分享
 
 
 

RFC3219 - Telephony Routing over IP (TRIP)

王朝other·作者佚名  2008-05-31
窄屏简体版  字體: |||超大  

Network Working Group J. Rosenberg

Request for Comments: 3219 dynamicsoft

Category: Standards Track H. Salama

Cisco Systems

M. Squire

Hatteras Networks

January 2002

Telephony Routing over IP (TRIP)

Status of this Memo

This document specifies an Internet standards track protocol for the

Internet community, and requests discussion and suggestions for

improvements. Please refer to the current edition of the "Internet

Official Protocol Standards" (STD 1) for the standardization state

and status of this protocol. Distribution of this memo is unlimited.

Copyright Notice

Copyright (C) The Internet Society (2002). All Rights Reserved.

Abstract

This document presents the Telephony Routing over IP (TRIP). TRIP is

a policy driven inter-administrative domain protocol for advertising

the reachability of telephony destinations between location servers,

and for advertising attributes of the routes to those destinations.

TRIP's operation is independent of any signaling protocol, hence TRIP

can serve as the telephony routing protocol for any signaling

protocol.

The Border Gateway Protocol (BGP-4) is used to distribute routing

information between administrative domains. TRIP is used to

distribute telephony routing information between telephony

administrative domains. The similarity between the two protocols is

obvious, and hence TRIP is modeled after BGP-4.

Table of Contents

1 Terminology and Definitions .............................. 3

2 IntrodUCtion ............................................. 4

3 Summary of Operation ..................................... 5

3.1 Peering Session Establishment and Maintenance ............ 5

3.2 Database Exchanges ....................................... 6

3.3 Internal Versus External Synchronization ................. 6

3.4 Advertising TRIP Routes .................................. 6

3.5 Telephony Routing Information Bases ...................... 7

3.6 Routes in TRIP ........................................... 9

3.7 Aggregation .............................................. 9

4 Message Formats .......................................... 10

4.1 Message Header Format .................................... 10

4.2 OPEN Message Format ...................................... 11

4.3 UPDATE Message Format .................................... 15

4.4 KEEPALIVE Message Format ................................ 22

4.5 NOTIFICATION Message Format ............................. 23

5 TRIP Attributes ......................................... 24

5.1 WithdrawnRoutes .......................................... 24

5.2 ReachableRoutes .......................................... 28

5.3 NextHopServer ........................................... 29

5.4 AdvertisementPath ....................................... 31

5.5 RoutedPath ............................................... 35

5.6 AtomicAggregate ......................................... 36

5.7 LocalPreference ......................................... 37

5.8 MultiExitDisc ............................................ 38

5.9 Communities .............................................. 39

5.10 ITAD Topology .......................................... 41

5.11 ConvertedRoute ........................................... 43

5.12 Considerations for Defining New TRIP Attributes ......... 44

6 TRIP Error Detection and Handling ....................... 44

6.1 Message Header Error Detection and Handling ............. 45

6.2 OPEN Message Error Detection and Handling ............... 45

6.3 UPDATE Message Error Detection and Handling ............. 46

6.4 NOTIFICATION Message Error Detection and Handling ....... 48

6.5 Hold Timer EXPired Error Handling ....................... 48

6.6 Finite State Machine Error Handling ..................... 48

6.7 Cease ................................................... 48

6.8 Connection Collision Detection .......................... 48

7 TRIP Version Negotiation ................................ 49

8 TRIP Capability Negotiation ............................. 50

9 TRIP Finite State Machine ............................... 50

10 UPDATE Message Handling ................................. 55

10.1 Flooding Process ........................................ 56

10.2 Decision Process ........................................ 58

10.3 Update-Send Process ..................................... 62

10.4 Route Selection Criteria ................................ 67

10.5 Originating TRIP Routes ................................. 67

11 TRIP Transport .......................................... 68

12 ITAD Topology ........................................... 68

13 IANA Considerations ...................................... 68

13.1 TRIP Capabilities ....................................... 68

13.2 TRIP Attributes ........................................ 69

13.3 Destination Address Families ............................ 69

13.4 TRIP Application Protocols .............................. 69

13.5 ITAD Numbers ............................................ 70

14 Security Considerations ................................. 70

A1 Appendix 1: TRIP FSM State Transitions and Actions ...... 71

A2 Appendix 2: Implementation Recommendations .............. 73

Acknowledgments ................................................ 75

References ..................................................... 75

Intellectual Property Notice ................................... 77

Authors' Addresses ............................................. 78

Full Copyright Statement ....................................... 79

1. Terminology and Definitions

The key Words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",

"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this

document are to be interpreted as described in RFC2119 [1].

A framework for Telephony Routing over IP (TRIP) is described in [2].

We assume the reader is familiar with the framework and terminology

of [2]. We define and use the following terms in addition to those

defined in [2].

Telephony Routing Information Base (TRIB): The database of reachable

telephony destinations built and maintained at an LS as a result of

its participation in TRIP.

IP Telephony Administrative Domain (ITAD): The set of resources

(gateways, location servers, etc.) under the control of a single

administrative authority. End users are customers of an ITAD.

Less/More Specific Route: A route X is said to be less specific than

a route Y if every destination in Y is also a destination in X, and X

and Y are not equal. In this case, Y is also said to be more

specific than X.

