TRILL Working Group DonaldInternet Engineering Task Force (IETF) D. EastlakeINTERNET-DRAFT Yizhou3rd Request for Comments: 8139 Y. LiIntended status: Proposed Standard HuaweiObsoletes: 6439Mohammed UmairHuawei Updates: 6325, 7177IPinfusion AyanM. Umair Category: Standards Track IP Infusion ISSN: 2070-1721 A. Banerjee CiscoFangweiF. Hu ZTEExpires: August 20,June 2017February 21, 2017 TRILL:Transparent Interconnection of Lots of Links (TRILL): Appointed Forwarders<draft-ietf-trill-rfc6439bis-05.txt>Abstract TRILL (Transparent Interconnection of Lots of Links) supports multi- access LAN (Local Area Network) links where a single link can have multiple end stations and TRILL switches attached. Where multiple TRILL switches are attached to a link, native traffic to and from end stations on that link is handled by a subset of those TRILL switches called "Appointed Forwarders" as originally specified in RFC 6325, with the intent that native traffic in each VLAN be handled by at most one TRILL switch. This document clarifies and updates the Appointed Forwarder mechanism. It updatesRFC 6325, updates RFC 7177,RFCs 6325 and 7177 and obsoletes RFC 6439. Status of ThisDocumentMemo ThisInternet-Draftissubmitted to IETF in full conformance with the provisions of BCP 78 and BCP 79. Distribution of thisan Internet Standards Track document. This document isunlimited. Comments should be sent to the TRILL working group mailing list <trill@ietf.org>. Internet-Drafts are working documentsa product of the Internet Engineering Task Force(IETF), its areas,(IETF). It represents the consensus of the IETF community. It has received public review andits working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents validhas been approved fora maximumpublication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 ofsix monthsRFC 7841. Information about the current status of this document, any errata, and how to provide feedback on it may beupdated, replaced, or obsoleted by other documentsobtained atany time. Ithttp://www.rfc-editor.org/info/rfc8139. Copyright Notice Copyright (c) 2017 IETF Trust and the persons identified as the document authors. All rights reserved. This document isinappropriatesubject touse Internet-DraftsBCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, asreference material orthey describe your rights and restrictions with respect tocite them other thanthis document. Code Components extracted from this document must include Simplified BSD License text as"workdescribed inprogress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/1id-abstracts.html. The listSection 4.e ofInternet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html.the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1.Introduction...........................................4 1.1Introduction ....................................................4 1.1. Appointed Forwarders andActive-Active.................5 1.2Active-Active .....................5 1.2. Terminology andAcronyms...............................5Abbreviations ..............................6 2. Appointed Forwarders and TheirAppointment..............7 2.1Appointment ......................7 2.1. The Appointment Databases and DRBActions..............8 2.2Actions ..................8 2.2. Appointment Effects of DRBElections...................9 2.2.1Elections ......................10 2.2.1. Processing Forwarder Appointments inHellos.........10 2.2.2Hellos ........11 2.2.2. Frequency of HelloAppointments.....................12 2.2.3Appointments ....................13 2.2.3. Appointed Forwarders HelloLimit....................12 2.3Limit ...................13 2.3. Effects of Local Configuration ActionsAppointment Effects.......13 2.4on Appointments ....14 2.4. Overload and AppointedForwarders.....................13 2.5Forwarders .........................14 2.5. VLAN Mapping within aLink............................14Link ................................15 3. The InhibitionMechanism...............................15 3.1Mechanism .......................................15 3.1. Inhibited Appointed ForwarderBehavior................17 3.2Behavior ....................18 3.2. Root Bridge Change InhibitionOptimizations..................17 3.2.1Optimizations ...............18 3.2.1. Optimization for Change to LowerPriority...........18 3.2.2Priority ..........19 3.2.2. Optimization for Change to PriorityOnly............18 3.2.3 SettlingOnly ...........19 3.2.3. Optimizing the DetectionOptimization.....................18of Completed Settling .....19 4. Optional TRILL HelloReduction.........................20Reduction .................................20 5. Multiple Ports on the SameLink........................22Link ................................22 6. Port-ShutdownMessages.................................23 6.1Messages .........................................23 6.1. Planned Shutdown andHellos...........................23 6.2Hellos ...............................23 6.2. Port-Shutdown MessageStructure.......................23 6.3Structure ...........................23 6.3. Port-Shutdown MessageTransmission....................24 6.4Transmission ........................24 6.4. Port-Shutdown MessageReception.......................25 6.5Reception ...........................25 6.5. Port-Shutdown MessageSecurity........................25 6.6Security ............................25 6.6. Port-ShutdownConfiguration...........................25Configuration ...............................26 7. FGL-VLAN Mapping ConsistencyChecking..................27Checking ..........................26 8. Support ofE-L1CS......................................28 8.1 Backwards Compatibility...............................28E-L1CS ..............................................27 8.1. Backward Compatibility ....................................27 9. SecurityConsiderations................................29Considerations ........................................28 10. Code Points and DataStructures.......................30 10.1Structures ...............................28 10.1. IANAConsiderations..................................30 10.2 Appointment Bitmap APPsub-TLV........................30 10.3 Appointment List APPsub-TLV..........................31 10.4 FGL-VLAN Mapping Bitmap APPsub-TLV...................32 10.5 FGL-VLAN Mapping Pairs APPsub-TLV....................34Considerations ......................................28 10.2. AppointmentBitmap APPsub-TLV .............................29 10.3. AppointmentList APPsub-TLV ...............................30 10.4. FGL-VLAN-Bitmap APPsub-TLV ...............................31 10.5. FGL-VLAN-Pairs APPsub-TLV ................................32 11. ManagementConsiderations.............................35 INTERNET-DRAFT TRILL: Appointed Forwarders Table of Contents (continued)Considerations .....................................33 12. References ....................................................34 12.1. NormativeReferences......................................36References .....................................34 12.2. InformativeReferences....................................37 Acknowledgements..........................................38 Authors' Addresses........................................39References ...................................36 AppendixA:A. VLAN InhibitionExample.......................40 Appendix B: Changes to RFCs 6325, 6439, 7177..............41Example ...............................37 AppendixC:B. Multi-Link VLAN Mapping LoopExample..........42Example ..................38 AppendixZ: Change Record.................................44 CopyrightC. Changes to RFCs 6325, 6439, andIPR Provisions..............................45 INTERNET-DRAFT TRILL: Appointed Forwarders7177 ..................39 Acknowledgments ...................................................40 Authors' Addresses ................................................41 1. Introduction The IETF TRILL (Transparent Interconnection of Lots of Links) protocol [RFC6325] [RFC7780] provides optimalpair-wisepairwise data frame forwarding without configuration in multi-hop networks with arbitrary topology and link technology, safe forwarding even during periods of temporary loops, and support for multipathing of both unicast and multicast traffic. TRILL accomplishesthisthese by using IS-IS (Intermediate System to Intermediate System) [IS-IS] [RFC7176]link statelink-state routing and encapsulating traffic using a header that includes a hop count. The design supports VLANs, FGLs(Fine Grained Labels [RFC7172]),(Fine-Grained Labels) [RFC7172], and optimization of the distribution of multi-destination frames based on VLANs and multicast groups. Devices that implement TRILL are called TRILL switches or "RBridges" (Routing Bridges). Section 2 of [RFC7177] discusses the environment for which the TRILL protocol is designed and the differences between that environment and the typical Layer 3 routing environment. TRILL supports multi-access LAN (Local Area Network) links that can have multiple end stations and TRILL switches attached. Where multiple TRILL switches are attached to a link, native traffic to and from end stations on that link is handled by a subset of those switches called "Appointed Forwarders" as originally specified in [RFC6325], with the intent that native traffic in each VLAN be handled by at most one switch. A TRILL switch can be Appointed Forwarder for many VLANs. The purpose of this document is to update and improve the Appointed Forwarder mechanism and free it from the limitations imposed by the requirement in its initial design that all appointments fit within a TRILL HelloPDU.Protocol Data Unit (PDU). This is accomplished by requiring support oflink scopedlink-scoped FS-LSPs (FloodingScoped -Scope Link StatePDUs, Section 7)PDUs) (Section 8) andproving forproviding the option to send appointment informationto optionally be sentin those LSPs. Inadditionaddition, this document provides a number of other optional features to(1)1. detect inconsistentVLAN to FGLVLAN-ID-to-FGL [RFC7172] mappings among the TRILL switch ports on alinklink, as discussed in Section 7,(2)2. expedite notification of ports going down so that Appointed Forwarders can beadjustedadjusted, as discussed in Section 6, and(3)3. reduce or eliminate the need for "inhibition" of ports for loopsafetysafety, as discussed in Section 3.2. This document replaces and obsoletes [RFC6439], incorporating the former material in [RFC6439] with these additions. The various optimizations are orthogonal and optional. Implementers can choose to provide all, some, or none ofthemthem, and TRILL switches will still be interoperable. In accordance with the TRILL design philosophy, these optimizations require zero or minimalconfigurationconfiguration, but there are a couple of configurableparametersparameters, as summarized in Section 11.This document, asAs described in AppendixB,C, this document updates [RFC6325] byINTERNET-DRAFT TRILL: Appointed Forwardersmandating support of E-L1CS FS-LSPs and providesbackwardsbackward compatibility in the presence of legacy TRILL switches that do not provide this support. It also updates [RFC7177] by providing, as an optional optimization, that receipt of theport