to a particular NBMA address S is the cost configured for the longest NBMA address prefix that matches S. 6. (SMDS only) Level 1 IS SMDS Group Address. The SMDS group address this node receives packets on as a level 1 IS, 8 octets. This field configured to 0 means this node is not a member of a multicast group for receiving level 1 routing information 7. (SMDS only) Level 2 IS SMDS Group Address. The SMDS group address this node receives packets on as a level 2 IS, 8 octets. This field configured to 0 means this node is not a member of a multicast group for receiving level 2 routing information. 8. Priority for becoming Level 1 designated router, 1 octet 9. Priority for becoming Level 2 designated router, 1 octet 10. ES NBMA addresses. NBMA addresses (individual and/or group) for reaching Dynamically Discovered ESs. Each entry consists of: a. NBMA address 11. Level 1 IS NBMA addresses. NBMA addresses (individual and/or group) for reaching other level 1 ISs. Each entry consists of: a. NBMA address 12. Level 2 IS NBMA addresses. NBMA addresses (individual and/or group) for reaching other level 2 ISs. Each entry consists of: a. NBMA address 13. Level 1 IS to IS Hello Timer -- 2 octets. Time in seconds between periodic transmission of IS Hello messages to the level 1 Designated Router (or if this node is the level 1 DR for that area, to all the level 1 ISs in that area) 14. Level 2 IS to IS Hello Timer -- 2 octets. Time in seconds between periodic transmission of IS Hello messages to the level 2 Designated Router (or if this node is the level 2 DR, to all the level 2 ISs) 15. IS to ES Hello Timer -- 2 octets. Time in seconds between transmission of Hello messages to the ESs on NBMA which Perlman (Internet-Draft expires end December 1993) [Page 18] Internet-Draft Routing over NBMA Links June 1993 have transmitted ES Hellos, which is only relevant if this node is Designated Router. If this node is level 1 DR, then DR to ES Hellos are transmitted to those ESs that have transmitted level 1 ES Hellos. If this node is level 2 DR, then DR to ES Hellos are transmitted to those ESs that have transmitted level 2 ES Hellos (which advertise CLNP address prefixes). 16. Redirect cache holding timer -- 2 octets. The value to put into Redirect messages as the holding timer. 17. Level 1 IS Transmit password -- a variable length value to be included in level 1 IS Hellos and Hello Redirects. (optional) 18. Level 1 IS set of receive passwords -- a set of variable length values. If the set is the null set then the password option, if it appears in a received Level 1 IS Hello and Hello Redirect, is ignored. If the set is not null, then one of the configured values must appear in a received IS Hello or Hello Redirect or the packet will be discarded as invalid. 19. ES set of receive passwords -- a set of variable length values. If the set is the null set, then the password option (if it appears) in received ES Hellos is ignored. If the set is not null, then one of the configured values must appear in a received ES Hello or the ES Hello will be discarded as invalid. 20. ES Transmit password -- a variable length value to be included in the DR to ES Hello and Hello Redirect. (optional) 21. Level 2 Transmit password -- a variable length value to be included in level 2 IS Hellos and Hello Redirects. (optional) 22. Level 2 Set of receive passwords -- a set of variable length values. If the set is the null set, then the password option (if it appears) in received Level 2 IS Hellos and Hello Redirects is ignored. If the set is not null, then one of the values must appear in a received Level 2 IS Hello or Hello Redirect or the packet will be discarded as invalid. 23. Time for remembering a manually configured ES or IS NBMA address reported in an IS-Hello in option types 1 or 3. This is used only by the DR (but must be configured into all ISs, since any IS might become DR). It is 1 octet, Perlman (Internet-Draft expires end December 1993) [Page 19] Internet-Draft Routing over NBMA Links June 1993 specified in minutes, with a default of 10. If no IS has reported an NBMA address in option types 1 or 3 in an IS-Hello the DR has received within this amount of time, that address is discarded from the DR's dynamic database of configured addresses reported by IS neighbors. 