Aggregation: Aggregation is the process by which multiple routes are

combined into a single less specific route that covers the same set

of destinations. Aggregation is used to reduce the size of the TRIB

being synchronized with peer LSs by reducing the number of exported

TRIP routes.

Peers: Two LSs that share a logical association (a transport

connection). If the LSs are in the same ITAD, they are internal

peers. Otherwise, they are external peers. The logical association

between two peer LSs is called a peering session.

Telephony Routing Information Protocol (TRIP): The protocol defined

in this specification. The function of TRIP is to advertise the

reachability of telephony destinations, attributes associated with

the destinations, as well as the attributes of the path towards those

destinations.

TRIP destination: TRIP can be used to manage routing tables for

multiple protocols (SIP, H323, etc.). In TRIP, a destination is the

combination of (a) a set of addresses (given by an address family and

address prefix), and (b) an application protocol (SIP, H323, etc).

2. Introduction

The gateway location and routing problem has been introduced in [2].

It is considered one of the more difficult problems in IP telephony.

The selection of an egress gateway for a telephony call, traversing

an IP network towards an ultimate destination in the PSTN, is driven

in large part by the policies of the various parties along the path,

and by the relationships established between these parties. As such,

a global Directory of egress gateways in which users look up

destination phone numbers is not a feasible solution. Rather,

information about the availability of egress gateways is exchanged

between providers, and subject to policy, made available locally and

then propagated to other providers in other ITADs, thus creating

routes towards these egress gateways. This would allow each provider

to create its own database of reachable phone numbers and the

associated routes - such a database could be very different for each

provider depending on policy.

TRIP is an inter-domain (i.e., inter-ITAD) gateway location and

routing protocol. The primary function of a TRIP speaker, called a

location server (LS), is to exchange information with other LSs.

This information includes the reachability of telephony destinations,

the routes towards these destinations, and information about gateways

towards those telephony destinations residing in the PSTN. The TRIP

requirements are set forth in [2].

LSs exchange sufficient routing information to construct a graph of

ITAD connectivity so that routing loops may be prevented. In

addition, TRIP can be used to exchange attributes necessary to

enforce policies and to select routes based on path or gateway

characteristics. This specification defines TRIP's transport and

synchronization mechanisms, its finite state machine, and the TRIP

data. This specification defines the basic attributes of TRIP. The

TRIP attribute set is extendible, so additional attributes may be

defined in future documents.

TRIP is modeled after the Border Gateway Protocol 4 (BGP-4) [3] and

enhanced with some link state features, as in the Open Shortest Path

First (OSPF) protocol [4], IS-IS [5], and the Server Cache

Synchronization Protocol (SCSP) [6]. TRIP uses BGP's inter-domain

transport mechanism, BGP's peer communication, BGP's finite state

machine, and similar formats and attributes as BGP. Unlike BGP

however, TRIP permits generic intra-domain LS topologies, which

simplifies configuration and increases scalability in contrast to

BGP's full mesh requirement of internal BGP speakers. TRIP uses an

intra-domain flooding mechanism similar to that used in OSPF [4],

IS-IS [5], and SCSP [6].

TRIP permits aggregation of routes as they are advertised through the

network. TRIP does not define a specific route selection algorithm.

TRIP runs over a reliable transport protocol. This eliminates the

need to implement explicit fragmentation, retransmission,

acknowledgment, and sequencing. The error notification mechanism

used in TRIP assumes that the transport protocol supports a graceful

close, i.e., that all outstanding data will be delivered before the

connection is closed.

TRIP's operation is independent of any particular telephony signaling

protocol. Therefore, TRIP can be used as the routing protocol for

any of these protocols, e.g., H.323 [7] and SIP [8].

The LS peering topology is independent of the physical topology of

the network. In addition, the boundaries of an ITAD are independent

of the boundaries of the layer 3 routing autonomous systems. Neither

internal nor external TRIP peers need to be physically adjacent.

3. Summary of Operation

This section summarizes the operation of TRIP. Details are provided

in later sections.

3.1. Peering Session Establishment and Maintenance

Two peer LSs form a transport protocol connection between one

another. They exchange messages to open and confirm the connection

parameters, and to negotiate the capabilities of each LS as well as

the type of information to be advertised over this connection.

KeepAlive messages are sent periodically to ensure adjacent peers are

operational. Notification messages are sent in response to errors or

special conditions. If a connection encounters an error condition, a

Notification message is sent and the connection is closed.

3.2. Database Exchanges

Once the peer connection has been established, the initial data flow

is a dump of all routes relevant to the new peer (In the case of an

external peer, all routes in the LS's Adj-TRIB-Out for that external

peer. In the case of an internal peer, all routes in the Ext-TRIB

and all Adj-TRIBs-In). Note that the different TRIBs are defined in

Section 3.5.

Incremental updates are sent as the TRIP routing tables (TRIBs)

change. TRIP does not require periodic refresh of the routes.

Therefore, an LS must retain the current version of all routing

entries.

If a particular ITAD has multiple LSs and is providing transit

service for other ITADs, then care must be taken to ensure a

consistent view of routing within the ITAD. When synchronized the

TRIP routing tables, i.e., the Loc-TRIBs, of all internal peers are

identical.

3.3. Internal Versus External Synchronization

As with BGP, TRIP distinguishes between internal and external peers.

Within an ITAD, internal TRIP uses link-state mechanisms to flood

database updates over an arbitrary topology. Externally, TRIP uses

point-to-point peering relationships to exchange database

information.