shutdownPort-Shutdown message specified herein be treated as an event in the state machine specified in [RFC7177]. This document includes reference implementation details. Alternative implementations that interoperate on the wire are permitted. The Appointed Forwarder mechanism is irrelevant to any link on whichend stationend-station service is not offered. This includes links configured as point-to-point IS-IS links and any link with all TRILL switch ports on that link configured as trunk ports. (In TRILL, configuration of a port as a "trunk port" just means that noend stationend-station service will be provided. It does not imply that all VLANs are enabled on that port.) The Appointed Forwarder mechanism has no effect on the formation of adjacencies, the election of the Designated RBridge(DRB, [RFC7177])(DRB) [RFC7177] for a link, MTU matching, or pseudonode formation. Those topics are covered in [RFC7177]. Furthermore, Appointed Forwarder status has no effect on the forwarding of TRILL Data frames; it only affects the handling of native frames to and from end stations. For other aspects of the TRILL base protocol, see [RFC6325], [RFC7177], and [RFC7780]. Incasecases of conflict between this document and [RFC6325] or [RFC7177], this document prevails.1.11.1. Appointed Forwarders and Active-Active As discussed in [RFC7379], TRILL active-active provides support for end stations connected to multiple edge TRILL switches where these connections are separate links. Since TRILL Hellos are not forwarded between these links, the Appointed Forwarder mechanism as described herein operates separately on each such link.1.21.2. Terminology andAcronymsAbbreviations This document uses theacronymsabbreviations and terms defined in [RFC6325], some of which are repeated below for convenience, and additionalacronymsabbreviations and terms listed below. Data Label mapping: The mapping from VLAN ID to FGL and from FGL to VLAN ID. DRB: Designated RBridge. The RBridge on a link elected as specified in [RFC7177] to handle certain decisions and tasks for thatlinklink, including forwarder appointment as specified herein.INTERNET-DRAFT TRILL: Appointed ForwardersE-L1CS: Extended Level 1 CircuitScopedScope (Section 8). FGL:Fine GrainedFine-Grained Label [RFC7172]. FS-LSP: FloodingScoped -Scope Link State PDU (Section 8). Link: The means by which adjacent TRILL switches are connected. A TRILL link may be various technologies and, in the common case of Ethernet, can be a "bridgedLAN",LAN" -- that is to say, some combination of Ethernet links with zero or more bridges, hubs, repeaters, or the like. LSDB: Link State Database. PDU: Protocol DataBase.Unit. RBridge: An alternative name for a TRILL switch. TRILL: Transparent Interconnection of Lots of Links or Tunneled Routing in the Link Layer. TRILL switch: A device implementing the TRILL protocol. An alternative name for an RBridge. Trunk port: A TRILL switch port configured with the"end station"end-station service disable" bit on, as described in Section 4.9.1 of [RFC6325]. The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in[RFC2119]. INTERNET-DRAFT TRILL: Appointed ForwardersBCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here. 2. Appointed Forwarders and Their Appointment The Appointed Forwarder on a link for VLAN-x is the TRILL switch (RBridge) that ingresses native frames from the link and egresses native frames to the link in VLAN-x. By default, the DRB (Designated RBridge) on a link is in charge of native traffic for all VLANs on the link. The DRB may, if it wishes, act as Appointed Forwarder for anyVLANVLAN, and it may appoint other TRILL switches that have ports on the link as Appointed Forwarder for one or more VLANs. By definition, the DRB considers the other ports on the link to be the ports with which a DRB port has adjacency on that link [RFC7177]. If the DRB loses adjacency to a TRILL switch that it has appointedaas forwarder and the native traffic that was being handled by that Appointed Forwarder is still to be ingressed and egressed, it SHOULD immediately appoint another forwarder or itself become the forwarder for that traffic. It is important that there not be two Appointed Forwarders on a link that are ingressing and egressing native frames for the same VLAN at the same time. Should this occur, it could form a loop where frames are not protected by a TRILL Hop Count for part of the loop. (Such a condition can even occur through two Appointed Forwarders for two different VLANs, VLAN-x and VLAN-y, if ports or bridges inside the link are configured to map frames between VLAN-x and VLAN-y as discussed in Section 2.5.) While TRILL tries to avoid such situations, for loop safety there is also an "inhibition" mechanism (see Section 3) that can cause a TRILL switch that is an Appointed Forwardertonot to ingress or egress native frames. Appointed Forwarder status and port "inhibition" have no effect on the reception, transmission, or forwarding of TRILL Data or TRILL IS-IS frames. Appointed Forwarder status and inhibition only affect the handling of native frames. As discussed in Section 5, an RBridge may have multiple ports on a link. As discussed in [RFC7177], if there are multiple ports with the same Media Access Control (MAC) address on the same link, all but one will be suspended. The case of multiple ports on a link for the same TRILL switch and the case of multiple ports with the same MAC address on alink andlink, as well as combinations of thesecasescases, are fully accommodated; however, the case of multiple ports on a link for the same TRILL switch is expected to be a rareconditioncondition, and the case of duplicate MAC addresses is not recommended by either TRILL or IEEE 802.1 standards. There are six mechanisms by which an RBridge can be appointed orun- appointedunappointed as Appointed Forwarder:(1)1. assumption of appointment, when the DRB decides to act as Appointed Forwarder for a VLAN,(2) Hello2. E-L1CS appointment, as a result of appointments sent by the DRB inTRILL Hellos, (3)E-L1CS FS-LSPs, 3. Hello appointment, as a result of appointments sent by the DRB inE-L1CS FS-LSPs, (4)TRILL Hellos, 4. as a result of the DRB electionsINTERNET-DRAFT TRILL: Appointed Forwarders[RFC7177] as discussed in Section 2.2,(5)5. as a result of aPort- ShutdownPort-Shutdown message as discussed in Section 6, and(6)6. as a result of a local configuration action as discussed in Section 2.3. Mechanisms 2 and 3 are covered in Section 2.1.2.12.1. The Appointment Databases and DRB Actions The DRB MAY appoint other RBridges on the link as Appointed Forwarders throughthe mechanisms Atwo mechanisms, "A" andB"B", as described below. Each RBridge maintains two databases of appointment information: (1) its E-L1CSLSDB thatLSDB, which shows appointments that each RBridge on the link would make using mechanism A ifitthat RBridge were the DRB, and (2) its Hello appointmentdatabase thatdatabase, which shows the appointments most recently sent by the DRB in a TRILL Hello. The E-L1CS LSDB is semi-permanent and is only changed by E-L1CS FS-LSPs or IS-IS purges. The Hello appointment database is more transient and is completely reset by each Hello received from the DRB that contains anyappointments andappointments; this database is also cleared under othercircumstancescircumstances, as described below. An RBridge considers itself to be the Appointed Forwarder for VLAN-x if this is indicated by either its Hello appointment database or its E-L1CS LSDB entries from the DRB. The two mechanisms by which the DRB can appoint other RBridges on a link as Appointed Forwarders are as follows: (A) The inclusion of one or more Appointed Forwarders sub-TLVs [RFC7176],Appointment BitmapAppointmentBitmap APPsub-TLVs (Section 10.2), orAppointment ListAppointmentList APPsub-TLVs (Section 10.3) in E-L1CS LSPs it sends on a link. Appointments sentwithusing this method will not be seen by legacy RBridges that do not support E-L1CS (Section 8). (B) The inclusion of one or more Appointed Forwarders sub-TLVs [RFC7176] in a TRILL Hello it sends on the Designated VLAN out of the port that won the DRB election. When the DRB sends any appointments in a TRILL Hello, it must send all appointments it is sending in Hellos for that link in that Hello. Any previous appointment it has sent in a Hello that is not included is implicitly revoked. To avoid the size limitations of the Hello PDU, it is RECOMMENDED that the E-L1CS FS-LSP method be used to distribute forwarder appointments and that all RBridges on a linkadvertise byuse this method to advertise the appointments they would make if they were the DRB. However, if some RBridges on a link do not support E-L1CS FS-LSPs, then Hello appointments must be used for the DRB to appoint such legacy RBridgesan Appointed Forwarder. INTERNET-DRAFT TRILL:as AppointedForwardersForwarders. Although the DRB does not need to announce the VLANs for which it has chosen to act as Appointed Forwarder by sendingappointsappointments for itself, if the DRB wishes to revoke all appointments made in Hellos for RBridges other than itself on the link, it can do so by sending a TRILL Hello with just an appointment for itself for some VLAN. How the DRB decides what other RBridges on the link, if any, to appoint as forwarder forwhichsome VLAN or VLANs is beyond the scope of this document. Unnecessary changes in Appointed Forwarders SHOULD NOT bemademade, as they may result in transient lack ofend stationend-station service. Should the network manager have misconfigured the enabled VLANs and Appointed Forwarders, resulting in two RBridges believing they are Appointed Forwarders for the same VLAN,thenthe scenario described in item 4 in Section 3 will cause one or more of the RBridges to be inhibited for thatVLANVLAN, thus avoiding persistent loops. When forwarder appointments are being encoded for transmission, different patterns of VLANs are most efficiently encoded in different ways. The following table gives adviceforregarding the most efficientencoding:encoding for a given pattern: sub-TLV and Reference Pattern of VLAN IDs |enclosing TLV(s) and Reference------------------------------------ ------------------------------------ Blocks of consecutive VLANs Appointed Forwarders sub-TLV [RFC7176] |RouterCapabilitiesCAPABILITY TLV [RFC7981] |orMT CapabilitiesMT-Capability TLV [RFC6329] Scattered VLANs within a small rangeAppointment BitmapAppointmentBitmap APPsub-TLV (Section 10.2) |TRILL GENINFO TLV [RFC7357] Scattered VLANs over a large rangeAppointment ListAppointmentList APPsub-TLV (Section 10.3) |TRILL GENINFO TLV [RFC7357]2.22.2. Appointment Effects of DRB Elections When a TRILL switch port on a link wins the DRB election, there are four possible cases: 1. A TRILL switch believes that it was the DRB and remains the DRB:Therethere is no change in Appointed Forwarder status. This also applies inINTERNET-DRAFT TRILL: Appointed Forwardersthe corner case where a TRILL switch has more than one port on a link, one of which was previously the DRB election winner but has just lost the DRB election to a different port of the same TRILL switch on the same link (possibly due to management configuration of port priorities). In thiscasecase, there also is no change in which TRILL switch is the DRB. 2. A TRILL switch believes that it was not the DRB but has now won the DRB election and become the DRB on a link: by default, it can act as Appointed Forwarder for any VLANs on that link that itchooseschooses, as long as its port is not configured as a trunk port and has that VLAN enabled (or at least one of its ports meets these criteria, if it has more than one port on the link). It ignores any previous forwarder appointment information it received from other TRILL switches on the link. 3. A TRILL switch was not the DRB and does not becomeDRBthe DRB, but it observes that the port winning the DRB election has changed:Thethe TRILL switch loses all Hello appointments. In addition, there are two subcases:3.aa. The new winning port and the old winner are ports of different TRILL switches on the link. In this case, it switches to using the E-L1CS FS-LSP appointments for the winning TRILL switch.3.bb. The new winning port and the old winner are ports of the same TRILL switch, which has two (or more) ports on the link:Althoughalthough the Hello appointments are still discarded, since the same TRILL switch is the DRB, the E-L1CS FS-LSP appointments are unchanged. 