| Internet-Draft | Unaffiliated BFD Echo | September 2024 |
| Cheng, et al. | Expires 28 March 2025 | [Page] |
Bidirectional Forwarding Detection (BFD) is a fault detection protocol that can quickly determine a communication failure between two forwarding engines. This document defines a use of the BFD Echo where the local system supports BFD but the adjacent system does not support BFD. BFD Control packet and its processing procedures can be executed over the BFD Echo port where the adjacent system only loops packets back to the local system.¶
This document updates RFC 5880.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 28 March 2025.¶
Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
To minimize the impact of device/link faults on services and improve network availability, in the single-hop cases a network device needs to be able to quickly detect faults in communication with adjacent devices. Measures can then be taken to promptly rectify the faults to ensure service continuity.¶
BFD [RFC5880] is a low-overhead, short-duration method to detect faults on the communication path between adjacent forwarding engines. The faults can be on interfaces, data link(s), and even the forwarding engines. It is a single, unified mechanism to monitor any media and protocol layers in real time.¶
BFD defines Asynchronous and Demand modes to satisfy various deployment scenarios. It also supports an Echo function to reduce the device requirement for BFD. When the Echo function is activated, the local system sends BFD Echo packets and the remote system loops back the received Echo packets through the forwarding path. If several consecutive BFD Echo packets are not received by the local system, then the BFD session is declared to be Down.¶
When using BFD Echo function, there are two typical scenarios as below:¶
Full BFD protocol capability with adjunct Echo function. This scenario requires both the local device and the adjacent device to support the full BFD protocol.¶
BFD Echo-Only method without full BFD protocol capability. This scenario requires only the local device to support sending and demultiplexing BFD Control packets. In this scenario, the BFD Control packets are sent over the BFD Echo port, but that the processing procedures for Asynchronous mode are used with the modifications described in this document. Note that this method monitors the connectivity to a system over a specific interface and does not verify the availability of a specific IP address at that system.¶
The former scenario is referred to as affiliated BFD Echo, which is not changed by this document in any way. The latter scenario is referred to as Unaffiliated BFD Echo, which is specified in this document.¶
Section 5 of [RFC5880] indicates that the payload of an affiliated BFD Echo packet is a local matter and hence its contents are outside the scope of that specification. This document, on the other hand, specifies the contents of the Unaffiliated BFD Echo packet and what to do with them. Regarding the selection of IP address, the rules stated in Section 4 of [RFC5881] are applicable to the encapsulation of an Unaffiliated BFD Echo packet.¶
Section 6.2.2 of [BBF-TR-146] describes one use case of the Unaffiliated BFD Echo.¶
This document specifies the use of the Unaffiliated BFD Echo over IPv4 and IPv6 for single IP hop.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.¶
As shown in Figure 1, device A supports BFD, whereas device B does not support BFD. Device A would send Unaffiliated BFD Echo packets, and after receiving the Unaffiliated BFD Echo packets sent from device A, the one-hop-away BFD peer device B immediately loops them back by normal IP forwarding, this allows device A to rapidly detect a connectivity loss to device B. Note that device B would not intercept any received Unaffiliated BFD Echo packet or parse any BFD protocol field within the Unaffiliated BFD Echo packet.¶
For unaffiliated echo, a Unaffiliated BFD Echo session is created on device A, and the Unaffiliated BFD Echo session MUST follow the BFD state machine defined in Section 6.2 of [RFC5880], except that the received state is not sent but looped back from the remote system. Unaffiliated BFD Echo does not use the AdminDown state. BFD Control packets are transmitted and received as Unaffiliated BFD Echo packets using destination UDP port 3785, as defined in [RFC5881]. The procedures for BFD Async sessions are executed for the looped BFD Control packets as per [RFC5880], including validation and authentication.¶
Once a Unaffiliated BFD Echo session is created on device A, it starts sending Unaffiliated BFD Echo packets. Unaffiliated BFD Echo packets with zeroed "Your Discriminator" field are demultiplexed to the proper session based on the source IP address or UDP source port, once the remote system loops back the local discriminator, all further received packets are demultiplexed based on the "Your Discriminator" field only, which is conform to the procedure specified in Section 6.3 of [RFC5880]. An Unaffiliated BFD Echo packet follows the same encapsulation rules as for a BFD Echo packet as specified in Section 4 of [RFC5881]. All Unaffiliated BFD Echo packets for the session MUST be sent with a Time to Live (TTL) or Hop Limit value of 255, and received with a TTL or Hop Limit value of 254, otherwise the received packets MUST be dropped [RFC5082].¶