To achieve internal synchronization, internal peer connections are

configured between LSs of the same ITAD such that the resulting

intra-domain LS topology is connected and sufficiently redundant.

This is different from BGP's approach that requires all internal

peers to be connected in a full mesh topology, which may result in

scaling problems. When an update is received from an internal peer,

the routes in the update are checked to determine if they are newer

than the version already in the database. Newer routes are then

flooded to all other peers in the same domain.

3.4. Advertising TRIP Routes

In TRIP, a route is defined as the combination of (a) a set of

destination addresses (given by an address family indicator and an

address prefix), and (b) an application protocol (e.g. SIP, H323,

etc.). Generally, there are additional attributes associated with

each route (for example, the next-hop server).

TRIP routes are advertised between a pair of LSs in UPDATE messages.

The destination addresses are included in the ReachableRoutes

attribute of the UPDATE, while other attributes describe things like

the path or egress gateway.

If an LS chooses to advertise a TRIP route, it may add to or modify

the attributes of the route before advertising it to a peer. TRIP

provides mechanisms by which an LS can inform its peer that a

previously advertised route is no longer available for use. There

are three methods by which a given LS can indicate that a route has

been withdrawn from service:

- Include the route in the WithdrawnRoutes Attribute in an UPDATE

message, thus marking the associated destinations as being no

longer available for use.

- Advertise a replacement route with the same set of destinations

in the ReachableRoutes Attribute.

- For external peers where flooding is not in use, the LS-to-LS

peer connection can be closed, which implicitly removes from

service all routes which the pair of LSs had advertised to each

other over that peer session. Note that terminating an

internal peering session does not necessarily remove the routes

advertised by the peer LS as the same routes may have been

received from multiple internal peers because of flooding. If

an LS determines that another internal LS is no longer active

(from the ITAD Topology attributes of the UPDATE messages from

other internal peers), then it MUST remove all routes

originated into the LS by that LS and rerun its decision

process.

3.5. Telephony Routing Information Bases

A TRIP LS processes three types of routes:

- External routes: An external route is a route received from an

external peer LS

- Internal routes: An internal route is a route received from an

internal LS in the same ITAD.

- Local routes: A local route is a route locally injected into

TRIP, e.g. by configuration or by route redistribution from

another routing protocol.

The Telephony Routing Information Base (TRIB) within an LS consists

of four distinct parts:

- Adj-TRIBs-In: The Adj-TRIBs-In store routing information that

has been learned from inbound UPDATE messages. Their contents

represent TRIP routes that are available as an input to the

Decision Process. These are the "unprocessed" routes received.

The routes from each external peer LS and each internal LS are

maintained in this database independently, so that updates from

one peer do not affect the routes received from another LS.

Note that there is an Adj-TRIB-In for every LS within the

domain, even those with which the LS is not directly peered.

- Ext-TRIB: There is only one Ext-TRIB database per LS. The LS

runs the route selection algorithm on all external routes

(stored in the Adj-TRIBs-In of the external peers) and local

routes (may be stored in an Adj-TRIB-In representing the local

LS) and selects the best route for a given destination and

stores it in the Ext-TRIB. The use of Ext-TRIB will be

explained further in Section 10.3.1

- Loc-TRIB: The Loc-TRIB contains the local TRIP routing

information that the LS has selected by applying its local

policies to the routing information contained in its Adj-

TRIBs-In of internal LSs and the Ext-TRIB.

- Adj-TRIBs-Out: The Adj-TRIBs-Out store the information that

the local LS has selected for advertisement to its external

peers. The routing information stored in the Adj-TRIBs-Out

will be carried in the local LS's UPDATE messages and

advertised to its peers.

Figure 1 illustrates the relationship between the four parts of the

routing information base.

Loc-TRIB

^

Decision Process

^ ^

Adj-TRIBs-In V

(Internal LSs) Adj-TRIBs-Out

Ext-TRIB

^ ^

Adj-TRIB-In Local Routes

(External Peers)

Figure 1: TRIB Relationships

Although the conceptual model distinguishes between Adj-TRIBs-In,

Ext-TRIB, Loc-TRIB, and Adj-TRIBs-Out, this neither implies nor

requires that an implementation must maintain four separate copies of

the routing information. The choice of implementation (for example,

4 copies of the information vs. 1 copy with pointers) is not

constrained by the protocol.

3.6. Routes in TRIP

A route in TRIP specifies a range of numbers by being a prefix of

those numbers (the exact definition & syntax of route are in 5.1.1).

Arbitrary ranges of numbers are not atomically representable by a

route in TRIP. A prefix range is the only type of range supported

atomically. An arbitrary range can be accomplished by using multiple

prefixes in a ReachableRoutes attribute (see Section 5.1 & 5.2). For

example, 222-xxxx thru 999-xxxx could be represented by including the

prefixes 222, 223, 224,...,23,24,...,3,4,...,9 in a ReachableRoutes

attribute.

3.7. Aggregation

Aggregation is a scaling enhancement used by an LS to reduce the

number of routing entries that it has to synchronize with its peers.

Aggregation may be performed by an LS when there is a set of routes

{R1, R2, ...} in its TRIB such that there exists a less specific

route R where every valid destination in R is also a valid

destination in {R1, R2, ...} and vice-versa. Section 5 includes a

description of how to combine each attribute (by type) on the {R1,

R2, ...} routes into an attribute for R.