4. The winning port is unchanged:Asas in case 1, there is no change in Appointed Forwarder status.2.2.12.2.1. Processing Forwarder Appointments in Hellos When a non-DRB RBridge that can offerend stationend-station service on a link receives a TRILL Hello that is not discarded for one of the reasons given in [RFC7177], it checks the source MAC address and the Port ID and System ID in the Hello to determine if it is from the winning DRB port. If it is not from that port, any forwarder appointmentsub- TLVssub-TLVs in the Hello are ignored, and there is no change in the receiving RBridge's Appointed Forwarder status due to that Hello. Also, if no forwarder appointment sub-TLVs are present in the TRILL Hello, there is no change in the receiver's Appointed Forwarder status due to that Hello. However, if the TRILL Hello is from the winning DRB port and the Hello includes one or more forwarder appointment sub-TLVs, then the receiving RBridge sets its Hello appointment database to be the set of VLANsINTERNET-DRAFT TRILL: Appointed Forwardersthatarehave both of the following characteristics: o The VLAN is listed as an appointment foritthe receiving RBridge in theHelloHello, andareo The VLAN is enabled on thereceiving port.port where the Hello was received. (If the appointment includes VLAN IDs 0x000 or 0xFFF, they are ignored, but any other VLAN IDs are still effective.) It then becomes Appointed Forwarder for all the VLANs for which it is appointed in either its Hello appointment database or its E-L1CS FS-LSP appointment database from the DRB if the VLAN is enabled and if the port is not configured as a trunk or IS-IS point-to-point port. If the receiver was Appointed Forwarder for any VLANs because they were in the Hello appointment database and they are no longer in the Hello appointment database, its Appointed Forwarder status for such VLANs is revoked. For example, if none of these sub-TLVs in a Hello appoints the receiving RBridge, then it loses all Appointed Forwarder status on the port where the Hello was received due to Hello appointment databaseentriesentries, but it retains Appointed Forwarder status due to E-L1CS FS-LSP appointments. The handling of one or more forwarder appointment sub-TLVs in a Hello from the winning port that appoints the receiving RBridge is as follows:Anan appointment in an AppointedForwarderForwarders sub-TLV is for a specific RBridge and a contiguous interval of VLAN IDs; however, as stated above, it actually appoints that RBridge as forwarder only for theVLAN(s)VLAN or VLANs in that range that are enabled on one or more ports that RBridge has on the link (ignoring any ports configured as trunk ports or as IS-IS point-to-point ports). There is no reason for an RBridge to remember that it received a valid appointment Hello message for a VLAN that was ineffective because the VLAN was not enabled on the port where the Hello was received or because the port was a trunk or point-to-point port. It does not become Appointed Forwarder for such a VLAN just because that VLAN is later enabled or the port is later reconfigured. The limitations due to the size of the Hello PDU make it desirable to use E-L1CS FS-LSPs for appointment. But if Hellos need to be used, due to TRILL switches on the link not supporting E-L1CS FS-LSPs, the remainder of this sectiongivesprovides a method to maximize the use of the limited space in Hellos for forwarder appointment. It should be straightforward for the DRB to send, within one Hello, the appointments for several dozen VLAN IDs or several dozen blocks of contiguous VLAN IDs. Should the VLANs that the DRB wishes to appoint be inconveniently distributed (forexampleexample, the proverbial case wherethea DRBRB1(say RB1) wishes to appoint RB2 as forwarder for alleven- numberedeven-numbered VLANs and appoint RB3 as forwarder for all odd-numberedVLANs)VLANs), the following method may be used: The network manager normally controls what VLANs are enabled on an RBridge port. Thus, the network manager can appoint an RBridge as forwarder for an arbitrary set of scattered VLANs by enabling only those VLANs on the relevant port (or ports) and then having the DRB send an appointment that appears to appoint the target RBridgeINTERNET-DRAFT TRILL: Appointed Forwardersas forwarder for all VLANs. However, for proper operation andinter- RBridgeinter-RBridge communication, the Designated VLAN for a link SHOULD be enabled on all RBridge ports on that link, and it may not be desired to appoint the RBridge as forwarder for the Designated VLAN. Thus, in the general case,it would requiretwoappointments, although itappointments wouldstillbe required, although onlyrequireone appointment would be required if the Designated VLAN value werean extremeextremely low or highvalue such(such as VLAN0xFFE0xFFE) or the defaultVLAN 1.value (VLAN 1). For example, assume that the DRB wants RB2 to be Appointed Forwarder for all even-numbered VLANs and the Designated VLAN for the link is VLAN 101. The network manager could cause all even-numbered VLANs plus VLAN 101 to be enabled on the relevant port of RB2 and then, with the desired effect, cause the DRB to send appointments to RB2 appointing it forwarder for all VLANs from 1 through 100 and from 102 through 4,094.2.2.22.2.2. Frequency of Hello Appointments Appointments madethoughthrough E-L1CS FS-LSPs use the same IS-IS timing constants as those for LSP flooding. The general IS-ISlink statelink-state flooding mechanism is robust and includesacknowledgementsacknowledgments so that it automatically recovers from lost PDUs,re-bootedrebooted TRILL switches, and the like. For Hello appointments, it is not necessary for the DRB to include the Hello forwarder appointments in every TRILL Hello that it sends on the Designated VLAN for a link. For loop safety, every RBridge is required to indicate, in every TRILL Hello it sends in VLAN-x on a link, whether it is an Appointed Forwarder for VLAN-x for that link (see item 4 in Section33, but see also Section 4). It is also RECOMMENDED that the DRB have enabled all VLANs for whichend stationend-station service will be offered on the link as well as the Designated VLAN. Thus, the DRB will generally be informed by other RBridges on the link of the VLANs for which they believe that they are the Appointed Forwarder. If this matches the appointments the DRB wishes to make, it is not required tore-sendresend its forwarder appointments; however, for robustness, especially in cases such as VLAN misconfigurations in a bridged LAN link, it is RECOMMENDED that the DRB send its forwarder appointments on the Designated VLAN at least once per its Holding Time on the port that won the DRB election.2.2.32.2.3. Appointed Forwarders Hello Limit The Hello mechanism of DRB forwarder appointment and the limited length of TRILL Hellos impose a limit on the number of RBridges on aINTERNET-DRAFT TRILL: Appointed Forwarderslink that can be Appointed Forwarders when E-L1CS FS-LSP appointments cannot be used due to the presence of legacy RBridges. To obtain a conservative estimate of this limit, assume that no more than10001,000 bytes are available in a TRILL Hello for such appointments. Assume also that it is desired to appoint various RBridges on a link as forwarder for arbitrary non-intersecting sets of VLANs. Using the technique discussed at the end of Section 2.2.1 would generally require two appointments, or 12 bytes, per RBridge. With allowance for sub-TLV and TLV overhead, appointments for 83 RBridges would fit in under10001,000 bytes. Including the DRB, this implies a link with 84 or more RBridges attached. Links with more than a handful of RBridges attached are expected to berare. Andrare, and in any case such limitations are easily avoided by using E-L1CS FS-LSP appointment.2.32.3. Effects of Local Configuration ActionsAppointment Effectson Appointments Disabling VLAN-x at an RBridge port cancels any Appointed Forwarder status that RBridge has forVLAN-xVLAN-x, unless VLAN-x is enabled on some other port that the RBridge has connected to the same link. Configuring a port as a trunk port or point-to-point port revokes any Appointed Forwarder status that depends on enabled VLANs at that port. Causing a port to no longer be configured as a trunk orpoint-to- pointpoint-to-point port or enabling VLAN-x on a port does not necessarily cause the RBridge to become an Appointed Forwarder for the link that port is on. However, such actions allow the port's RBridge to become Appointed Forwarder by choice if it is the DRB or, if it is not the DRB on the link, by appointment as indicated by the Hello appointment database or the E-L1CS FS-LSP appointmentdatabases. 2.4database. 