Within the Unaffiliated BFD Echo packet, the "Desired Min TX Interval" and "Required Min RX Interval" defined in [RFC5880] SHOULD be populated with a certain value, which can avoid unset value being a potential vector for disclosure of uninitialized memory. A suggested value is 1 second (1,000,000 microseconds). These values, however, MUST be ignored on receipt. Furthermore, these values MUST NOT be used to calculate the Detection Time.¶
The "Required Min Echo RX Interval" defined in [RFC5880] SHOULD be populated with a certain value, which can avoid unset value being a potential vector for disclosure of uninitialized memory. A suggested value is 0. This value MUST be ignored on receipt. The transmission interval for Unaffiliated BFD Echo packets in the Up state MUST be provisioned on device A. The Unaffiliated BFD Echo feature depends on device B performing IP forwarding (actually IP redirect) functionality. While such functionality may normally be expected to be supported on a router, it may not be enabled on a host by default. The method for provisioning device B to loop back Unaffiliated BFD Echo packets is outside the scope of this document.¶
Similar to what's specified in [RFC5880], the Unaffiliated BFD Echo session begins with the periodic, slow transmission of Unaffiliated BFD Echo packets. The slow transmission rate SHOULD be no less than one second per packet, until the session is Up. After the session is Up, the provisioned transmission interval is used. When the Unaffiliated BFD Echo session goes Down, the slow transmission rate is resumed. The "Detect Mult" defined in [RFC5880] MUST be set to a value provisioned on device A. When the bfd.SessionState is Up and a Detect Mult number of Unaffiliated BFD Echo packets have not arrived at device A as they should, the device A MUST set bfd.SessionState to Down and bfd.LocalDiag to 2 (Echo Function Failed), as specified in Section 6.8.5 of [RFC5880].¶
In summary, the Unaffiliated BFD Echo packet reuses the format of the BFD Control packet defined in [RFC5880], and the fields within the Unaffiliated BFD Echo packet are populated as follows:¶
"My Discriminator" MUST be set to the provisioned local discriminator.¶
"Your Discriminator" MUST be set to 0 initially, and then MUST be set to the same as "My Discriminator" looped back.¶
"Desired Min TX Interval" SHOULD be set to a certain value. A suggested value is 1 second (1,000,000 microseconds).¶
"Required Min RX Interval" SHOULD be set to a certain value. A suggested value is 1 second (1,000,000 microseconds).¶
"Required Min Echo RX Interval" SHOULD be set to a certain value. A suggested value is 0.¶
"Detect Mult" MUST be set to the provisioned maximum allowable number of consecutively lost Unaffiliated BFD Echo packets.¶
The Unaffiliated BFD Echo described in this document reuses the BFD Echo function as described in [RFC5880] and [RFC5881], but does not require BFD Asynchronous or Demand mode. When using the Unaffiliated BFD Echo, only the local system has the BFD protocol enabled; the remote system just loops back the received BFD Echo packets as regular data packets.¶
This document updates [RFC5880] with respect to its descriptions on the BFD Echo function as follows.¶
The 4th paragraph of Section 3.2 of [RFC5880] is updated as below:¶
OLD TEXT
An adjunct to both modes is the Echo function.¶
NEW TEXT
An adjunct to both modes is the Echo function, which can also be running independently.¶
OLD TEXT
Since the Echo function is handling the task of detection, the rate of
periodic transmission of Control packets may be reduced (in the case
of Asynchronous mode) or eliminated completely (in the case of Demand mode).¶
NEW TEXT
Since the Echo function is handling the task of detection, the rate of
periodic transmission of Control packets may be reduced (in the case
of Asynchronous mode) or eliminated completely (in the case of Demand mode).
The Echo function may also be used independently, with neither Asynchronous nor Demand mode.¶
The 3rd and 9th paragraphs of Section 6.1 of [RFC5880] are updated as below:¶
OLD TEXT
Once the BFD session is Up, a system can choose to start the Echo
function if it desires and the other system signals that it will
allow it. The rate of transmission of Control packets is typically
kept low when the Echo function is active.¶
NEW TEXT
When a system is running with Asynchronous or Demand mode,
once the BFD session is Up, it can choose to start the Echo
function if it desires and the other system signals that it will
allow it. The rate of transmission of Control packets is typically
kept low for Asynchronous mode or eliminated completely for Demand mode
when the Echo function is active.¶
OLD TEXT
If the session goes Down, the transmission of Echo packets (if any)
ceases, and the transmission of Control packets goes back to the slow
rate.¶
NEW TEXT
In Asynchronous mode or Demand mode, if the session goes Down, the transmission
of Echo packets (if any) ceases, and the transmission of Control packets goes back to the slow rate.¶
The 2nd paragraph of Section 6.4 of [RFC5880] is updated as below:¶
OLD TEXT
When a system is using the Echo function, it is advantageous to
choose a sedate reception rate for Control packets, since liveness
detection is being handled by the Echo packets. This can be controlled
by manipulating the Required Min RX Interval field (see section 6.8.3).¶
NEW TEXT
When a system is using the Echo function with Asynchronous mode, it is advantageous to
choose a sedate reception rate for Control packets, since liveness
detection is being handled by the Echo packets. This can be controlled
by manipulating the Required Min RX Interval field (see section 6.8.3).