Note that there is no mechanism within TRIP to communicate that a

particular address prefix is not used or valid within a particular

address family, and thus that these addresses could be skipped during

aggregation. LSs may use methods outside of TRIP to learn of invalid

prefixes that may be ignored during aggregation.

An LS is not required to perform aggregation, however it is

recommended whenever maintaining a smaller TRIB is important. An LS

decides based on its local policy whether or not to aggregate a set

of routes into a single aggregate route.

Whenever an LS aggregates multiple routes where the NextHopServer is

not identical in all aggregated routes, the NextHopServer attribute

of the aggregate route must be set to a signalling server in the

aggregating LS's domain.

When an LS resets the NextHopServer of any route, and this may be

performed because of aggregation or other reasons, it has the effect

of adding another signalling server along the signalling path to

these destinations. The end result is that the signalling path

between two destinations may consist of multiple signalling servers

across multiple domains.

4. Message Formats

This section describes message formats used by TRIP. Messages are

sent over a reliable transport protocol connection. A message MUST

be processed only after it is entirely received. The maximum message

size is 4096 octets. All implementations MUST support this maximum

message size. The smallest message that MAY be sent consists of a

TRIP header without a data portion, or 3 octets.

4.1. Message Header Format

Each message has a fixed-size header. There may or may not be a data

portion following the header, depending on the message type. The

layout of the header fields is shown in Figure 2.

0 1 2

0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3

+--------------+----------------+---------------+

Length Type

+--------------+----------------+---------------+

Figure 2: TRIP Header

Length: This 2-octet unsigned integer indicates the total length of

the message, including the header, in octets. Thus, it allows one to

locate, in the transport-level stream, the beginning of the next

message. The value of the Length field must always be at least 3 and

no greater than 4096, and may be further constrained depending on the

message type. No padding of extra data after the message is allowed,

so the Length field must have the smallest value possible given the

rest of the message.

Type: This 1-octet unsigned integer indicates the type code of the

message. The following type codes are defined:

1 - OPEN

2 - UPDATE

3 - NOTIFICATION

4 - KEEPALIVE

4.2. OPEN Message Format

After a transport protocol connection is established, the first

message sent by each side is an OPEN message. If the OPEN message is

acceptable, a KEEPALIVE message confirming the OPEN is sent back.

Once the OPEN is confirmed, UPDATE, KEEPALIVE, and NOTIFICATION

messages may be exchanged.

The minimum length of the OPEN message is 17 octets (including

message header). OPEN messages not meeting this minimum requirement

are handled as defined in Section 6.2.

In addition to the fixed-size TRIP header, the OPEN message contains

the following fields:

0 1 2 3

0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1

+---------------+---------------+--------------+----------------+

Version Reserved Hold Time

+---------------+---------------+--------------+----------------+

My ITAD

+---------------+---------------+--------------+----------------+

TRIP Identifier

+---------------+---------------+--------------+----------------+

Optional Parameters Len Optional Parameters (variable)...

+---------------+---------------+--------------+----------------+

Figure 3: TRIP OPEN Header

Version:

This 1-octet unsigned integer indicates the protocol version of the

message. The current TRIP version number is 1.

Hold Time:

This 2-octet unsigned integer indicates the number of seconds that

the sender proposes for the value of the Hold Timer. Upon receipt of

an OPEN message, an LS MUST calculate the value of the Hold Timer by

using the smaller of its configured Hold Time and the Hold Time

received in the OPEN message. The Hold Time MUST be either zero or

at least three seconds. An implementation MAY reject connections on

the basis of the Hold Time. The calculated value indicates the

maximum number of seconds that may elapse between the receipt of

successive KEEPALIVE and/or UPDATE messages by the sender.

This 4-octet unsigned integer indicates the ITAD number of the

sender. The ITAD number must be unique for this domain within this

confederation of cooperating LSs.

ITAD numbers are assigned by IANA as specified in Section 13. This

document reserves ITAD number 0. ITAD numbers from 1 to 255 are

designated for private use.

TRIP Identifier:

This 4-octet unsigned integer indicates the TRIP Identifier of the

sender. The TRIP Identifier MUST uniquely identify this LS within

its ITAD. A given LS MAY set the value of its TRIP Identifier to an

IPv4 address assigned to that LS. The value of the TRIP Identifier

is determined on startup and MUST be the same for all peer

connections. When comparing two TRIP identifiers, the TRIP

Identifier is interpreted as a numerical 4-octet unsigned integer.

Optional Parameters Length:

This 2-octet unsigned integer indicates the total length of the

Optional Parameters field in octets. If the value of this field is

zero, no Optional Parameters are present.

Optional Parameters:

This field may contain a list of optional parameters, where each

parameter is encoded as a <Parameter Type, Parameter Length,

Parameter Value> triplet.

0 1 2

0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1

+---------------+---------------+--------------+----------------+

Parameter Type Parameter Length

+---------------+---------------+--------------+----------------+

Parameter Value (variable)...

+---------------+---------------+--------------+----------------+

Figure 4: Optional Parameter Encoding

Parameter Type:

This is a 2-octet field that unambiguously identifies individual

parameters.

Parameter Length:

This is a 2-octet field that contains the length of the Parameter

Value field in octets.

Parameter Value:

This is a variable length field that is interpreted according to the

value of the Parameter Type field.

4.2.1. Open Message Optional Parameters

This document defines the following Optional Parameters for the OPEN

message.

