RP
Click on the red underlined text to get to the source
... multicast address allocation policy in which
the address of the RP is encoded in the IPv6 multicast group address,
...
... and specifies a PIM-SM group-to-RP mapping to use the encoding,
leveraging, and extending unicast ...
... multicast addresses as well.
It can also be used as an automatic RP discovery mechanism in those
deployment scenarios ...
... o a specification of the mapping by which such a group address
encodes the RP address that is to be used with this group, and
...
... required to include any multicast configuration, except when they act
as an RP.
This memo updates the addressing ...
... encoding is thus defined by requiring that the Interface-IDs
of RPs in the embedded-RP range can be assigned to be a specific
value.
...
... The assignment of multicast addresses is outside the scope of this
document; it is up to the RP and applications to ensure that group
addresses are unique by using some unspecified method. However, the
...
... management methods, such as Anycast-RP, are out
of scope for this document. These do not work without additional
specification or deployment ...
... multicast address
that embeds the address on the RP. Then P MUST be set to 1, and
consequently T MUST be set to 1, as specified in [RFC3306]. In
...
... bits of the previously reserved field are interpreted as embedding
the RP interface ID, as specified in this memo.
...
... specification, implementations SHOULD NOT treat the FFF0::/12 range
as Embedded-RP.
R = 0 indicates a multicast address ...
... multicast address that does not embed the address
of the RP and follows the semantics defined in [ADDRARCH] and
...
...
The address of the RP can be obtained from a multicast address
satisfying the above criteria by taking the following two steps:
...
... unicast prefixes; the multicast addresses would still use the RP
associated with the network prefix ...
...
When processing an encoding to get the RP address, the multicast
routers MUST perform at least the same address ...
... address validity checks to the
calculated RP address as to one received via other means (like BSR
...
... multicast address allocation and resulting group-
to-RP mappings are described here to better illustrate the
possibilities provided by the encoding.
...
...
The network administrator of 2001:DB8::/32 wants to set up an RP for
the network and all the customers ...
... In that case, the group addresses would be something like
"FF7x:y40:2001:DB8:BEEF:FEED::/96", and then their RP address would
be "2001:DB8:BEEF:FEED::y". There are still 32 bits ...
... As in Example 1, the network administrator of 2001:DB8::/32 wants to
set up the RP but, to make it more flexible, wants to place it on a
specifically routed subnet and wants to keep larger address space ...
... where "x" is the multicast scope, "y" is the interface ID of the RP
address, and there are 64 bits ...
... address and is injected into the routing system; if the network
administrator sets up only one or two RPs (and, e.g., not one RP per
subnet), this approach may be preferable to the one described in
...
... prefixes such as "FF7x:y20:2001:DB8:DEAD::/80" to some of customers.
In this case the RP address would still be "2001:DB8::y". (Note that
this is just a more specific subcase of Example 2, where the
...
... ids.)
Note the second rule of deriving the RP address: the "plen" field in
the multicast address ...
... network
prefix" field considered when obtaining the RP address. In this
case, only the first 32 bits ...
... here from 2001:DB8:DEAD::/48.
In short, this distinction allows more flexible RP address
configuration in the scenarios where it is desirable to have the
group addresses ...
... domain. The organization can pick multicast addresses
such as "FF7x:y30:2001:DB8:BEEF::/80", and then the RP address would
be "2001:DB8:BEEF::y".
...
... RP Redundancy ...
... RP or "anycasting" (i.e., the shared-unicast model [ANYCAST]) the RP
address in the Interior Gateway Protocol ...
... RP Deployment ...
... Designated Router connecting multicast sources could act as an RP
without scalability concerns about setting up ...
... sessions.
This might be particularly attractive when one is concerned about RP
redundancy. In the case where the DR ...
... DR close to a major source for a
group acts as the RP, a certain amount of fate-sharing properties can
be obtained without using any RP failover mechanisms: if the DR ...
... group acts as the RP, a certain amount of fate-sharing properties can
be obtained without using any RP failover mechanisms: if the DR goes
down, the multicast ...
... multicast transmission may not work anymore in any case.
Along the same lines, its may also be desirable to distribute the RP
responsibilities to multiple RPs. As long as different RPs serve
different groups ...
... groups, this is trivial: each group could map to a
different RP (or sufficiently many different RPs that the load on one
RP is not a problem). However, load sharing challenges one group ...
... different RP (or sufficiently many different RPs that the load on one
RP is not a problem). However, load sharing challenges one group
faces are similar to those of Anycast ...
... ASM model, the control and
management of who can use an RP, and how, changes slightly and
deserves explicit discussion.
...
... multicast scoping
borders at the border routers. Therefore, embedded-RP has by default
a roughly equivalent level of "protection" as MSDP with SA ...
... RP, or send PIM Join to an RP. (These have been
possible in the past as well, to a degree, but only through willful
attempts or purposeful RP ...
... RP. (These have been
possible in the past as well, to a degree, but only through willful
attempts or purposeful RP configuration at DRs.) The main threat in
this case is that an outsider may illegitimately use the RP ...
... RP configuration at DRs.) The main threat in
this case is that an outsider may illegitimately use the RP to host
his/hers own group ...
... groups or group ranges are allowed at the RP; more
specific controls are beyond the scope of this memo. Note that this
does not seem to be a serious threat in the first place, as anyone
...
... with a /64 unicast prefix can create their own RP without having to
illegitimately get it from someone else.
...
... PIM-SM modification required is implementing this mechanism
as one group-to-RP mapping method.
...
... The implementation will have to recognize the address format and
derive and use the RP address by using the rules in Section 4. This
information is used at least when performing Reverse Path Forwarding ...
... addresses in the range
FF70::/12, the Embedded-RP mapping MUST be considered the longest
possible match and higher priority than any other mechanism.