2.4. Overload and Appointed Forwarders A TRILL switch inlink statelink-state overload [RFC7780] will, in general, do a poorer job of forwarding frames than a TRILL switch not inoverloadoverload, because the TRILL switch not in overload has full knowledge of the campus topology. For example, as explained in [RFC7780], an overloaded TRILL switch may not be able to distributemulti- destinationmulti-destination TRILL Data packets at all. Therefore, the DRB SHOULD NOT appoint an RBridge in overload as an AppointedForwarder and,Forwarder, and if an Appointed Forwarder becomes overloaded, the DRB SHOULDre-assignreassign VLANs from the overloaded RBridge to another RBridge on the link that is not overloaded, if one is available.INTERNET-DRAFT TRILL: Appointed Forwarders This does not violate the IS-IS standards prohibition on routing through an overloaded node. Designation as an appointed forwarder has to do with the ingress and egress of native frames and has nothing to do with the IS-IS routing of TRILL Data packets through a TRILL switch.A counter-example where it would be best to appoint an RBridge in overload asappointed forwarderAppointed Forwarder would be if RB1 was in overload but all end stations in the campus in VLAN-x were on links attached to RB1. In such a case, RB1 would never have to route VLAN-xend stationend-station traffic asaTRILL Datapacketpackets but would always be forwardingitthem locally asanativeframe.frames. In this case, RB1 SHOULD NOT be disadvantaged for selection as the VLAN-x Appointed Forwarder on any suchlinkslinks, even ifEB1RB1 is in overload. There is also the case where it is unavoidable to appoint an RBridge in overload asappointed forwarderAppointed Forwarder, because all RBridges on the link are in overload.Overload doesThese cases do notaffect DRB election but a TRILL switchviolate the prohibition inoverload MAY reduce its own prioritythe IS-IS standard against routing through an overloaded node. Designation as an Appointed Forwarder has to do with the ingress and egress of native frames and has nothing to do with the IS-IS routing of TRILL Data packets through a TRILL switch. Overload does not affect DRB election, but a TRILL switch in overload MAY reduce its own priority to be the DRB.2.52.5. VLAN Mapping within a Link TRILL Hellos include a field that is set to the VLAN in which they are sent when they are sent on a link technology such as Ethernet that has outer VLAN labeling. (For link technologies such as PPP that do not have outer VLAN labeling, this Hello field is ignored.) If a TRILL Hello arrives on a different VLAN than the VLAN on which it wassent on,sent, then VLAN mapping is occurring within the link. VLAN mapping between VLAN-x and VLAN-y can lead to a loop if the Appointed Forwarders for the VLANs are different. If such mapping within a link was allowed and occurred on two or more links so that there was a cycle of VLAN mappings, a multi-destination frame would loop forever. Such a frame would beimmortal."immortal". For a specific example, see AppendixC.B. To prevent this potential problem, if the DRB on a link detects VLAN mapping by receiving a Hello in VLAN-x that was sent on VLAN-y, it MUST make or revoke appointments so as to assure that the same TRILL switch (possibly the DRB) is the Appointed Forwarder on the link for both VLAN-x and VLAN-y.INTERNET-DRAFT TRILL: Appointed Forwarders3. The Inhibition Mechanism A TRILL switch has, for every link on which it can offerend stationend-station service (thatisis, every link for which it can act as an Appointed Forwarder), the followingtimerstimers, denominated in seconds: - a DRB inhibition timer, - a root bridge change inhibition timer, and - up to 4,094 VLAN inhibition timers, one for each legal VLAN ID. The DRB and root bridge change inhibition timers MUST be implemented. The loss of native traffic due to inhibition will be minimized by logically implementing a VLAN inhibition timer per each VLAN for whichend stationend-station service will ever be offered by the RBridge on the link; this SHOULD be done. (See Appendix A for an examplemotivatingillustrating a potential problem that is solved by VLAN inhibition timers.) However, if implementation limitations make a full set of such timers impractical, the VLAN inhibition timers for more than one VLAN can, with care, be merged into one timer. In particular, an RBridge MUST NOT merge the VLAN inhibition timerstogetherfor two VLANs if it is theAppointerAppointed Forwarder for oneandbut not for the other, as this can lead to unnecessary indefinitely prolonged inhibition. Inthe limit,a given implementation limitation, there will be safe operations, albeit with morenative frameloss of native frames than would otherwise be required, even if only two VLAN inhibition timers are provided: one for the VLANs for which the RBridge is the Appointed Forwarder and one for all other VLANs. Thus, at least two VLAN inhibition timers MUST be implemented. Where a VLAN inhibition timer represents more than one VLAN, an update or test that would have been done to the timer for any of the VLANs is performed on the merged timer. These timers are set as follows: 1. On booting or management reset, each port will have its own set of timers, even if two or more such ports are on the same link, because the TRILL switch will not have had a chance yet to learn that they are on the same link. All inhibition timers are set toexpired"expired", except the DRB inhibition timer that is set in accordance with item 2 below. The DRB inhibition timer is handleddifferentlydifferently, because each port will initially believe that it is the DRB. 2. When a TRILL switch decides that it has become the DRB on a link, including when it is first booted or reset by management, it sets the DRB inhibition timer to the Holding Time of its port on that link that won the DRB election. 3. When a TRILL switch decides that it has lost DRB status on a link,INTERNET-DRAFT TRILL: Appointed Forwardersit sets the DRB inhibition timer toexpired."expired". Note: In the corner case where one port of a TRILL switch was the DRB electionwinner,winner but later lost the DRB election to a different port of the same TRILL switch on that link (perhaps due to management configuration of port priorities), neither item 2 nor item 3 above applies, and the DRB timer is not changed. 4. When a TRILL switch RB1 receives a TRILL Hello asserting that the sender is the Appointed Forwarder and that Hello either (1) arrives on VLAN-x or (2) was sent on VLAN-x as indicated inside the Hello,thenRB1setsuses as its VLAN-x inhibition timer for the linkto the maximum of(1) that timer's existing valueandor (2) the Holding Time in the receivedHello.Hello, whichever is longer. A TRILL switch MUST maintain VLAN inhibition timers covering a link to which it connects if it can offerend stationend-station service on thatlinklink, even if it is not currently the Appointed Forwarder for any VLAN on that link. 5. When a TRILL switch RB1 enables VLAN-x on a port connecting to a link and VLAN-x was previously not enabled on any of RB1's ports on that link, it sets its VLAN inhibition timer for VLAN-x for that link to its Holding Time for that port. This is done even if the port is configured as a trunk or point-to-pointportport, as long as there is some chance it might later be configured not to be a trunk or point-to-point port. Remember, inhibition has no effect on TRILL Data or IS-ISpackets,packets; inhibition only affects native frames. 6. When a TRILL switch detects a change in the common spanning tree root bridge on a port, it sets its root bridge change inhibition timer for the link to an amount of time that defaults to 30 seconds and is configurable to any value from 30 down tozero0 seconds. This condition will not occur unless the TRILL switch is receiving BridgePDUPDUs (BPDUs) on the port from an attached bridged LAN; if no BPDUs are being received, the root bridge change inhibition timer will never be set. It is safe to configure this inhibition time to the settling time of an attached bridged LAN. For example, if it is known that the Rapid Spanning Tree Protocol(RSTP [802.1Q])(RSTP) [802.1Q] is running throughout the attached bridged LAN, it is safe to configure this inhibition time to 7 seconds or, if the attached bridges have been configured to have a minimum Bridge Hello Timer, it is safe to configure it to 4 seconds. Further optimizations are specified in Section 3.2. 7. When a TRILL switch decides that one of its ports (or a set of its ports) P1 is on the same link as another one of its ports (or set of its ports) P2,thenthe inhibition timers are mergedtointo a single set of inhibition timers by using themaximumlongest value of the corresponding timers as the initial value of the merged timers.INTERNET-DRAFT TRILL: Appointed Forwarders8. When an RBridge decides that a set of its ports that it had been treating as being on the same link are no longer on the same link, those ports will necessarily be on two or more links(one(up to one link perport in the limit).port). This is handled by cloning a copy of the timers for each of the two or more links to which the TRILL switch has decided these ports connect.3.13.1. Inhibited Appointed Forwarder Behavior Inhibition has no effect on the receipt or forwarding of TRILL Data packets or TRILL IS-IS packets. It only affects ingressing and egressing native frames. An Appointed Forwarder for a link is inhibited for VLAN-x if: 1. its DRB inhibition timer for that link is not expired,or2. its root bridge change inhibition timer for that link is not expired, or 3. its VLAN inhibition timer for that link covering VLAN-x is not expired. If a VLAN-x Appointed Forwarder for a link is inhibited and receives a TRILL Data packet whose encapsulated frame would normally be egressed to that link in VLAN-x, it decapsulates the native frame as usual. However, it does not output it to, or queue it for, that link, although, if appropriate (for example, the frame ismulti- destination),multi-destination), it may output it to, or queue it for, other links. If a VLAN-x Appointed Forwarder for a link is inhibited and receives a native frame in VLAN-x that would normally be ingressed from that link, the native frame isignoredignored, except for address learning.AnA TRILL switch with one or more unexpired inhibition timers, possibly including an unexpired inhibition timer covering VLAN-x, is still required to indicate in TRILL Hellos it sends on VLAN-x whether or not it is Appointed Forwarder for VLAN-x for the port on which it sends the Hello.3.23.2. Root Bridge Change Inhibition Optimizations The subsections below specify three optimizations that can reduce the inhibition time of an RBridge port under certain circumstances for changes in the root Bridge ID [802.1Q] being received by that port and thus decrease any transient interruption inend stationend-station service due to inhibition. TRILL switches MAY implement these optimizations. In theINTERNET-DRAFT TRILL: Appointed Forwardersfirst two optimizations, inhibition can be eliminated entirely under some circumstances. These optimizations are a bit heuristic in that with some unlikely multiple changes in a bridged LAN that occursimultaneouslysimultaneously, or nearlysoso, the optimizations make transient looping more likely.3.2.13.2.1. Optimization for Change to Lower Priority Assume that the root Bridge ID being received on an RBridge port changes to a new root Bridge ID with lower priority and a different root Bridge MAC address due to a single change in the bridged LAN. There are two possible reasons for this:(1) the1. The bridged LAN to which the port is connected has partitioned into two or more parts due to link failure or otherwise, and the port is connected to a part that does not contain the original rootbridge; (2) thebridge. 