Note that a system operating in Demand mode would direct the remote system to cease
the periodic transmission of BFD Control packets, by setting the Demand (D) bit in its
BFD Control packets.¶
The 2nd paragraph of Section 6.8 of [RFC5880] is updated as below:¶
OLD TEXT
When a system is said to have "the Echo function active" it means
that the system is sending BFD Echo packets, implying that the
session is Up and the other system has signaled its willingness to
loop back Echo packets.¶
NEW TEXT
When a system in Asynchronous or Demand mode is said to have "the Echo function active" it means
that the system is sending BFD Echo packets, implying that the
session is Up and the other system has signaled its willingness to
loop back Echo packets.¶
The 7th paragraph of Section 6.8.3 of [RFC5880] is updated as below:¶
OLD TEXT
When the Echo function is active, a system SHOULD set
bfd.RequiredMinRxInterval to a value of not less than one second
(1,000,000 microseconds). This is intended to keep received BFD
Control traffic at a negligible level, since the actual detection
function is being performed using BFD Echo packets.¶
NEW TEXT
When the Echo function is active with Asynchronous mode, a system SHOULD set
bfd.RequiredMinRxInterval to a value of not less than one second
(1,000,000 microseconds). This is intended to keep received BFD
Control traffic at a negligible level, since the actual detection
function is being performed using BFD Echo packets. While a system operating in
Demand mode would not receive BFD Control traffic.¶
The 1st and 2nd paragraphs of Section 6.8.9 of [RFC5880] are updated as below:¶
OLD TEXT
BFD Echo packets MUST NOT be transmitted when bfd.SessionState is not
Up. BFD Echo packets MUST NOT be transmitted unless the last BFD
Control packet received from the remote system contains a nonzero
value in Required Min Echo RX Interval.¶
NEW TEXT
When a system is using the Echo function with either Asynchronous or Demand mode,
BFD Echo packets MUST NOT be transmitted when bfd.SessionState is not
Up, and BFD Echo packets MUST NOT be transmitted unless the last BFD
Control packet received from the remote system contains a nonzero
value in Required Min Echo RX Interval.¶
OLD TEXT
BFD Echo packets MAY be transmitted when bfd.SessionState is Up. The
interval between transmitted BFD Echo packets MUST NOT be less than
the value advertised by the remote system in Required Min Echo RX
Interval...¶
NEW TEXT
When a system is using the Echo function with either Asynchronous or Demand mode,
BFD Echo packets MAY be transmitted when bfd.SessionState is Up, and the
interval between transmitted BFD Echo packets MUST NOT be less than
the value advertised by the remote system in Required Min Echo RX
Interval...¶
All Security Considerations from [RFC5880] and [RFC5881] apply.¶
Unaffiliated BFD Echo requires the remote device to loop Unaffiliated BFD Echo packets. In order to provide this service, the remote device cannot make use of Unicast Reverse Path Forwarding (URPF) [RFC3704] in strict mode.¶
As specified in Section 5 of [RFC5880], since BFD Echo packets may be spoofed, some form of authentication SHOULD be included. Considering the Unaffiliated BFD Echo packets in this document are also BFD Control packets, the "Authentication Section" as defined in [RFC5880] for BFD Control packet is RECOMMENDED to be included within the Unaffiliated BFD Echo packet.¶
As stated in Section 2, in order to avoid unset values being a potential vector for disclosure of uninitialized memory, all fields of the Unaffiliated BFD Echo packet SHOULD be populated with a certain value, even if some of the fields are ignored on receipt.¶
This document has no IANA action requested.¶
The authors would like to acknowledge Ketan Talaulikar, Greg Mirsky, Santosh Pallagatti, Aijun Wang, and Eric Vyncke for their careful review and very helpful comments.¶
The authors would like to acknowledge Jeff Haas for his guidance, insightful review, and very helpful comments.¶
The authors would like to acknowledge Detao Zhao for the very helpful discussion.¶
Liu Aihua
ZTE
Email: liu.aihua@zte.com.cn¶
Qian Xin
ZTE
Email: qian.xin2@zte.com.cn¶
Zhao Yanhua
ZTE
Email: zhao.yanhua3@zte.com.cn¶