6. Databases 6.1. Kept By Simple-ES, Configured-ES, Passive-IS, And Configured-Passive-IS 1. Active IS Information a. NBMA address b. Holding Timer c. Time since cache entry verified, either by receipt of IS Hello or receipt of data packet forwarded from that NBMA address 2. Backup Active IS Information (other ISs that answered the ping) a. NBMA address b. Holding Timer c. Time since cache entry verified, either by receipt of IS Hello or receipt of data packet forwarded from that NBMA address 3. IS NBMA addresses pinged -- for each configured NBMA address for reaching nonpassive ISs, a timestamp as to when a ping was last sent to that address 4. Destination cache a. Network Layer addresses. This takes the form: (1) In the case of CLNP it takes the form of a CLNP address prefix (or optionally, for implementation simplicity, complete NSAP address) (2) In the case of IP it takes the form of an IP (address, mask) pair (or optionally, for implementation simplicity, merely a 32 bit IP address) Perlman (Internet-Draft expires end December 1993) [Page 20] Internet-Draft Routing over NBMA Links June 1993 b. Set of NBMA addresses for reaching network layer addresses that match this prefix or address,mask pair, with a pointer indicating which one was chosen most recently in the round robin use of the preconfigured set of NBMA addresses. Once traffic is received from an NBMA address, the set of addresses is replaced by the single NBMA address. c. Time since entry verified by incoming message (data message from the CLNP address/NBMA pair stored in this entry, or receipt of a Redirect with that pair specified) 6.2. Kept By Dynamically-Learned ES 1. Designated Router Information a. NBMA address b. Holding Timer c. Time since DR-ES Hello received 2. Destination cache a. Network Layer addresses. This takes the form: (1) In the case of CLNP it takes the form of a CLNP address prefix (or optionally, for implementation simplicity, complete NSAP address) (2) In the case of IP it takes the form of an IP (address, mask) pair (or optionally, for implementation simplicity, merely a 32 bit IP address) b. Set of NBMA addresses for reaching network layer addresses that match this prefix or address,mask pair, with a pointer indicating which one was chosen most recently in the round robin use of the preconfigured set of NBMA addresses. Once traffic is received from an NBMA address, the set of addresses is replaced by the single NBMA address. c. Time since entry verified by incoming message (data message from the CLNP address/NBMA pair stored in this entry, or receipt of a Redirect with that pair specified) Perlman (Internet-Draft expires end December 1993) [Page 21] Internet-Draft Routing over NBMA Links June 1993 6.3. Kept By Level 1 ISs Note that in the usual case all CLNP ISs on NBMA will be level 2 ISs, because they will have different IDPs (since the recommended use of CLNP addressing over NBMA is to use the NBMA point of attachment as the IDP). However, in certain rare cases, such as running with DECnet Phase IV compatible addresses it may be convenient to assign addresses such that running level 1 IS-IS over NBMA makes sense. 1. Designated Router information (kept by ISs other than the DR) -- information from DR's IS Hello, plus a. NBMA address b. Holding Timer c. Time since Hello Received from DR 2. Adjacency Information for NBMA neighbors (kept by ISs other than the DR) -- This information is received from the DR-IS Hello. It includes the CLNP ID/NBMA address correspondence for all nodes in the area reachable across NBMA 3. Flags for which Level 1 LSPs need to be transmitted over NBMA 4. Redirect Database (for getting rid of extra hop suboptimality on NBMA) a. CLNP address prefix, or IP address, mask pair b. NBMA address c. holding timer d. Time since entry verified by incoming message. 