2. The original root bridge has been reconfigured to have a lowerprioritypriority, and a new root has taken over. Both of these scenarios are safe conditions that do not require inhibition.3.2.23.2.2. Optimization for Change to Priority Only Assume that the root Bridge ID changes due to a single change in the bridged LAN but only the explicit priority portion of it changes. This means that the 48-bit MAC address portion of the root Bridge ID is unchangedsoand the root bridge has been reconfigured to have a differentpriority butpriority. Thus, the same bridge isrootroot, andthere has been noa topologychange.change is not indicated. Thus, it is safe to ignore this sort of root Bridge ID change and not invoke the inhibition mechanism.3.2.3 Settling3.2.3. Optimizing the DetectionOptimization Theof Completed Settling A dangerous case is the merger of bridged LANs that had been separate TRILL links in the same campus. In general, these links may have had different Appointed Forwarders on them for the same VLAN. Without inhibition,after the merger, you could haveloops involving thoseVLANs. (OnlyVLANs could occur after the merger. Only native frames egressed and ingressed by RBridges are a potential problem. TRILLdataData packets are either 1. individually addressed (TRILL Header M bit = 0) and will be ignored if delivered to any incorrect TRILL switchports,ports or 2. multicast (TRILL Header M bit = 1), in which case the Reverse Path Forwarding Check discards any copies delivered to incorrect TRILL switch ports.ThusThus, there is no need for inhibition to affect the sending or receiving of TRILLdata packetsData packets, and inhibition does not doso.) INTERNET-DRAFT TRILL: Appointed Forwardersso. However, root bridge change inhibition is only needed until TRILL Hellos have been exchanged on the merged bridged LAN. Hellos indicate Appointed Forwarder status and, in general, after an exchange of Hellos the new merged bridged LAN link will, if necessary, be rendered TRILL loop safe by VLAN inhibition so that root bridge change inhibition isnotno longer needed. TRILL switches are required to advertise in their link state the IDs of the root Bridge IDs they can see. If an RBridge port sees a change in root Bridge ID from Root1 to Root2, it is safe to terminate root bridge change inhibition on that port as soon as Hellos have been received on the port from all RBridges that can see Root1 orRoot2Root2, except any such RBridge that is no longer reachable. In further detail, when a change from Root1 to Root2 is noticed at a port of RB1, RB1 associates with that port a list of all of the reachable RBridges, other than itself, that had reported in theirLSPLSPs that they could see either Root1 or Root2. It then removes from this list any RBridge that becomes unreachable from RB1 or from which it has received a Hello on that port. If there is a subsequent change in root Bridge ID being received before this list is empty, say to Root7, then those RBridges reporting in theirLSPLSPs that they can see Root7 are added to the list. Root bridge change inhibition can be terminated for the port as soon as either the timeout isreachreached or this list of RBridges is empty. If the optimizations described in Sections 3.2.1 and/or 3.2.2 are in effect at an RBridge port and indicate that no inhibition is needed, then the mechanism described in this section is not needed either.INTERNET-DRAFT TRILL: Appointed Forwarders4. Optional TRILL Hello Reduction If a network manager has sufficient confidence that they know the configuration of bridges, ports, and the like, within an Ethernet link, they may be able to reduce the number of TRILL Hellos sent on that link by sending Hellos in fewerVLANs;VLANs -- for example, if all TRILL switches on the link will see all Hellos without VLAN constraints. However, because adjacencies are established in the Designated VLAN, an RBridge MUST always attempt to send Hellos in the Designated VLAN. Hello reduction makes TRILL less robust in the face of decreased VLAN connectivity within a link, such as partitioned VLANs, VLANs disabled on ports, or disagreement over the Designated VLAN; however, as long as all RBridge ports on the link are configured for the same Desired DesignatedVLAN,VLAN [RFC6325], can see each other's frames in that VLAN, and utilize the mechanisms specified below to update VLAN inhibition timers, operations will be safe. (These considerations do not arise on links between RBridges that are configured aspoint-to-pointpoint to point, since, in that case, each RBridge sends point-to-point Hellos, other TRILL IS-IS PDUs, and TRILL Data frames only in what it believes to be the Designated VLAN of the link (although it may send themun- tagged)untagged) and no native frame end-station service is provided. Thus, for such links, there is no reason to send Hellos in anyotherVLAN other than the Designated VLAN.) The provision for a configurable set of "Announcing VLANs", as described in Section 4.4.3 of [RFC6325], provides a mechanism in the TRILL base protocol for a reduction in TRILL Hellos. To maintain loop safety in the face of occasional lost frames, RBridge failures, link failures, new RBridges coming up on a link, and the like, the inhibition mechanism specified in Section 3 is still required. Strictly following Section 3, a VLAN inhibition timer can only be set by the receipt of a Hello sent or received in that VLAN. Thus, to safely send a reduced number of TRILL Hellos on a reduced number of VLANs requires additional mechanisms to set the VLAN inhibition timers at anRBridge, thus extending Section 3.RBridge. Two suchmechanisms aremechanisms, specifiedbelow.below, expand upon the mechanisms provided in Section 3. Support for both of these mechanisms is indicated by a capability bit in the PORT-TRILL-VER sub-TLV (Section 5.4 of [RFC7176]). It may be unsafe for an RBridge to send TRILL Hellos on fewer VLANs than the set of VLANs recommended in [RFC6325] on a link unless all its adjacencies on that link (excluding those in the Down state [RFC7177]) indicate support of these mechanisms and these mechanisms are in use. 1. An RBridge RB2 MAY include in any TRILL Hello an Appointed Forwarders sub-TLV [RFC7176] appointing itself for one or more ranges of VLANs. The Appointee Nickname field(s) in theself- appointmentself-appointment AppointedForwarderForwarders sub-TLV MUST be the same as the Sender Nickname in the Special VLANs and Flags sub-TLV in theINTERNET-DRAFT TRILL: Appointed ForwardersTRILL Hellos sent by RB2. This indicates that the sending RBridge believes that it is Appointed Forwarder for those VLANs.An RBridge receiving such a sub-TLV setsFor each ofitsan RBridge's VLAN inhibition timers for every VLAN in the block or blocks listed in the Appointed Forwarderssub-TLV tosub-TLV, themaximum ofRBridge sets that timer to either (1) its current valueandor (2) the Holding Time of the Hello containing thesub-TLV.sub-TLV, whichever is longer. This is backward compatible. That is, such sub-TLVs will have no effect on any legacy receiving RBridge not implementing this mechanism unless RB2, the sending RBridge, is the DRB(Designated RBridge)sending Hellos on the Designated VLAN. If RB2 is the DRB, it MUST include in the Hello all forwarder appointments, if any, for RBridges other than itself on the link. 2. An RBridge MAY use the VLANs Appointed sub-TLV [RFC7176]. When RB1 receives a VLANs Appointed sub-TLV in a TRILL Hello from RB2 on any VLAN, RB1 updates the VLAN inhibition timers for all the VLANs that RB2 lists in that sub-TLV as VLANs for which RB2 is Appointed Forwarder. Each such timer is updated tothe maximum of(1) its current valueandor (2) the Holding Time of the TRILL Hello containing the VLANs Appointedsub-TLV.sub-TLV, whichever is longer. This sub-TLV will be an unknown sub-TLV to RBridges not implementing it, and such RBridges will ignore it. Even if a TRILL Hello sent by the DRB on the Designated VLAN includes one or more VLANs Appointedsub- TLVs,sub-TLVs, as long as no Appointed Forwarders sub-TLVs appear, the Hello is not required to indicate all forwarder appointments. Two different encodings are provided above to optimize the listing of VLANs. Large blocks of contiguous VLANs are more efficiently encoded with the Appointed Forwarders sub-TLV, and scattered VLANs are more efficiently encoded with the VLANs Appointed sub-TLV. These encodings may be mixed in the same Hello. The use of these sub-TLVs does not affect the requirement that the"AF"AF bit in the Special VLANs and Flags sub-TLV MUST be set if the originating RBridge believes that it is Appointed Forwarder for the VLAN in which the Hello is sent. If the above mechanisms are used on a link, then each RBridge on the link MUST send Hellos in one or more VLANs with such VLANs Appointed sub-TLV(s) and/or self-appointment Appointed Forwarders sub-TLV(s), and the"AF"AF bit is appropriately set such that no VLAN inhibition timer will improperly expire unless three or more Hellos are lost. For example, an RBridge could announce all VLANs for which it believes that it is Appointed Forwarder in a Hello sent on the Designated VLAN three times per Holding Time.INTERNET-DRAFT TRILL: Appointed Forwarders5. Multiple Ports on the Same Link A TRILL switch may have multiple ports on the same link. Some of these ports may be suspended due to MAC addressduplicationduplication, as described in [RFC7177]. Suspended ports never ingress or egress native frames. If a TRILL switch has one or more non-suspended ports on a link and those ports offerend station service,end-station service -- that is, those ports are not configured as point-to-point or trunkports,ports -- then that TRILL switch is eligible to be an Appointed Forwarder for that link. It can become Appointed Forwarder in the ways discussed in Section 2. If a TRILL switch that is the Appointed Forwarder for VLAN-x on a link has multiple non-suspended ports on that link, it mayload shareload-share the task of ingressing and egressing VLAN-x native frames across those ports however it chooses, as long as there is no case in which a frame it egresses onto the link from one port can be ingressed on another one of its ports, creating a loop. If the TRILL switch is the Appointed Forwarder for multiple VLANs, a straightforward thing to do would be to partition those VLANs among the ports it has on the link.INTERNET-DRAFT TRILL: Appointed Forwarders6. Port-Shutdown Messages A TRILL switch may note that one of its ports hasfailedfailed, or it may be about to shut down that port. If the port is on a link along with ports of other TRILL switches, those TRILL switches will not notice the port shutdown or failure using TRILL base protocol mechanisms until there is a failure to receive a number of Hellos from that port. This can take many seconds. Network topology (adjacencies) and forwarder appointments can react more rapidly to port shutdown or failure through explicit notification. As discussed below, this notification SHOULD be provided through the Port-Shutdown message.6.16.1. Planned Shutdown and Hellos A TRILL switch that is shutting down one of its portsP1(say P1) soon SHOULD reduce its Holding Time on that port, so that the shutdown will be more rapidly noticed by adjacent RBridges that might not support thePort ShutdownPort-Shutdown message.6.26.2. Port-Shutdown Message Structure The Port-ShutdownMessagemessage is an RBridge ChannelMessagemessage [RFC7178] using RBridge ChannelprotocolProtocol numbertbd5.0x006. The payload specific to the Channel Protocolspecific payloadconsists of a list of Port IDs (see Section 4.4.2 of [RFC6325]) for the port or ports that have failed or are beingshutdownshut down, as shown in the diagram below. Support for thePort ShutdownPort-Shutdown message is advertised by simply advertising support for its RBridge ChannelprotocolProtocol in the RBridge Channel ProtocolsSub-TLVsub-TLV [RFC7176].INTERNET-DRAFT TRILL: Appointed Forwarders0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 TRILL Header: +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | V |A|C|M| RESV |F| Hop Count | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Egress Nickname | Ingress Nickname | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Special Inner.MacDA = All-Egress-RBridges | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Special Inner.MacDAcont.