4.2.1.1. Capability Information

Capability Information uses Optional Parameter type 1. This is an

optional parameter used by an LS to convey to its peer the list of

capabilities supported by the LS. This permits an LS to learn of the

capabilities of its peer LSs. Capability negotiation is defined in

Section 8.

The parameter contains one or more triples <Capability Code,

Capability Length, Capability Value>, where each triple is encoded as

shown below:

0 1 2

0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1

+---------------+---------------+--------------+----------------+

Capability Code Capability Length

+---------------+---------------+--------------+----------------+

Capability Value (variable)...

+---------------+---------------+--------------+----------------+

Figure 5: Capability Optional Parameter

Capability Code:

Capability Code is a 2-octet field that unambiguously identifies

individual capabilities.

Capability Length:

Capability Length is a 2-octet field that contains the length of the

Capability Value field in octets.

Capability Value:

Capability Value is a variable length field that is interpreted

according to the value of the Capability Code field.

Any particular capability, as identified by its Capability Code, may

appear more than once within the Optional Parameter.

This document reserves Capability Codes 32768-65535 for vendor-

specific applications (these are the codes with the first bit of the

code value equal to 1). This document reserves value 0. Capability

Codes (other than those reserved for vendor specific use) are

controlled by IANA. See Section 13 for IANA considerations.

The following Capability Codes are defined by this specification:

Code Capability

1 Route Types Supported

2 Send Receive Capability

4.2.1.1.1. Route Types Supported

The Route Types Supported Capability Code lists the route types

supported in this peering session by the transmitting LS. An LS MUST

NOT use route types that are not supported by the peer LS in any

particular peering session. If the route types supported by a peer

are not satisfactory, an LS SHOULD terminate the peering session.

The format for a Route Type is:

0 1 2

0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1

+---------------+---------------+--------------+----------------+

Address Family Application Protocol

+---------------+---------------+--------------+----------------+

Figure 6: Route Types Supported Capability

The Address Family and Application Protocol are as defined in Section

5.1.1. Address Family gives the address family being routed (within

the ReachableRoutes attribute). The application protocol lists the

application for which the routes apply. As an example, a route type

for TRIP could be <E.164, SIP>, indicating a set of E.164

destinations for the SIP protocol.

The Route Types Supported Capability MAY contain multiple route types

in the capability. The number of route types within the capability

is the maximum number that can fit given the capability length. The

Capability Code is 1 and the length is variable.

4.2.1.1.2. Send Receive Capability

This capability specifies the mode in which the LS will operate with

this particular peer. The possible modes are: Send Only mode,

Receive Only mode, or Send Receive mode. The default mode is Send

Receive mode.

In Send Only mode, an LS transmits UPDATE messages to its peer, but

the peer MUST NOT transmit UPDATE messages to that LS. If an LS in

Send Only mode receives an UPDATE message from its peer, it MUST

discard that message, but no further action should be taken.

The UPDATE messages sent by an LS in Send Only mode to its intra-

domain peer MUST include the ITAD Topology attribute whenever the

topology changes. A useful application of an LS in Send Only mode

with an external peer is to enable gateway registration services.

If a service provider terminates calls to a set of gateways it owns,

but never initiates calls, it can set its LSs to operate in Send Only

mode, since they only ever need to generate UPDATE messages, not

receive them. If an LS in Send Receive mode has a peering session

with a peer in Send Only mode, that LS MUST set its route

dissemination policy such that it does not send any UPDATE messages

to its peer.

In Receive Only mode, the LS acts as a passive TRIP listener. It

receives and processes UPDATE messages from its peer, but it MUST NOT

transmit any UPDATE messages to its peer. This is useful for

management stations that wish to collect topology information for

display purposes.

The behavior of an LS in Send Receive mode is the default TRIP

operation specified throughout this document.

The Send Receive capability is a 4-octet unsigned numeric value. It

can only take one of the following three values:

1 - Send Receive mode

2 - Send only mode

3 - Receive Only mode

A peering session MUST NOT be established between two LSs if both of

them are in Send Only mode or if both of them are in Receive Only

mode. If a peer LS detects such a capability mismatch when

processing an OPEN message, it MUST respond with a NOTIFICATION

message and close the peer session. The error code in the

NOTIFICATION message must be set to "Capability Mismatch."

An LS MUST be configured in the same Send Receive mode for all peers.

4.3. UPDATE Message Format

UPDATE messages are used to transfer routing information between LSs.

The information in the UPDATE packet can be used to construct a graph

describing the relationships between the various ITADs. By applying

rules to be discussed, routing information loops and some other

anomalies can be prevented.

An UPDATE message is used to both advertise and withdraw routes from

service. An UPDATE message may simultaneously advertise and withdraw

TRIP routes.

In addition to the TRIP header, the TRIP UPDATE contains a list of

routing attributes as shown in Figure 7. There is no padding between

routing attributes.

+------------------------------------------------+--...

First Route Attribute Second Route Attribute ...

+------------------------------------------------+--...

Figure 7: TRIP UPDATE Format

The minimum length of an UPDATE message is 3 octets (there are no

mandatory attributes in TRIP).

4.3.1. Routing Attributes

A variable length sequence of routing attributes is present in every

UPDATE message. Each attribute is a triple <attribute type,

attribute length, attribute value> of variable length.