6.4. Kept By Level 2 ISs Note that a level 2 IS is also a level 1 IS, so it keeps both databases, unless the NBMA circuit is marked "level 2 only" 1. Designated Router information (kept by ISs other than the DR) -- information from DR's IS Hello, plus a. NBMA address b. Holding Timer Perlman (Internet-Draft expires end December 1993) [Page 22] Internet-Draft Routing over NBMA Links June 1993 c. Time since Hello Received from DR 2. Adjacency Information for NBMA neighbors (kept by ISs other than the DR) -- This information is received from the DR-IS Hello. It includes the CLNP ID/NBMA address correspondence for all nodes in the area reachable across NBMA. 3. Flags for which Level 2 LSPs need to be transmitted over NBMA 4. Redirect Database (for getting rid of extra hop suboptimality on NBMA) a. CLNP address prefix or IP address, mask pair b. NBMA address c. holding timer d. Time since entry verified by incoming message. 6.5. Additional Information Kept By Designated Router (Note that in the case of a level 2 IS that has the circuit marked as "both level 1 and level 2") it will have two copies of this database, one for level 1 and one for level 2 1. Dynamically Discovered Neighbor ESs a. NBMA address b. Network Layer address. In the case of CLNP this is a set of CLNP IDs (if level 1), or set of CLNP address prefixes (if level 2). Address prefixes are variable length, up to 20 octets. In the case of IP, it is an IP address, mask pair. The mask will be 255.255.255.255 if the ES is really an ES. It may be different from 255.255.255.255 is the "ES" is really a passive IS. c. Holding Timer d. Time since Hello received e. NBMA group address this ES receives messages on (if any) 2. IS Neighbors Perlman (Internet-Draft expires end December 1993) [Page 23] Internet-Draft Routing over NBMA Links June 1993 a. unicast NBMA address for this IS neighbor (discovered based on the source address in the NBMA header of the IS Hello received from this IS) b. ID c. Holding Timer d. Time since Hello Received e. NBMA group address this IS neighbor receives messages on (if any) f. Cost of the link across NBMA to this neighbor IS 3. If level 1, L1-IS-NBMA-BROADCAST-ADDRESSES. If level 2, L2-IS-NBMA-BROADCAST-ADDRESSES. The minimal set of NBMA addresses that will reach all ISs of the appropriate level. This includes all manually configured NBMA addresses as configured into the DR or received by the DR in IS Hellos (in option type 1), that will reach all ISs. All reported and configured NBMA group addresses are included, and any NBMA individual addresses for ISs that are not known to be included in any of the multicast groups are included. 4. ES-NBMA-BROADCAST-ADDRESSES. The minimal set of NBMA addresses that will reach all the Dynamically-Learned ESs from which ES Hellos have been received. This is the set of NBMA addresses reported in received IS Hellos (in option type 3), plus NBMA unicast addresses from which ES Hellos are received, minus those unicast addresses from ESs that report reachability via an NBMA group address, plus any NBMA group addresses advertised in ES Hellos. 5. Manually configured NBMA addresses for ISs, as discovered through option type 1 in received IS-Hellos. Each entry contains: a. NBMA address b. Most recent time that address was reported in any received IS Hello 6. Manually configured NBMA addresses for ESs, as discovered through option type 3 in received IS-Hellos. Each entry contains: a. NBMA address b. Most recent time that address was reported in any Perlman (Internet-Draft expires end December 1993) [Page 24] Internet-Draft Routing over NBMA Links June 1993 received IS Hello 7. Protocols 7.1. Electing A Designated Router Election of a DR is done independently in each area on NBMA, and among the level 2 ISs on NBMA. The protocol assumes each IS is configured with some number of addresses of neighbor ISs, but that no such list is necessarily complete. The configured addresses can be NBMA group addresses and/or NBMA individual addresses. One IS gets elected Designated Router. The DR transmits DR-IS-Hellos periodically to all configured NBMA addresses for ISs, which are those that it has been configured with as well as others it learns about through received IS-Hellos. All ISs other than the DR transmit an IS-Hello periodically, but only to the DR. The DR includes in its DR-IS-Hello a list of all the ISs on NBMA. This protocol minimizes IS Hello traffic, and allows incomplete configuration (for instance, it allows a new IS to be installed by