(cont.) | Inner.MacSA | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Inner.MacSAcont.(cont.) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | VLAN Tag Ethertype=0x8100 | Priority=7, DEI=0, VLAN ID=1 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ RBridge Channel Header: +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | RBridge-Chan. Ethertype=0x8946| CHV=0 | ChannelProtocol=tbd5 |Protocol=0x006| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Flags | ERR=0 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Information specific to the Port-Shutdown Channel Protocol: +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Port ID 1 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Port ID 2 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Port ID K | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+6.36.3. Port-Shutdown Message Transmission For robustness, a TRILL switch sends a configurable number of copies of Port-Shutdown messages separated by a configurable time interval. The default number of copies is two, although this can be configured as one copy or as three copies, and the default interval is 20 milliseconds (see Section 6.6). As with anyadjacency critical"adjacency critical" message, the Port-ShutdownMessagemessage SHOULD be sent with the highest priority, which is priority77, and SHOULD NOT be marked asdrop eligible."drop eligible". If a failure of port P1 on RBridge RB2 is detected by RB2, then the Port-Shutdown message announcing this failure is sequentially unicast through the rest of the TRILL campus to all RBridges (1) with which P1 had an adjacency andwhich(2) that are advertising support for the Port-Shutdown RBridge Channelprotocol. INTERNET-DRAFT TRILL: Appointed ForwardersProtocol. If a port shutdown is planned withinone1 second, then the TRILL switch ceases to send Hellos out of the port being shut down and either (1) sends the Port-Shutdown message to RBridge ports on the link advertising support of the Port-Shutdown RBridge Channelprotocol,Protocol or (2) broadcasts the Port-Shutdown message announcing this event through the port as follows: - The Outer.MacDA is the All-RBridges multicast address. - If an outer VLAN tag is present, it specifies thedesignatedDesignated VLAN for the link, SHOULD specify priority 7, and SHOULD NOT specifydrop eligible."drop eligible". - In the TRILL Header, the egress nickname isAll-RBridgesAll-RBridges, and the M bit in the TRILL Header is set to 0. - In the RBridge Channel Header, the MH and NA bits are zero. There is no need for a special message to indicate that a port P1 has come back up or that a shutdown has been"cancelled"."canceled". This is indicated by simply sending Hellos out of port P1.6.46.4. Port-Shutdown Message Reception When a TRILL switch RB1 receives a Port-Shutdownmessagemessage, RB1 checksthatto see if the ingress nickname specifies some TRILL switch RB2 with which RB1 has one or more adjacencies. If so, it drops those adjacencies that are to RB2 ports whose Port IDs are listed in the Port-Shutdown message. There could be more than one if RB2 had multiple ports on the link that are going down. If RB1 is the DRB and this eliminates all adjacencies on a link between the DRB and RB2, then, for all VLANs whose ingress/egress was being handled by RB2, the DRB either starts actinganas Appointed Forwarder or appoints some new TRILL switch with which it has adjacency as Appointed Forwarder.6.56.5. Port-Shutdown Message Security Port-Shutdown messages can be secured through the use of the RBridge ChannelTunnelHeader Extension securityfeaturesfeature [RFC7978].6.66.6. Port-Shutdown Configuration There are two Port-Shutdown configurationparameters (seeparameters, as listed below. Section6.3): INTERNET-DRAFT TRILL: Appointed Forwarders6.3 provides details regarding their use. Parameter Default Range--------- --------- ---------------------- ---------------- --------------------- PShutdownRepeat 2 1-3 PShutdownDelay20ms 0-100020 milliseconds 0-1,000 millisecondsINTERNET-DRAFT TRILL: Appointed Forwarders7. FGL-VLAN Mapping Consistency Checking TRILL switches support 24-bitFine GrainedFine-Grained Labels as specified in [RFC7172].BasicallyBasically, a VLAN ID in native traffic between an edge TRILL switch and an end station is mapped from/to an FGL as an Inner.Label in TRILL Data packets. Since the Appointed Forwarder for a VLAN will be ingressing and egressing such native traffic, the mapping configured at the Appointed Forwarder is the mapping performed. However, the Appointed Forwarder for VLAN-x on a link can change for reasons discussed elsewhere in this document.ThusThus, all TRILL switches on a link that are configured withaan FGL-VLAN mapping SHOULD be configured with the same mapping.OtherwiseOtherwise, traffic might unpredictably jump from one FGL to another when the Appointed Forwarder changes. TRILL switches SHOULD advertise their mapping on the link using the FGL-VLAN-Bitmap and FGL-VLAN-Pairs APPsub-TLVs (Sections 10.4 and 10.5) so that consistency checking can be automated. A TRILL switch SHOULD compare the FGL-VLAN mappings that it sees advertised by other TRILL switches on a link with its own and alert the network operator if they are inconsistent.Inconsistent"Inconsistent" means that (1) one TRILL switch maps FGL-z to VLAN-x while another maps FGL-z to VLAN-y or (2) one TRILL switch maps VLAN-x to FGL-w while another maps VLAN-x to FGL-z, all on the same link. Depending on how the network is being managed, a transient inconsistency may not be a problem.ThusThus, the network operator SHOULD NOT be alerted unless the inconsistency persists for a period of timewhichthat defaults to the TRILL switch's Holding Time and is configurable to betweenzero0 seconds and 2**16 - 1secondsseconds, where 2**16 - 1 is a special value and indicates that such alerts are disabled.INTERNET-DRAFT TRILL: Appointed Forwarders8. Support of E-L1CS All TRILL switches MUST support the E-L1CS flooding scope [RFC7356],E-L1FS flooding scopeExtended Level 1 Flooding Scope (E-L1FS) [RFC7780], and base LSPs [IS-IS]. It will be apparent to any TRILL switch on a link if any other TRILL switch on the link is a legacy implementation not supporting E-L1CS because, as stated in [RFC7780], all TRILL switches MUST include aScopedScope Flooding Support TLV [RFC7356] in all TRILL Hellos they send. This support of E-L1CS increases the amount of information from each TRILL switch that can be synchronized on the link, compared with the information capacity of Hellos, by several orders of magnitude. For robustness, E-L1CS PDUs (FS-LSP fragments, E-L1CSFS-CSNPs,FS-CSNPs (Flooding Scope Complete Sequence Number PDUs) [RFC7356], and E-L1CSFS-PSNPs)FS-PSNPs (Flooding Scope Partial Sequence Number PDUs) [RFC7356]) MUST NOT exceed14701,470 bytes in length; however, any such E-L1CS PDU that is received that is longer than14701,470 bytes is processed normally. As with any type of IS-IS LSP, FS-LSPs are identified by the System ID of the originating router (TRILL switch) and the fragment number. In particular, there is no port identifier in the header ofaan E-L1CS PDU.ThusThus, a TRILL switch RB1 with more than one non-suspended port on a link (Section 5) transmitting such a PDU MAY transmit it out of any one or more of such ports. RB1 will generally receive such a PDU that other TRILL switches send on all of RB1's ports on the link. In addition, with multiple ports on the link, it will receive any such PDU that it sends on the ports it has on the link other than the transmitting port.8.1 Backwards8.1. Backward Compatibility Future TRILL specifications making use of E-L1CS MUST specify how situations involving a TRILL link will be handled when one or more TRILL switches attached to that link support E-L1CS and one or more do not.INTERNET-DRAFT TRILL: Appointed Forwarders9. Security Considerations This document provides improved documentation of the TRILL Appointed Forwarder mechanism. It does not change the security considerations of the TRILL base protocol as described in Section 6 of [RFC6325]. The Port-Shutdown messages specified in Section 6 are sent using the RBridge Channel facility [RFC7178]. Such messages SHOULD be secured through the use of the RBridge Channel Header Extension [RFC7978]. If they are not adequately secured, they are a potentialdenial of servicedenial-of-service vector. The E-L1CS FS-LSPs added by Section68 are a type of IS-IS PDU [RFC7356]. As such, they are securable through the addition of Authentication TLVs [RFC5310] in the same way as Hellos or otherIS- ISIS-IS PDUs.INTERNET-DRAFT TRILL: Appointed Forwarders10. Code Points and Data Structures This section provides IANAConsiderationsconsiderations for this document and specifies thestructurestructures of theAppointment Bitmap, Appointment List,AppointmentBitmap, AppointmentList, VLAN-FGL Mapping Bit Map, and VLAN-FGL Mapping Pairs APPsub-TLVs. These APPsub-TLVsappearsappear within a TRILL GENINFO TLV [RFC7357] inE- L1CSE-L1CS FS-LSPs [RFC7356].10.110.1. IANA Considerations IANAis requested to assignhas assigned four new APPsub-TLV type codes from the range below 255 andenterentered them in the "TRILL APPsub-TLV Types under IS-IS TLV 251 Application Identifier 1"Registryregistry as follows: Type Name Reference ---- -------------------------------- tbd1--------- 17 AppointmentBitmap[this document] tbd2[RFC8139] 18 AppointmentList[this document] tbd3[RFC8139] 19 FGL-VLAN-Bitmap[this document] tbd4[RFC8139] 20 FGL-VLAN-Pairs[this document][RFC8139] IANAis requested to assignhas assigned a new RBridge ChannelprotocolProtocol number in the range assigned by Standards Action [RFC5226] andupdateupdated the "RBridge Channel Protocols" registry as follows: Protocol Description Reference -------- -------------- ---------tbd5 Port Shut-Down [this document]0x006 Port-Shutdown [RFC8139] IANAis requested to updatehas updated the reference for the "Hello reduction support" bit in the "PORT-TRILL-VER Sub-TLV Capability Flags" registryon the TRILL Parameters IANA web pageto refer to this document.10.2 Appointment Bitmap10.2. AppointmentBitmap APPsub-TLV TheAppointment BitmapAppointmentBitmap APPsub-TLV provides an efficient method for a TRILL switch to indicate which TRILL switches it appoints as forwarders for which VLAN IDs when those VLAN IDs are relativelycompact, thatcompact (that is, they do not span a large numericrange.range). Such an appointment is only effective when the appointing TRILL switch is the DRB.INTERNET-DRAFT TRILL: Appointed Forwarders1 1 1 1 1 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | (2 bytes) +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Length | (2 bytes) +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Appointee Nickname | (2 bytes) +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | RESV | Starting VLAN ID | (2 bytes) +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Bit Map ... (variable) +-+-+-+-+-+-+-+-... o Type: APPsub-TLV type, set to AppointmentBitmap sub-TLVtbd1.17. o Length: 4 + size of bit map in bytes. If Length is less than 4, the APPsub-TLV is corrupt and MUST be ignored. o Appointee Nickname: The nickname of the TRILL switch being appointedaas forwarder. o RESV: 4 bits that MUST be sent as zero and ignored on receipt. o Starting VLAN ID: The smallest VLAN ID to which the bits in the Bit Map correspond. o Bit Map: A bit map of the VLANs for which the TRILL switch withappointee nicknameAppointee Nickname is appointed as the forwarder. The size of the bit map is length minus 4. If the size of the bit map is zero, no appointments are made. Each bit in the Bit Map corresponds to a VLAN ID. Bit 0 is for the VLAN whose ID appears in the Starting VLAN ID field. Bit 1 is for that VLAN ID plus 1 (treating VLAN IDs as unsigned integers) and soonon, with Bit N generally being Starting VLAN ID plus N. VLAN 0x000 and VLAN0xFFF0xFFF, or any largerIDID, are invalid and are ignored. If theAppointment BitmapAppointmentBitmap APPsub-TLV is originated by the DRB on a link, it appoints the TRILL switch whose nickname appears in the Appointee Nickname field for the VLAN IDs corresponding to 1 bits in the Bit Map and revokes any Hello appointment of that TRILL switch for VLANs corresponding to 0 bits in the Bit Map.10.3 Appointment List10.3. AppointmentList APPsub-TLV TheAppointment ListAppointmentList APPsub-TLV provides a convenient method for a TRILL switch to indicate which TRILL switches it appoints asINTERNET-DRAFT TRILL: Appointed Forwardersforwarders for which VLAN IDs. Such an appointment is only effective when the appointing TRILL switch is the DRB. 1 1 1 1 1 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | (2 bytes) +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Length | (2 bytes) +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Appointee Nickname | (2 bytes) +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | RESV | VLAN ID 1 | (2 bytes) +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | RESV | VLAN ID 2 | (2 bytes) +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | RESV | VLAN ID k | (2 bytes) +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ o Type: APPsub-TLV type, set to AppointmentList sub-TLVtbd2.18. o Length:2+2*k.2 + 2 * k. If Length is not an even number, the APPsub-TLV is corrupt and MUST be ignored. o Appointee Nickname: The nickname of the TRILL switch being appointedaas forwarder. o RESV: 4 bits that MUST be sent as zero and ignored on receipt. o VLAN ID: A 12-bit VLAN ID for which the appointee is being appointed as the forwarder. Type and Length are 2bytesbytes, because these are extended FS-LSPs. This APPsub-TLV, when originated by the DRB, appoints the TRILL switch with Appointee Nickname to be the Appointed Forwarder for the VLAN IDs listed.10.4 FGL-VLAN Mapping Bitmap10.4. FGL-VLAN-Bitmap APPsub-TLV TheFGL-VLAN Mapping BitmapFGL-VLAN-Bitmap APPsub-TLV provides a method for a TRILL switch to indicatethe FGLmappings of FGLs to VLANID mappingsIDs that it is configured to perform when egressing and ingressing native frames. The coding is efficient when both of the following apply: - the VLAN IDs arecompact, thatcompact (that is, they do not span a large numericrange,range), and - the FGLs andVLANsVLAN IDs are paired in a monotonically increasing fashion.INTERNET-DRAFT TRILL: Appointed Forwarders1 1 1 1 1 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | (2 bytes) +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Length | (2 bytes) +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | RESV | Starting VLAN ID | (2 bytes) +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Starting FGL | (3 bytes) +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Bit Map ... (variable) +-+-+-+-+-+-+-+-... o Type: APPsub-TLV type, set to VLAN-FGL-Bitmap sub-TLVtbd3.19. o Length: 5 + size of bit map in bytes. If Length is less than 5, the APPsub-TLV is corrupt and MUST be ignored. o RESV: 4 bits that MUST be sent as zero and ignored on receipt. o Starting VLAN ID: Initial VLAN ID for the mapping information as discussed below. o Starting FGL:Fine GrainedFine-Grained Label[RFC7172][RFC7172]. o Bit Map: Map of bits forVLANs to FGLVLAN-ID-to-FGL mappings. The size of the bit map is Length minus 5. If the size of the bit map is zero, no mappings are indicated. Each bit in the Bit Map corresponds to a VLAN ID and to an FGL. Bit 0 is for the VLAN whose ID appears in the Starting VLAN ID field and theFine GrainedFine-Grained Label that appears in the FGL field. Bit 1 is for that VLAN ID plus 1 and that FGL plus 1 (treating VLAN IDs and FGLs as unsigned integers) and soonon, with Bit N generally being Starting VLAN ID plus N and FGL plus N. If a Bit Map bit is a 1, it indicates that the advertising TRILL switch will map between the corresponding VLAN ID and FGL on ingressing native frames and egressing TRILL Data packets if it is Appointed Forwarder for the VLAN. If a Bit Map bit is a 0, it does not indicate any configured mapping of the VLAN ID toFGL mapping.the FGL. However, VLAN ID 0x000 and VLAN ID 0xFFF or any larger ID areinvalidinvalid, and FGLs larger than 0xFFFFFF are invalid; any Bit Map bits thatcorrespondscorrespond to an illegal VLAN ID or an illegal FGLisare ignored.INTERNET-DRAFT TRILL: Appointed Forwarders 10.5 FGL-VLAN Mapping Pairs10.5. FGL-VLAN-Pairs APPsub-TLV TheFGL-VLAN Mapping PairsFGL-VLAN-Pairs APPsub-TLV provides a method for a TRILL switch to indicate a list ofFGLthe mappings of FGLs to VLANID mappingsIDs that it is configured to perform when egressing and ingressing native frames. +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | (2 bytes) +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Length | (2 bytes) +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-=-+-...-+-+-+ | Mapping RECORD 1 | (5 bytes) +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-=-+-...-+-+-+ | Mapping RECORD 2 | (5 bytes) +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-=-+-...-+-+-+ | ... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-=-+-...-+-+-+ | Mapping RECORD k | (5 bytes) +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-=-+-...-+-+-+ Where a Mapping RECORD has the following structure: +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | RESV | VLAN ID | (2 bytes) +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | FGL | (3 bytes) +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ o Type: APPsub-TLV type, set to VLAN-FGL-Pairs sub-TLVtbd4.20. o Length:5*k.5 * k. If Length is not a multiple of 5, the APPsub-TLV is corrupt and MUST be ignored. o RESV: 4 bits that MUST be sent as zero and ignored on receipt. o VLAN ID: 12-bit VLAN label. o FGL:Fine GrainedFine-Grained Label[RFC7172][RFC7172]. Each Mapping RECORD indicates that the originating TRILL switch is configured to map between the FGL and VLAN given on egressing and ingressing native frames. However, VLAN ID 0x000 and VLAN ID 0xFFF are invalid; any Mapping RECORD that corresponds to an illegal VLAN ID is ignored.INTERNET-DRAFT TRILL: Appointed Forwarders11. Management Considerations This document primarily adds optional enhancements oroptimizationsoptimizations. The only configuration parameters specified in this document are the number and frequency of copiessentofthe Port Shutdown messagePort-Shutdown messages sent, as specified in Section 6.6. TRILL switch support of SNMPv3 is provided in the TRILL base protocol document[RFC6325] and[RFC6325]. MIBs have been specified in [RFC6850] and[RFC7784][RFC7784], but they do not include the configurable parameters specified herein. It is anticipated that YANG modules will be specified for TRILL.INTERNET-DRAFT TRILL: Appointed Forwarders12. References 12.1. Normative References [802.1Q]- IEEE 802.1,IEEE, "IEEE Standard for Local and metropolitan areanetworks - Virtualnetworks--Bridges and BridgedLocal AreaNetworks", IEEE Std 802.1Q-2014,19 December 2014.DOI 10.1109/ieeestd.2014.6991462, <http://ieeexplore.ieee.org/ servlet/opac?punumber=6991460>. [IS-IS]-ISO/IEC 10589:2002, Second Edition, "Intermediate System to Intermediate System Intra-Domain Routeing Exchange Protocol for use in Conjunction with the Protocol for Providing the Connectionless-mode Network Service (ISO 8473)", November 2002. [RFC2119]-Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, <http://www.rfc-editor.org/info/rfc2119>. [RFC6325]-Perlman, R., Eastlake 3rd, D., Dutt, D., Gai, S., and A. Ghanwani, "Routing Bridges (RBridges): Base Protocol Specification", RFC 6325, DOI 10.17487/RFC6325, July 2011,<http://www.rfc- editor.org/info/rfc6325>.<http://www.rfc-editor.org/info/rfc6325>. [RFC6329]-Fedyk, D., Ed., Ashwood-Smith, P., Ed., Allan, D., Bragg, A., and P. Unbehagen, "IS-IS Extensions Supporting IEEE 802.1aq Shortest Path Bridging", RFC 6329, DOI 10.17487/RFC6329, April 2012,<http://www.rfc- editor.org/info/rfc6329>.<http://www.rfc-editor.org/info/rfc6329>. [RFC7172]-Eastlake 3rd, D., Zhang, M., Agarwal, P., Perlman, R., and D. Dutt, "Transparent Interconnection of Lots of Links (TRILL): Fine-Grained Labeling", RFC 7172, DOI 10.17487/RFC7172, May 2014, <http://www.rfc-editor.org/info/rfc7172>. [RFC7176]-Eastlake 3rd, D., Senevirathne, T., Ghanwani, A., Dutt, D., and A. Banerjee, "Transparent Interconnection of Lots of Links (TRILL) Use of IS-IS", RFC 7176, DOI 10.17487/RFC7176, May 2014, <http://www.rfc-editor.org/info/rfc7176>. [RFC7177]-Eastlake 3rd, D., Perlman, R., Ghanwani, A., Yang, H., and V. Manral, "Transparent Interconnection of Lots of Links (TRILL): Adjacency", RFC 7177, DOI 10.17487/RFC7177, May 2014,<http://www.rfc- editor.org/info/rfc7177>.<http://www.rfc-editor.org/info/rfc7177>. [RFC7178]-Eastlake 3rd, D., Manral, V., Li, Y., Aldrin, S., and D. Ward, "Transparent Interconnection of Lots of Links (TRILL): RBridge Channel Support", RFC 7178, DOI 10.17487/RFC7178, May 2014,<http://www.rfc- editor.org/info/rfc7178>.<http://www.rfc-editor.org/info/rfc7178>. [RFC7356]-Ginsberg, L., Previdi, S., and Y. Yang, "IS-IS Flooding Scope Link State PDUs (LSPs)", RFC 7356, DOI 10.17487/RFC7356, September 2014, <http://www.rfc-editor.org/info/rfc7356>.INTERNET-DRAFT TRILL: Appointed Forwarders[RFC7357]-Zhai, H., Hu, F., Perlman, R., Eastlake 3rd, D., and O. Stokes, "Transparent Interconnection of Lots of Links (TRILL): End Station Address Distribution Information (ESADI) Protocol", RFC 7357, DOI 10.17487/RFC7357, September 2014,<http://www.rfc- editor.org/info/rfc7357>.<http://www.rfc-editor.org/info/rfc7357>. [RFC7780]-Eastlake 3rd, D., Zhang, M., Perlman, R., Banerjee, A., Ghanwani, A., and S. Gupta, "Transparent Interconnection of Lots of Links (TRILL): Clarifications, Corrections, and Updates", RFC 7780, DOI 10.17487/RFC7780, February 2016, <http://www.rfc-editor.org/info/rfc7780>. [RFC7978]-Eastlake 3rd, D., Umair, M., and Y. Li, "Transparent Interconnection of Lots of Links (TRILL): RBridge Channel Header Extension", RFC 7978, DOI 10.17487/RFC7978, September 2016, <http://www.rfc-editor.org/info/rfc7978>. [RFC7981]-Ginsberg, L., Previdi, S., and M. Chen, "IS-IS Extensions for Advertising Router Information", RFC 7981, DOI 10.17487/RFC7981, October 2016,<http://www.rfc- editor.org/info/rfc7981>.