0 1 2 3

0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1

+---------------+---------------+--------------+----------------+

Attr. Flags Attr. Type Code Attr. Length

+---------------+---------------+--------------+----------------+

Attribute Value (variable)

+---------------+---------------+--------------+----------------+

Figure 8: Routing Attribute Format

Attribute Type is a two-octet field that consists of the Attribute

Flags octet followed by the Attribute Type Code octet.

The Attribute Type Code defines the type of attribute. The basic

TRIP-defined Attribute Type Codes are discussed later in this

section. Attributes MUST appear in the UPDATE message in numerical

order of the Attribute Type Code. An attribute MUST NOT be included

more than once in the same UPDATE message. Attribute Flags are used

to control attribute processing when the attribute type is unknown.

Attribute Flags are further defined in Section 4.3.2.

This document reserves Attribute Type Codes 224-255 for vendor-

specific applications (these are the codes with the first three bits

of the code equal to 1). This document reserves value 0. Attribute

Type Codes (other than those reserved for vendor specific use) are

controlled by IANA. See Section 13 for IANA considerations.

The third and the fourth octets of the route attribute contain the

length of the attribute value field in octets.

The remaining octets of the attribute represent the Attribute Value

and are interpreted according to the Attribute Flags and the

Attribute Type Code. The basic supported attribute types, their

values, and their uses are defined in this specification. These are

the attributes necessary for proper loop free operation of TRIP, both

inter-domain and intra-domain. Additional attributes may be defined

in future documents.

4.3.2. Attribute Flags

It is clear that the set of attributes for TRIP will evolve over

time. Hence it is essential that mechanisms be provided to handle

attributes with unrecognized types. The handling of unrecognized

attributes is controlled via the flags field of the attribute.

Recognized attributes should be processed according to their specific

definition.

The following are the attribute flags defined by this specification:

Bit Flag

0 Well-Known Flag

1 Transitive Flag

2 Dependent Flag

3 Partial Flag

4 Link-state Encapsulated Flag

The high-order bit (bit 0) of the Attribute Flags octet is the Well-

Known Bit. It defines whether the attribute is not well-known (if

set to 1) or well-known (if set to 0). Implementations are not

required to support not well-known attributes, but MUST support

well-known attributes.

The second high-order bit (bit 1) of the Attribute Flags octet is the

Transitive bit. It defines whether a not well-known attribute is

transitive (if set to 1) or non-transitive (if set to 0). For well-

known attributes, the Transitive bit MUST be zero on transmit and

MUST be ignored on receipt.

The third high-order bit (bit 2) of the Attribute Flags octet is the

Dependent bit. It defines whether a transitive attribute is

dependent (if set to 1) or independent (if set to 0). For well-known

attributes and for non-transitive attributes, the Dependent bit is

irrelevant, and MUST be set to zero on transmit and MUST be ignored

on receipt.

The fourth high-order bit (bit 3) of the Attribute Flags octet is the

Partial bit. It defines whether the information contained in the not

well-known transitive attribute is partial (if set to 1) or complete

(if set to 0). For well-known attributes and for non-transitive

attributes the Partial bit MUST be set to 0 on transmit and MUST be

ignored on receipt.

The fifth high-order bit (bit 4) of the Attribute Flags octet is the

Link-state Encapsulation bit. This bit is only applicable to certain

attributes (ReachableRoutes and WithdrawnRoutes) and determines the

encapsulation of the routes within those attributes. If this bit is

set, link-state encapsulation is used within the attribute.

Otherwise, standard encapsulation is used within the attribute. The

Link-state Encapsulation technique is described in Section 4.3.2.4.

This flag is only valid on the ReachableRoutes and WithdrawnRoutes

attributes. It MUST be cleared on transmit and MUST be ignored on

receipt for all other attributes.

The other bits of the Attribute Flags octet are unused. They MUST be

zeroed on transmit and ignored on receipt.

4.3.2.1. Attribute Flags and Route Selection

Any recognized attribute can be used as input to the route selection

process, although the utility of some attributes in route selection

is minimal.

4.3.2.2. Attribute Flags and Route Dissemination

TRIP provides for two variations of transitivity due to the fact that

intermediate LSs need not modify the NextHopServer when propagating

routes. Attributes may be non-transitive, dependent transitive, or

independent transitive. An attribute cannot be both dependent

transitive and independent transitive.

Unrecognized independent transitive attributes may be propagated by

any intermediate LS. Unrecognized dependent transitive attributes

MAY only be propagated if the LS is NOT changing the next-hop server.

The transitivity variations permit some unrecognized attributes to be

carried end-to-end (independent transitive), some to be carried

between adjacent next-hop servers (dependent transitive), and other

to be restricted to peer LSs (non-transitive).

An LS that passes an unrecognized transitive attribute to a peer MUST

set the Partial flag on that attribute. Any LS along a path MAY

insert a transitive attribute into a route. If any LS except the

originating LS inserts a new independent transitive attribute into a

route, then it MUST set the Partial flag on that attribute. If any

LS except an LS that modifies the NextHopServer inserts a new

dependent transitive attribute into a route, then it MUST set the

Partial flag on that attribute. The Partial flag indicates that not

every LS along the relevant path has processed and understood the

attribute. For independent transitive attributes, the "relevant

path" is the path given in the AdvertisementPath attribute. For

dependent transitive attributes, the relevant path consists only of

those domains thru which this object has passed since the

NextHopServer was last modified. The Partial flag in an independent

transitive attribute MUST NOT be unset by any other LS along the

path. The Partial flag in a dependent transitive attribute MUST be

reset whenever the NextHopServer is changed, but MUST NOT be unset by

any LS that is not changing the NextHopServer.