merely configuring the new IS with the NBMA address of any other IS). Each IS starts out assuming it is DR. An IS that thinks it is DR transmits DR-IS-Hellos periodically to each of its manually configured NBMA addresses for IS neighbors. It also receives IS-Hellos from other ISs, which contain the NBMA addresses those ISs have been manually configured with to reach IS neighbors. The DR combines all these addresses and transmits DR-IS-Hellos to all of those addresses, plus all the NBMA addresses from which it receives IS-Hellos, with one exception. Since some of the manually configured addresses might be NBMA group addresses, some ISs might receive multiple copies of the DR-IS-Hellos, which would be wasteful. Therefore the IS-Hello contains the NBMA group address (if any) that the transmitting IS receives messages on. Then the DR can eliminate NBMA unicast addresses that are already being covered by any NBMA group addresses in the set. An IS stops thinking itself DR if it receives a DR-IS-Hello from an IS "more qualified" to be DR (which is based on ID and configured priority). An IS that thinks some other IS is DR stops sending DR-IS-Hellos and instead sends IS-Hellos, and only to the IS it thinks is the DR. One additional message is a "Hello-Redirect". This is transmitted by an IS R1, that thinks IS R2 is DR. R1 transmits a Perlman (Internet-Draft expires end December 1993) [Page 25] Internet-Draft Routing over NBMA Links June 1993 "Hello-Redirect" in response to receiving an IS-Hello from R3 (since R3 sent an IS-Hello to R1, that means that R3 thinks R1 is DR). The Hello-Redirect informs R3 that R2's NBMA address is really the DR. When R3 receives the Hello-Redirect, it transmits a single IS-Hello to the NBMA address in the Hello-Redirect, but does not otherwise change its perception of the DR. Only after it receives a DR-IS-Hello from R2 will R3 change its perception of the DR. The protocol is as follows: 1. If a DR other than SELF is known, periodically (IS to IS Hello Timer) transmit IS-Hello messages to the DR. The IS-Hello contains the transmitting IS's NBMA individual address (the source address in the NBMA header), an NBMA group address on which it receives messages (if any), and the NBMA addresses (group and/or individual) it was configured with for reaching IS neighbors. 2. If the Holding Timer expires without receipt of a DR-IS-Hello from the DR, delete all information about the DR and assume SELF is DR. 3. If IS R1 which thinks R2 is DR receives an IS-Hello from R3, R1 sends R3 a Hello-Redirect, informing R3 about R2. 4. If IS R3 receives a Hello-Redirect, informing it of R2, R3 transmits a single IS-Hello to R2, but does not change any of its state about the DR. 5. If IS R1 which thinks R2 is DR receives a DR-IS-Hello from R4, and R4 has a higher priority for becoming DR than R2 (based on ID and priority), then R1 deletes the information about R2 and keeps R4 as DR. 6. If IS R1 thinks itself to be DR, it combines all the configured NBMA addresses for ISs that it either was configured with or that it learned through IS-Hello messages. It adds to that set the NBMA addresses from which it receives IS-Hellos. It then deletes from the set of unicast addresses, those NBMA addresses of ISs that claim to be included in an NBMA group address in the set. This list of addresses is the one that R1 periodically transmits DR-IS-Hello messages to. It is called the IS-NBMA-BROADCAST-ADDRESSES. The DR inserts into its DR-IS Hello a list of the ID, NBMA address pairs of each IS from whom it has recently received an IS-Hello. This list is used so that ISs other than the DR can forward to each other directly over NBMA (i.e., they Perlman (Internet-Draft expires end December 1993) [Page 26] Internet-Draft Routing over NBMA Links June 1993 can know the NBMA address associated with their neighbor ISs). 