<http://www.rfc-editor.org/info/rfc7981>. [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017, <http://www.rfc-editor.org/info/rfc8174>. 12.2. Informative References [RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an IANA Considerations Section in RFCs", BCP 26, RFC 5226, DOI 10.17487/RFC5226, May 2008, <http://www.rfc-editor.org/info/rfc5226>. [RFC5310]-Bhatia, M., Manral, V., Li, T., Atkinson, R., White, R., and M. Fanto, "IS-IS Generic Cryptographic Authentication", RFC 5310, DOI 10.17487/RFC5310, February 2009, <http://www.rfc-editor.org/info/rfc5310>. [RFC6439]-Perlman, R., Eastlake, D., Li, Y., Banerjee, A., and F. Hu, "Routing Bridges (RBridges): Appointed Forwarders", RFC 6439, DOI 10.17487/RFC6439, November 2011, <http://www.rfc-editor.org/info/rfc6439>. [RFC6850]-Rijhsinghani, A. and K. Zebrose, "Definitions of Managed Objects for Routing Bridges (RBridges)", RFC 6850, DOI 10.17487/RFC6850, January 2013,<http://www.rfc- editor.org/info/rfc6850>.<http://www.rfc-editor.org/info/rfc6850>. [RFC7379]-Li, Y., Hao, W., Perlman, R., Hudson, J., and H. Zhai, "Problem Statement and Goals for Active-Active Connection at the Transparent Interconnection of Lots of Links (TRILL) Edge", RFC 7379, DOI 10.17487/RFC7379, October 2014,<http://www.rfc- editor.org/info/rfc7379><http://www.rfc-editor.org/info/rfc7379>. [RFC7784]-Kumar, D., Salam, S., and T. Senevirathne, "Transparent Interconnection of Lots of Links (TRILL) Operations, Administration, and Maintenance (OAM) MIB", RFC 7784, DOI 10.17487/RFC7784, February 2016,<http://www.rfc- editor.org/info/rfc7784>. INTERNET-DRAFT TRILL: Appointed Forwarders<http://www.rfc-editor.org/info/rfc7784>. AppendixA:A. VLAN Inhibition Example The per-VLAN inhibition timers (or the equivalent) are needed to be loop safe in the case of misconfigured bridges on a link. For a simple example, assume that RB1 and RB2 are the only RBridges on the link, that RB1 is higher priority to be the DRB, and that they both want VLAN 1 (the default) to be the Designated VLAN. However, there is a bridge between them configured so that RB1 can see all the frames sent by RB2 but none of the frames from RB1 can get through to RB2. Both will think they are theDRB.DRB: RB1 because it is higher priority even though it sees the Hellos from RB2, and RB2 because it doesn't see the Hellos from RB1 and therefore thinks it is highest priority. Say RB1 chooses to act as Appointed Forwarder for VLANs 2 and 3 while RB2 chooses to act as Appointed Forwarder for VLANs 3 and 4. There is no problem with VLANs 2 and44, but if you do not do something about it, you could have a loop involving VLAN 3. RB1 will see the Hellos that RB2 issues on VLAN 3 declaring itself Appointed Forwarder, so RB1 will be inhibited on VLAN 3. RB2 does not see the Hellos issued by RB1 on VLAN 3, so RB2 will become uninhibited and will handle VLAN 3 native traffic. However, this situation may change. RB2 might crash, the bridge might crash,orRB2 might be reconfigured so it no longer tried to act as Appointed Forwarder for VLAN 3, or other issues may occur. So, RB1 has to maintain a VLAN 3 inhibition timer, and if it sees no Hellos from any other RBridge on the link claiming to be Appointed Forwarder for VLAN 3 for a long enough time, then RB1 becomes uninhibited for that VLAN on the port in question and can handleend stationend-station traffic in VLAN 3.INTERNET-DRAFT TRILL: Appointed ForwardersAppendixB: Changes to RFCs 6325, 6439, 7177 This document updates [RFC6325], obsoletes [RFC6439], and updates [RFC7177]. Change to [RFC6325], the TRILL base protocol, is as follows: Addition of mandatory support for E-L1CS FS-LSPs. Changes from [RFC6439], which this document obsoletes, are as follows: 1. Specify APPsub-TLVs and procedures to be used in E-L1CS FS-LSP forwarder appointments. 2. Incorporate updates to [RFC6439] that appeared in Section 10 of RFC 7180, which has been obsoleted by [RFC7780]. They appear primarily in Section 4 of this document. 3. Add optional FGL-VLAN consistency check feature including specification of APPsub-TLVs. 4. Delete references to the draft-ietf-trill-rbridge-vlan-mapping draft, which has been dropped by the TRILL WG. 5. Addition of the Port Shutdown message. 6. Eliminate requirement that the DRB not send appointments in Hellos until its DRB inhibition timer has expired. This was an unnecessary safety precaution that is pointless given that appointments in E-L1CS FS-LSPs are immediately visible. 7. Addition of three optional methods to optimize (reduce) inhibition time under various circumstances. 8. Editorial changes. Changes to [RFC7177] are as follows: As provided in Section 6, TRILL switches SHOULD treat the reception of a Port-Shutdown RBridge Channel message from RB1 listing port P1 as if it were an event A3 as specified in [RFC7177] resulting in transition of any adjacency to P1 to the Detect state. INTERNET-DRAFT TRILL: Appointed Forwarders Appendix C: Multi-Link VLAN Mapping Loop Example Assume that RBridges RB1B. Multi-Link VLAN Mapping Loop Example Assume that RBridges RB1 and RB2 have ports P1 and P2, respectively, that are both onlinkLink L1 and that RBridges RB3 and RB4 have ports P3 and P4, respectively, that are both on Link L2. Assume further that P1 and P3 are AppointedForwarderForwarders for VLAN-x and P2 and P4 are AppointedForwarderForwarders for VLAN-y. This situation is shown in the figure below. + - - - - - - - - - - - - - - - - - - - - - + | | | TRILL network | | | | +---+ +---+ +---+ +---+ | + -|RB1|- -|RB2|- - - - - - -|RB3|- -|RB4|- + +---+ +---+ +---+ +---+ P1| P2| P3| P4| | | | | |x |y |x |y | +-+ | | +-+ | L1 ---+---|M|---+--+--- L2 ---+---|M|---+--- +-+ | +-+ +---+ |ES1| +---+ Further assume that L1 and L2 are each bridged LANs that include a device M, presumably a bridge, that maps VLAN-x into VLAN-y and VLAN-y into VLAN-x. If end station ES1 originated a broadcast or other multi-destination frame in VLAN-y, it would be ingressed by RB2. (The frame would also be mapped to VLAN-x and ingressed byRB1RB1, but we initially ignore that.) RB2 will flood the resulting TRILL Data packet through thecampuscampus, and, at least in the broadcast and unknown unicast cases, it will get toRB4RB4, where it will be egressed to L2. Inside L2, this broadcast frame is mapped to VLAN-x and then ingressed by RB3. RB3 then floods the resulting TRILL Data packet through the campus, this time with an Inner.VLAN of VLAN-x, as a result of which it will be egressed by RB1 into L1. Inside L1, it will be mapped back to VLAN-y and then ingressed byRB2RB2, completing the loop. The packet will loop indefinitely, because in native form on L1 and L2 it has no TRILLhop count,Hop Count, and an indefinitely large number of copies will be delivered to ES1 and any other end station so situated. The same problem would occur even if P1 and P2 were on the same RBridge and/or P3 and P4 were on the same RBridge. Actually, because the original frame was also mapped to VLAN-x inside L1 and ingressed by RB1, there are two copies looping around in opposite directions. The use ofFine GrainedFine-Grained Labels [RFC7172] complicates but does notINTERNET-DRAFT TRILL: Appointed Forwardersessentially change the potential problem. This example shows why VLAN mapping between Appointed Forwarder ports on a TRILL link is loop unsafe. When such a situation is detected, the DRB on the link changes Appointed Forwarders as necessary to assure that a single RBridge port is Appointed Forwarder for all VLANs involved in mapping. This change makes the situation loop safe.INTERNET-DRAFT TRILL: Appointed ForwardersAppendixZ: Change RecordC. Changes to RFCs 6325, 6439, and 7177 Thisappendix summarizes changes between versionsdocument updates [RFC6325], obsoletes [RFC6439], and updates [RFC7177]. The change to [RFC6325], the TRILL base protocol, is as follows: Addition of mandatory support for E-L1CS FS-LSPs. Changes to [RFC6439], which thisdraft.document obsoletes, are as follows: 1. Specification of APPsub-TLVs and procedures to be used in E-L1CS FS-LSP forwarder appointments. 2. Incorporation of updates to [RFC6439] that appeared in Section 10 of RFCEditor: Please delete7180, which has been obsoleted by [RFC7780]. They appear primarily in Section 4 of thisAppendix before publication. Initial WGdocument. 3. Addition of an optional FGL-VLAN consistency check feature, including specification of APPsub-TLVs. 4. Deletion of references to the October 2011 version-00 From -00 to -01 Primarily editorial changes based on review by Gayle Noble. From -01 to -02 Primarily editorial changes based on RTGDIR QA reviewof the document "RBridges: Campus VLAN and Priority Regions" (draft-ietf-trill-rbridge-vlan-mapping), which has been dropped byJoel Halpern. From -03the TRILL WG. 5. Addition of the Port-Shutdown message. 6. Elimination of the requirement that the DRB not send appointments in Hellos until its DRB inhibition timer has expired. This was an unnecessary safety precaution that is pointless, given that appointments in E-L1CS FS-LSPs are immediately visible. 7. Addition of three optional methods (Section 3.2) to-04 Update references and incorporate changesoptimize (reduce) inhibition time under various circumstances. 8. Editorial changes. Changes to [RFC7177] are as follows: As provided in Section 6, TRILL switches SHOULD treat the reception of a Port-Shutdown RBridge Channel message fromSECDIR review. From -04RB1 listing port P1 as if it were an event A3 as specified in [RFC7177], resulting in transition of any adjacency to-05 ChangesP1 toresolve GENART, RTG DIR, OPS DIR, and IESG comments. Acknowledgementsthe Detect state. Acknowledgments The following are hereby thanked for their contributions to this document: Spencer Dawkins, ShawnMM. Emery, Stephen Farrell, Joel Halpern, Sue Hares, Christer Holmberg, Gayle Noble, Alvaro Retana, Dan Romascanu, and MinguiZhangZhang. The followingwere acknowledged andare thankedby in [RFC6439] or were an author offor their contributions to [RFC6439], the predecessor to this document: Ron Bonica, Stewart Bryant, Linda Dunbar, Les Ginsberg, Erik Nordmark,Radia Perlman,Dan Romascanu, and Mike Shand. We also thank Radia Perlman, who coauthored [RFC6439]. Authors' Addresses Donald Eastlake 3rd Huawei Technologies 155 Beaver Street Milford, MA 01757USAUnited States of America Phone: +1-508-333-2270EMail:Email: d3e3e3@gmail.com Yizhou Li Huawei Technologies 101 SoftwareAvenue,Avenue Nanjing210012,210012 China Phone: +86-25-56622310EMail:Email: liyizhou@huawei.com Mohammed UmairIPinfusion EMail:IP Infusion Email: mohammed.umair2@ipinfusion.com Ayan Banerjee Cisco Systems 170 West Tasman Drive San Jose, CA 95134USAUnited States of America Phone: +1-408-333-7149EMail:Email: ayabaner@cisco.com Fangwei Hu ZTE Corporation 889 Bibo Road Shanghai 201203 China Phone: +86-21-68896273EMail:Email: hu.fangwei@zte.com.cn