The rules governing the addition of new non-transitive attributes are

defined independently for each non-transitive attribute. Any

attribute MAY be updated by an LS in the path.

4.3.2.3. Attribute Flags and Route Aggregation

Each attribute defines how it is to be handled during route

aggregation.

The rules governing the handling of unknown attributes are guided by

the Attribute Flags. Unrecognized transitive attributes are dropped

during aggregation. There should be no unrecognized non-transitive

attributes during aggregation because non-transitive attributes must

be processed by the local LS in order to be propagated.

4.3.2.4. Attribute Flags and Encapsulation

Normally attributes have the simple format as described in Section

4.3.1. If the Link-state Encapsulation Flag is set, then the two

additional fields are added to the attribute header as shown in

Figure 9.

0 1 2 3

0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1

+---------------+---------------+--------------+----------------+

Attr. Flags Attr. Type Code Attr. Length

+---------------+---------------+--------------+----------------+

Originator TRIP Identifier

+---------------+---------------+--------------+----------------+

Sequence Number

+---------------+---------------+--------------+----------------+

Attribute Value (variable)

+---------------+---------------+--------------+----------------+

Figure 9: Link State Encapsulation

The Originator TRIP ID and Sequence Number are used to control the

flooding of routing updates within a collection of servers. These

fields are used to detect duplicate and old routes so that they are

not further propagated to other LSs. The use of these fields is

defined in Section 10.1.

4.3.3. Mandatory Attributes

There are no Mandatory attributes in TRIP. However, there are

Conditional Mandatory attributes. A conditional mandatory attribute

is an attribute, which MUST be included in an UPDATE message if

another attribute is included in that message. For example, if an

UPDATE message includes a ReachableRoutes attribute, it MUST include

an AdvertisementPath attribute as well.

The three base attributes in TRIP are WithdrawnRoutes,

ReachableRoutes, and ITAD Topology. Their presence in an UPDATE

message is entirely optional and independent of any other attributes.

4.3.4. TRIP UPDATE Attributes

This section summarizes the attributes that may be carried in an

UPDATE message. Attributes MUST appear in the UPDATE message in

increasing order of the Attribute Type Code. Additional details are

provided in Section 5.

4.3.4.1. WithdrawnRoutes

This attribute lists a set of routes that are being withdrawn from

service. The transmitting LS has determined that these routes should

no longer be advertised, and is propagating this information to its

peers.

4.3.4.2. ReachableRoutes

This attribute lists a set of routes that are being added to service.

These routes will have the potential to be inserted into the Adj-

TRIBs-In of the receiving LS and the route selection process will be

applied to them.

4.3.4.3. NextHopServer

This attribute gives the identity of the entity to which messages

should be sent along this routed path. It specifies the identity of

the next hop server as either a host domain name or an IP address.

It MAY optionally specify the UDP/TCP port number for the next hop

signaling server. If not specified, then the default port SHOULD be

used. The NextHopServer is specific to the set of destinations and

application protocol defined in the ReachableRoutes attribute. Note

that this is NOT necessarily the address to which media (voice,

video, etc.) should be transmitted, it is only for the application

protocol as given in the ReachableRoutes attribute.

4.3.4.4. AdvertisementPath

The AdvertisementPath is analogous to the AS_PATH in BGP4 [3]. The

attribute records the sequence of domains through which this

advertisement has passed. The attribute is used to detect when the

routing advertisement is looping. This attribute does NOT reflect

the path through which messages following this route would traverse.

Since the next-hop need not be modified by each LS, the actual path

to the destination might not have to traverse every domain in the

AdvertisementPath.

4.3.4.5. RoutedPath

The RoutedPath attribute is analogous to the AdvertisementPath

attribute, except that it records the actual path (given by the list

of domains) *to* the destinations. Unlike AdvertisementPath, which

is modified each time the route is propagated, RoutedPath is only

modified when the NextHopServer attribute changes. Thus, it records

the subset of the AdvertisementPath which signaling messages

following this particular route would traverse.

4.3.4.6. AtomicAggregate

The AtomicAggregate attribute indicates that a route may actually

include domains not listed in the RoutedPath. If an LS, when

presented with a set of overlapping routes from a peer LS, selects a

less specific route without selecting the more specific route, then

the LS MUST include the AtomicAggregate attribute with the route. An

LS receiving a route with an AtomicAggregate attribute MUST NOT make

the set of destinations more specific when advertising it to other

LSs.

4.3.4.7. LocalPreference

The LocalPreference attribute is an intra-domain attribute used to

inform other LSs of the local LS's preference for a given route. The

preference of a route is calculated at the ingress to a domain and

passed as an attribute with that route throughout the domain. Other

LSs within the same ITAD use this attribute in their route selection

process. This attribute has no significance between domains.

4.3.4.8. MultiExitDisc

There may be more than one LS peering relationship between

neighboring domains. The MultiExitDisc attribute is used by an LS to

express a preference for one link between the domains over another

link between the domains. The use of the MultiExitDisc attribute is

controlled by local policy.

4.3.4.9. Communities

The Communities attribute is not a well-known attribute. It is used

to facilitate and simplify the control of routing information by

grouping destinations into communities.