7.2. Finding An IS Simple-ESs, Configured-ESs, Passive-ISs, and Configured-Passive-ISs do not maintain continual contact with a non-passive IS, as nonpassive ISs and Dynamically-Learned ESs do. They find an IS on an as-needed basis by "pinging". They are configured with a set of NBMA addresses (group and/or individual) for reaching ISs. When they need an IS, they send an ES Hello (with Holding Timer 0) to each configured address, round robin, until a reply (in the form of a DR-ES Hello or Hello Redirect) is received. An ES Hello with holding timer=0 is known as a "ping". An IS that receives an ES Hello with Holding Timer equal to 0 replies with a DR-ES Hello (if the receiving IS is the DR) or a Hello Redirect (if the receiving IS is other than the DR). ES implementations may choose to store only the NBMA address of the DR (the one from which a DR-ES is received, or the NBMA address in received Hello Redirects), or it may choose to store more NBMA addresses for ISs as backups. The ISs that receive ES Hellos with Holding Timer=0 reply with a single packet (DR-ES Hello or Hello Redirect) to the NBMA address from which the ES Hello was received, but do not otherwise store information from the received ES Hello. 7.3. Forwarding Across NBMA Only the DR gets IS Hellos from all the ISs and ES Hellos from all the dynamically discovered ESs. The DR will put the network layer addresses of all the reachable ESs and ISs in the pseudonode LSP, so all the nonpassive ISs will learn which nodes are reachable across NBMA. However, the NBMA address will not appear in the pseudonode LSP. To enable ISs to communicate directly, the DR's IS Hello will include the ID, NBMA address pairs of all ISs. It will not include all the dynamically discovered ESs in the Hello, however. Instead an IS other than the DR that needs to transmit to a dynamically discovered ES will first transmit to the DR, and then receive a Redirect. The reason the DR-IS Hello contains a list of ISs but not ESs is that it is more important to quickly learn about ISs that have gone down than ESs. If a Redirect cache entry for an ES no longer works, it means the ES is unreachable, whereas if an IS goes down, any Redirect cache entries indicating traffic should Perlman (Internet-Draft expires end December 1993) [Page 27] Internet-Draft Routing over NBMA Links June 1993 be forwarded to that IS become black holes for destinations that might be reachable through a different IS. 7.4. Fragmentation Of The DR-Hello The DR-IS Hello might become very large due to its including the IS Adjacency information, which is the list of ID, NBMA address pairs of all the IS adjacencies on NBMA. The DR-IS Hello is encoded so that partial information can appear and be processed. This is done by including an address range when list of addresses appears. Then receiving ISs can adjust the portion of their adjacency database or NBMA transmit list that is included in that range, based solely on the information in one DR-IS Hello fragment. 7.5. Maintenance Of The Destination Cache Assume a packet is received with destination D, either from Transport or from a link (in the case of an IS). 1. (only relevant if packet arrived from Transport and the Transport/Network Layer interface allows a notification by Transport that it is not successfully communicating with that destination). If Transport indicates a problem communicating with D, then delete the cache entry for D. If no cache entry exists for D, and this node is a simple ES or passive IS, delete knowledge of the active IS (which will cause re-pinging to find a new active IS). 2. If a cache entry in the destination cache exists for D, then a. if only a single NBMA address is indicated in the cache, send to that NBMA address b. if a set of NBMA addresses is given in the cache, find the one after the one most recently used, update the round robin pointer, and send to that NBMA address 3. Else (no cache entry exists), if this node is a nonpassive IS, and a route to D has been learned through the IS-IS protocol which is of smaller cost or a more specific address match than any address prefix that matches D that has been configured for the NBMA circuit, then route according to the IS-IS learned path. 4. Else (no cache entry exists, no better information has been Perlman (Internet-Draft expires end December 1993) [Page 28] Internet-Draft Routing over NBMA Links June 1993 learned through IS-IS), if D matches a configured address prefix, then a. if the configuration information indicates the NBMA address is to be extracted from D's IDP, then extract the NBMA address and transmit the packet b. if the configuration information is instead a specific NBMA address, then transmit the packet to that NBMA address c. if the configuration information instead is a set of NBMA addresses, then make a cache entry for (D, set of NBMA addresses, round robin pointer). Send the packet to the first NBMA address in the list and start the round robin pointer there. 