Deprecating the Use of Router Alert in LSP Ping

LSP ping detects data-plane failures in MPLS Label Switched Paths (LSPs). It can operate in “ping mode” or “traceroute mode”. When operating in ping mode, it verifies end-to-end LSP continuity. When operating in traceroute mode, it can localize failures to a particular node along an LSP. LSP ping defines a probe message, called the “MPLS echo request”. It also defines a response message, called the “MPLS echo reply”. Both messages are encapsulated in UDP and IP. The echo request message is further encapsulated in an MPLS label stack. When operating in ping mode, LSP ping sends a single echo request message, with the MPLS TTL set to a high value (e.g., 255). This message is intended to reach the egress Label Switching Router (LSR). When operating in traceroute mode, MPLS ping sends multiple echo request messages. It manipulates the MPLS TTL so that the first message expires on the first LSR along the path and subsequent messages expire on subsequent LSRs. The IP header that encapsulates an echo request message must include a Router Alert Option (RAO), while the IP header that encapsulates an echo reply message may include an RAO. In both cases, the rationale for including an RAO is questionable. Furthermore, identifies security vulnerabilities associated with the RAO and recommends against its use outside of controlled environments. Therefore, this document removes the RAO from both LSP ping message encapsulations. It updates RFCs 7506 and 8029.

The key words “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL NOT”, “SHOULD”, “SHOULD NOT”, “RECOMMENDED”, “NOT RECOMMENDED”, “MAY”, and “OPTIONAL” in this document are to be interpreted as described in BCP 14 when, and only when, they appear in all capitals, as shown here. Label Switched Path Label Switching Router Router Alert Option

While the MPLS echo request message must traverse every node in the LSP under test, it must not traverse any other node. Specifically, the message must not be forwarded beyond the egress Label Switching Router (LSR). To achieve this, RFC 8029 proposes the following: When the echo request message is encapsulated in IPv4, the IPv4 destination address must be chosen from the subnet 127/8. When the echo request message is encapsulated in IPv6, the IPv6 destination address must be chosen from the subnet 0:0:0:0:0:FFFF:7F00:0/104. When the echo request message is encapsulated in IPv4, the IPv4 TTL must be equal to 1. When the echo request message is encapsulated in IPv6, the IPv6 Hop Limit must be equal to 1. When the echo request message is encapsulated in IPv4, the IPv4 header must include an RAO. When the echo request message is encapsulated in IPv6, the IPv6 header chain must include a Hop-by-hop extension header and the Hop-by-hop extension header must include an RAO. Currently, ALL of these are required. However, any one is sufficient to prevent forwarding the packet beyond the egress LSR. Therefore, this document RECOMMENDS removing Requirement 3 from RFC 8029. The authors are not aware of any implementation that relies on the RAO to prevent packets from being forwarded beyond the egress LSR.

An LSP ping replies to the MPLS echo message with an MPLS echo reply message. It has four reply modes: Do not reply Reply via an IPv4/IPv6 UDP packet Reply via an IPv4/IPv6 UDP packet with Router Alert Reply via application-level control channel The rationale for mode 3 is questionable, if not wholly misguided. According to RFC 8029, “If the normal IP return path is deemed unreliable, one may use 3 (Reply via an IPv4/IPv6 UDP packet with Router Alert).” However, it is not clear that the use of the RAO increases the reliability of the return path. In fact, one can argue it decreases the reliability in many instances, due to the additional burden of processing the RAO. This document RECOMMENDS removing mode 3 from RFC 8029. The authors are not aware of any implementations of mode 3.

RFC 7506 defines the IPv6 Router Alert Option for MPLS Operations, Administration, and Management. This document RECOMMENDS that RFC 7506 be reclassified as Historic.

LSP Ping implementations SHOULD ignore RAO options when they arrive on incoming echo request and echo reply messages.

If this document is approved, mark the IPv6 RAO value of MPLS OAM (69) in as “Deprecated”. Also, mark Reply Mode 3 (“Reply via an IPv4/IPv6 UDP packet with Router Alert”) in as “Deprecated”.

The recommendations this document makes do not compromise security.