...
...
It is worth noting that compared to the other group-to-RP mapping
mechanisms, which can be precomputed, the embedded-RP mapping must be
...
... group-to-RP mapping
mechanisms, which can be precomputed, the embedded-RP mapping must be
redone for every new IPv6 group address ...
... IPv6 group address that would map to a different
RP. For efficiency, the results may be cached in an implementation-
specific manner, to avoid computation for every embedded-RP packet.
...
... RP. For efficiency, the results may be cached in an implementation-
specific manner, to avoid computation for every embedded-RP packet.
This group ...
... This group-to-RP mapping mechanism must be supported by the RP, the
DR adjacent to the senders ...
... router on the path from any
receiver to the RP. Paths for Shortest Path Tree (SPT) formation and
...
... high-level, non-normative overview of how
Embedded RP operates, as specified in the previous section.
The steps when a receiver ...
... PIM-SM Join process towards
the RP encoded in the multicast address, irrespective of whether
it is in the "local" or "remote" PIM ...
...
In fact, all the messages go as specified in [PIM-SM]; embedded-RP
just acts as a group-to-RP ...
... RP mapping mechanism. Instead of obtaining
the address of the RP from local configuration or configuration
protocols (e.g., BSR), the algorithm ...
... hierarchical in configuration and deployment, but flat with regard to
information distribution. The embedded-RP inter-domain model behaves
as if every group ...
... senders are
located. Hence, the inter-domain multicast becomes a flat, RP-
centered topology. The scaling issues are described below.
...
... unicast-encapsulated data to
their "local" RP; now they are sent to the "foreign" RP responsible
for the specific group ...
... encapsulated data to
their "local" RP; now they are sent to the "foreign" RP responsible
for the specific group. This is especially important with large
...
... receivers (and past receivers, for PIM Prunes) and the RP, in
addition to (S, G) states between the receivers and senders ...
... In both inter-domain and intra-domain cases, the embedded-RP model is
practically identical to the traditional PIM-SM in intra-domain ...
... address of the RP is tied to the multicast address, the RP
failure management becomes more difficult, as the deployed failover
...
... redundancy mechanisms (e.g., BSR, Anycast-RP with MSDP) cannot be
used as-is. However, Anycast ...
... domain-wide reachable address". What "reachable"
precisely means is not clear, even without embedded-RP. This
statement cannot be proven, especially with the foreign RPs, as one
cannot even guarantee that the RP ...
... RP. This
statement cannot be proven, especially with the foreign RPs, as one
cannot even guarantee that the RP exists. Instead of manually
configuring RPs and DRs (configuring a non-existent RP ...
... RP exists. Instead of manually
configuring RPs and DRs (configuring a non-existent RP was possible,
though rare), with this specification the hosts and users using
...
... hosts and users using
multicast indirectly specify the RP themselves, lowering the
expectancy of the RP reachability ...
... multicast indirectly specify the RP themselves, lowering the
expectancy of the RP reachability. This is a relatively significant
...
... are considered separately, but it has an advantage too: every group
has a "responsible RP" that is able to control (to some extent) who
is able to send to the group.
...
... inter-domain
multicast routing models (traditional ASM with MSDP, embedded-RP,
SSM) and their security properties ...
... multicast routing security, it may
expose the RP to other kinds of attacks. The operators are
encouraged to pay special attention to securing these routers ...
... placement of RPs leading to a degree of fate-sharing properties.
As any RP will have to accept PIM-SM Join/Prune ...
... DR, this might cause a potential Denial of Service attack
scenario. However, this can be mitigated, as the RP can discard all
such messages for all multicast addresses that do not encode the
...
... multicast addresses that do not encode the
address of the RP. Both the sender- and receiver-based attacks ...
... multicast prefixes are allowed to be used.
This can be used to limit the use of the RP to designated groups
only. In some cases, being able to restrict (at the RP ...
... RP to designated groups
only. In some cases, being able to restrict (at the RP) which
unicast addresses are allowed to send or join ...
... Register messages can be spoofed [PIMSEC].)
Obviously, these controls are only possible at the RP, not at the
intermediate routers or the DR ...
... It is RECOMMENDED that routers supporting this specification do not
act as RPs unless explicitly configured to do so, as becoming an RP
does not require any advertisement (e.g., through BSR or manually).
...
... BSR or manually).
Otherwise, any router could potentially become an RP (and be abused
as such). Further, multicast groups or group ...
... protect the groups from outsiders but only offers security by
obscurity; embedded-RP offers similar level of protection. When real
protection is desired, PIM ...
... the borders. This is described at more length in Section 6.5.
One should observe that the embedded-RP threat model is actually
rather similar to SSM; both mechanisms significantly reduce the
...
... MLDv2 (S,G) join
towards a non-existent source, which the local RP could not block
based on the MSDP information.
...
... address validity
checks to the embedded-RP address as it would to one received via
other means; at least fe80::/10, ::/16, and ff00::/8 should be
...
... inter-domain
multicast routing models (traditional ASM with MSDP, embedded-RP,
SSM) and their security properties ...
... Kim, D., Meyer, D., Kilmer, H., and D. Farinacci, "Anycast Rendevous Point (RP) mechanism using Protocol Independent Multicast (PIM ...
... The document only specifies FF70::/12 for now; if/when the upper-most
bit is used, one must specify how FFF0::/12 applies to Embedded-RP.
For example, a different mode of PIM or another protocol might use
...
... 3306prop.
The embedded-RP addressing could be used to convey other information
(other than RP ...
... RP addressing could be used to convey other information
(other than RP address) as well, for example, what should be the RPT
threshold ...
... threshold for PIM-SM. These could be, whether feasible or not,
encoded in the RP address somehow, or in the multicast group address.
...