5. Else (no cache entry for D, D does not match any configured address prefix) a. if an IS assumed to be active is known, transmit the packet to that IS's NBMA address b. Else (no active IS is known), perform the procedure of pinging the IS addresses. Hold the packet until an IS responds to the ping, but discard the packet if no responses are received from any of the ISs. 7.6. NBMA Configuration Information Included In LSPs If network layer addresses (IDs for level 1 CLNP, address prefixes for level 2 CLNP, (IP address, mask) pairs for IP) are manually configured as being reachable across NBMA, they must appear in LSPs so that ISs that are not connected to NBMA can reach those addresses. It is wasteful for all the ISs on NBMA to include those addresses in their LSPs. Therefore, an IS includes in its LSP only those manually configured addresses that are not already included in the pseudonode LSP for NBMA. As a result if all nonpassive ISs on NBMA are configured with the same set of reachable addresses for NBMA, only the DR will report those addresses in an LSP (the pseudonode LSP). If the nonpassive ISs are incompletely configured, then all ISs on NBMA that have been configured with a reachable address that the DR has not been configured with will report that reachable address in their LSP. Redirects will eliminate extra hops across NBMA due to incompletely configured information. 8. Packet Formats Perlman (Internet-Draft expires end December 1993) [Page 29] Internet-Draft Routing over NBMA Links June 1993 8.1. Unchanged Packet Formats 1. CLNP packets (data packet and error report) 2. IP packets (data packets) 3. LSPs (Level 1 and level 2) 4. CSNPs (Level 1 and level 2) 5. PSNPs (Level 1 and level 2) The remainder of this section describes the ES-IS and IS-IS Packet formats proposed for SMDS. Packet formats might be different for different types of NBMA. For instance, the NBMA address might not be 8 bytes. 8.2. Initial Fields in all the ES-IS and IS-IS SMDS Packets All the packets start out with the following fields: # of octets +---------+ | NLPID | 1 +---------+ | Version | 1 +---------+ | length | 2 +---------+ | Type | 1 +---------+ 1. NLPID (Network Layer Protocol ID) will be 82 hex for ES-IS or 83 hex for IS-IS 2. Version, the constant 1 3. Length, the total length of the CLNS packet 4. Type, the type of packet: 1 => SMDS ES Hello (ES-IS pkt): type 2 2 => SMDS DR-ES Hello (ES-IS pkt): type 4 3 => SMDS Level 1 IS Hello (IS-IS pkt): type 0f hex Perlman (Internet-Draft expires end December 1993) [Page 30] Internet-Draft Routing over NBMA Links June 1993 4 => SMDS Level 2 IS Hello (IS-IS pkt): type 10 hex 5 => SMDS Redirect (ES-IS): type 6 Some have "options", which are encoded as: # of octets +---------+ | type | 1 +---------+ | length | 1 or 2 (depending on option type) +---------+ | value | variable +---------+ 1. type, the type of option 2. length, the length in octets of the "data" field 3. data, the data associated with the option The defined types for SMDS options are: 1. preconfigured SMDS addresses for reaching ISs, option type 1 2. IS adjacencies, option type 2 3. preconfigured SMDS addresses for reaching ESs, option type 3 4. area addresses, option type 4 5. password, option type 5 In addition, there are options that appear in ES-IS packets as defined in ISO 9542. These options have a length field which is 1 octet. The ISO 9542-defined options may appear in the functionally equivalent SMDS ES-IS packets defined in this document, in which case they would have the option codes and functions (and a length field of 1 octet) as defined in ISO 9542. Those options are: 1. security, option type c5 hex 2. quality of service maintenance, option type c3 hex 3. priority, option type cd hex 4. address mask, option type e1 hex Perlman (Internet-Draft expires end December 1993) [Page 31] Internet-Draft Routing over NBMA Links June 1993 5. SNPA mask, option type e2 hex 6. suggested ES configuration timer, option type c6 hex 8.3. SMDS ES Hello Only dynamically discovered ESs send ES Hellos. Usually an SMDS ES will have to send a level 2 ES Hello because its IDP will not equal the IDP of an IS reachable across SMDS. A level 1 ES Hello is distinguished from a level 2 ES Hello based on the "level" flag. 1. NLPID, 1 octet, 82 hex (for ES-IS) 2. Version, 1 octet, the constant 1 3. Length, 2 octets, the total length of the packet 4. Packet Type 5. Holding Time, 2 octets, the value in seconds, equal to 3 times Hello Timer 6. level, 1 octet -- the top 7 bits are reserved. The bottom bit=1 to indicate this is a level 2 ES Hello. 7. Number of source addresses, 1 octet. In a leve1 1 ES Hello, each source address consists of the ID portion of the CLNP address. In a level 2 ES Hello, each source address consists of an octet specifying the address length, and an octet specifying the address. In level 2 ES Hellos, the addresses advertised are CLNP address prefixes. 8. Source address 9. Source address 10. ... 11. Source address 12. Options a. Password (1) Option type, 1 octet = 5 (2) length, 1 octet Perlman (Internet-Draft expires end December 1993) [Page 32] Internet-Draft Routing over NBMA Links June 1993 (3) password 8.4. SMDS DR-to-ES Hello 1. NLPID, 1 octet, 82 hex (for ES-IS) 2. Version, 1 octet, the constant 1 3. Length, 2 octets, the total length of the packet 4. Packet Type 5. Holding Time, 2 octets, the value in seconds, equal to 3 times Hello Timer 6. Options a. Password (1) Option type, 1 octet = 5 (2) length, 1 octet (3) password 8.5. SMDS Level 1 IS Hello This packet type is used both for a non-DR to send an ISH to the DR, and for the DR to send its ISH to the other ISs. 1. NLPID, 1 octet, 83 hex (for IS-IS) 2. Version, 1 octet, the constant 1 3. Length, 2 octets, the total length of the packet 4. Packet Type 5. Holding Time, 2 octets, the value in seconds, equal to 3 times Hello Timer 6. DR flag, 1 octet -- the top 7 bits are reserved. The bottom bit=1 indicates the transmitting IS considers itself to be the DR. 7. ID length, 1 octet, the number of octets this IS thinks is in the ID field of a CLNP address Perlman (Internet-Draft expires end December 1993) [Page 33] Internet-Draft Routing over NBMA Links June 1993 8. Maximum area addresses, 1 octet, the maximum number of area addresses this IS is prepared to keep 9. Priority, 1 octet, the configured priority of this IS for becoming DR 10. Circuit type, 1 octet, 1=level 1 only, 2=level 2 only, 3=both level 1 and level 2 11. ID, (ID length octets) 12. SMDS group address (or 0 if none) this IS receives messages on, 8 octets -- this field is only present when the ISH is transmitted by a non-DR 13. Options a. Area addresses (1) Option type, 1 octet = 4 (2) length, 1 octet, a multiple of 8 (3) list of area addresses (a) Address length, 1 octet (b) Area Address b. Preconfigured SMDS addresses for reaching ISs (only transmitted by non-DR) (1) Option type, 1 octet = 1 (2) length, 2 octets, a multiple of 8 (3) list of SMDS addresses c. Preconfigured SMDS addresses for reaching ESs (only transmitted by non-DR) (1) Option type, 1 octet = 3 (2) length, 2 octets, a multiple of 8 (3) list of SMDS addresses d. IS addresses (only transmitted by DR) (1) option type, 1 octet = 2 Perlman (Internet-Draft expires end December 1993) [Page 34] Internet-Draft Routing over NBMA Links June 1993 (2) length, 2 octets, ID length*2 plus a multiple of 8+ID Length (3) Numerically lowest ID reported in this IS Hello (4) Numerically highest ID reported in this IS Hello (5) ID, SMDS address pairs for nonpassive ISs that have been sending IS Hellos to the DR e. Password (1) Option type, 1 octet = 5 (2) length, 1 octet (3) password 8.6. SMDS Level 2 IS Hello This has the same format as an SMDS Level 1 IS Hello. The only difference is the packet type. 8.7. Redirect This type of packet is used as a Hello Redirect and as a Data Redirect. It is used for Level 1 and Level 2 Hello Redirection. A Hello Redirect is used when an IS receives a Hello from an IS or an ES, and that IS does not think itself to be the DR. The packet informs the transmitter of the Hello of the SMDS address of the actual DR. A level 1 IS Hello Redirect is sent in response to a level 1 Hello, and directs towards the level 1 DR. A level 2 IS Hello Redirect is sent in response to a level 2 Hello, and directs towards the level 2 DR. A Data Redirect is transmitted by an IS R to the SMDS address from which R received a CLNP packet for forwarding, when R forwards the packet back across the same SMDS network from which the CLNP packet was received. 1. NLPID, 1 octet, 82 hex 2. Version, 1 octet, the constant 1 3. Length, 2 octets, the total length of the packet 4. Packet Type Perlman (Internet-Draft expires end December 1993) [Page 35] Internet-Draft Routing over NBMA Links June 1993 5. Flags, 1 octet 6 1 1 # of bits +----------+-------+-----+ | reserved | level | H/D | +----------+-------+-----+ "level" is 0 for level 1, 1 for level 2. "H/D" is 0 for Data Redirect, 1 for Hello Redirect 6. SMDS address, 8 octets: In the case of a Hello Redirect, it is the SMDS address of the DR. In the case of a Data Redirect, it is the SMDS address to forward to for that destination, and all destinations matching that address prefix. 7. Password (only present in Hello Redirect) 8. Holding Time, 2 octets, only present in Data Redirect, and is in units of seconds 9. CLNP destination address length, 1 octet, only present in Data Redirect 10. CLNP destination address, variable length, only present in Data Redirect Perlman (Internet-Draft expires end December 1993) [Page 36] Internet-Draft Routing over NBMA Links June 1993 9. Acronyms used in this Specification CLNP -- Connectionless Network Layer Protocol. CLNP is the data packet format, including the standard for addressing. CLNS -- Connectionless Network Layer Service. CLNS includes the protocols CLNP, ES-IS and IS-IS. DR -- Designated Router, the IS on a multiaccess link elected to be the focal point for information about the multiaccess link. ES -- End system (i.e., an endnode) IS -- Intermediate system (i.e., a router) ES-IS -- Protocol between neighbor ESs and ISs IS-IS -- Protocol between ISs (includes ISs exchanging routing information so as to compute routes, as well as aprotocol for neighbor ISs to find and keep track of each other) LSP -- Link State Packet 10. References [1]TR-TSV-000772 issue 1, May 1991, "Generic System Requirements in support of Switched Multi-Megabit Data Service". [2]TR-TSV-001060 issue 1, December 1991, "Switched Multi-Megabit Data Service Generic Requirements for Exchange Access and Intercompany Service Arrangements". [3]ISO 8473, "Protocol for Providing the Connectionless-Mode Network Service" (CLNP) [4]ISO 9542, "End System to Intermediate System Routeing Exchange Protocol for Use with the Protocol for Defining the Connectionless-Mode Network Service" (ES-IS) [5]ISO 10589, "Intermediate System to Intermediate System Intra-Domain Routeing Exchange Protocol for Use in Conjunction with the Protocol for Providing the Connectionless-mode Network Service" (IS-IS) [6]SMDS Interest Group document SIG-TS-004/1993 Perlman (Internet-Draft expires end December 1993) [Page 37] Internet-Draft Routing over NBMA Links June 1993 11. Working Group Information The current co-chairs of the ISIS working group are: Ross Callon Wellfleet Communications Inc. 2 Federal Street Billerica MA 01821 USA Phone: (508) 436 3936 Email: rcallon@wellfleet.com Chris Gunner Digital Equipment Corp. 550 King Street Littleton MA 01460-1289 USA Phone: (508) 486 7792 Fax: (508) 486 5279 Email: gunner@dsmail.enet.dec.com The working group mailing list is: isis@merit.edu Subscription requests should be sent to: isis-request@merit.edu 12. Authors' Addresses Radia Perlman Digital Equipment Corp. 550 King Street Littleton MA 01460-1289 USA Phone: (508) 486 7648 Fax: (508) 486 5279 Email: perlman@dsmail.enet.dec.com Perlman (Internet-Draft expires end December 1993) [Page 38] Internet-Draft Routing over NBMA Links June 1993 Chris Gunner Digital Equipment Corp. 550 King Street Littleton MA 01460-1289 USA Phone: (508) 486 7792 Fax: (508) 486 5279 Email: gunner@dsmail.enet.dec.com Perlman (Internet-Draft expires end December 1993) [Page 39]