4.3.4.10. ITAD Topology

The ITAD topology attribute is an intra-domain attribute that is used

by LSs to indicate their intra-domain topology to other LSs in the

domain.

4.3.4.11. ConvertedRoute

The ConvertedRoute attribute indicates that an intermediate LS has

altered the route by changing the route's Application Protocol.

4.4. KEEPALIVE Message Format

TRIP does not use any transport-based keep-alive mechanism to

determine if peers are reachable. Instead, KEEPALIVE messages are

exchanged between peers often enough as not to cause the Hold Timer

to expire. A reasonable maximum time between KEEPALIVE messages

would be one third of the Hold Time interval. KEEPALIVE messages

MUST NOT be sent more than once every 3 seconds. An implementation

SHOULD adjust the rate at which it sends KEEPALIVE messages as a

function of the negotiated Hold Time interval.

If the negotiated Hold Time interval is zero, then periodic KEEPALIVE

messages MUST NOT be sent.

The KEEPALIVE message consists of only a message header and has a

length of 3 octets.

4.5. NOTIFICATION Message Format

A NOTIFICATION message is sent when an error condition is detected.

The TRIP transport connection is closed immediately after sending a

NOTIFICATION message.

In addition to the fixed-size TRIP header, the NOTIFICATION message

contains the following fields:

0 1 2 3

0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1

+---------------+---------------+--------------+----------------+

Error Code Error Subcode Data... (variable)

+---------------+---------------+--------------+----------------+

Figure 10: TRIP NOTIFICATION Format

Error Code:

This 1-octet unsigned integer indicates the type of NOTIFICATION.

The following Error Codes have been defined:

Error Code Symbolic Name Reference

1 Message Header Error Section 6.1

2 OPEN Message Error Section 6.2

3 UPDATE Message Error Section 6.3

4 Hold Timer Expired Section 6.5

5 Finite State Machine Error Section 6.6

6 Cease Section 6.7

Error Subcode:

This 1-octet unsigned integer provides more specific information

about the nature of the reported error. Each Error Code may have one

or more Error Subcodes associated with it. If no appropriate Error

Subcode is defined, then a zero (Unspecific) value is used for the

Error Subcode field.

Message Header Error Subcodes:

1 - Bad Message Length.

2 - Bad Message Type.

OPEN Message Error Subcodes:

1 - Unsupported Version Number.

2 - Bad Peer ITAD.

3 - Bad TRIP Identifier.

4 - Unsupported Optional Parameter.

5 - Unacceptable Hold Time.

6 - Unsupported Capability.

7 - Capability Mismatch.

UPDATE Message Error Subcodes:

1 - Malformed Attribute List.

2 - Unrecognized Well-known Attribute.

3 - Missing Well-known Mandatory Attribute.

4 - Attribute Flags Error.

5 - Attribute Length Error.

6 - Invalid Attribute.

Data:

This variable-length field is used to diagnose the reason for the

NOTIFICATION. The contents of the Data field depend upon the Error

Code and Error Subcode.

Note that the length of the data can be determined from the message

length field by the formula:

Data Length = Message Length - 5

The minimum length of the NOTIFICATION message is 5 octets (including

message header).

5. TRIP Attributes

This section provides details on the syntax and semantics of each

TRIP UPDATE attribute.

5.1. WithdrawnRoutes

Conditional Mandatory: False.

Required Flags: Well-known.

Potential Flags: Link-State Encapsulation (when flooding).

TRIP Type Code: 1

The WithdrawnRoutes specifies a set of routes that are to be removed

from service by the receiving LS(s). The set of routes MAY be empty,

indicated by a length field of zero.

5.1.1. Syntax of WithdrawnRoutes

The WithdrawnRoutes Attribute encodes a sequence of routes in its

value field. The format for individual routes is given in Section

5.1.1.1. The WithdrawnRoutes Attribute lists the individual routes

sequentially with no padding as shown in Figure 11. Each route

includes a length field so that the individual routes within the

attribute can be delineated.

+---------------------+---------------------+...

WithdrawnRoute1... WithdrawnRoute2... ...

+---------------------+---------------------+...

Figure 11: WithdrawnRoutes Format

5.1.1.1. Generic TRIP Route Format

The generic format for a TRIP route is given in Figure 12.

0 1 2 3

0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1

+---------------+---------------+--------------+----------------+

Address Family Application Protocol

+---------------+---------------+--------------+----------------+

Length Address (variable) ...

+---------------+---------------+--------------+----------------+

Figure 12: Generic TRIP Route Format

Address Family:

The address family field gives the type of address for the route.

Three address families are defined in this Section:

Code Address Family

1 Decimal Routing Numbers

2 PentaDecimal Routing Numbers

3 E.164 Numbers

This document reserves address family code 0. This document reserves

address family codes 32768-65535 for vendor-specific applications

(these are the codes with the first bit of the code value equal to

1). Additional address families may be defined in the future.

Assignment of address family codes is controlled by IANA. See

Section 13 for IANA considerations.

Application Protocol:

The application protocol gives the protocol for which this routing

table is maintained. The currently defined application protocols

are:

Code Protocol

1 SIP

2 H.323-H.225.0-Q.931

3 H.323-H.225.0-RAS

4 H.323-H.225.0-Annex-G

This document reserves application protocol code 0. This document

reserves application protocol codes 32768-65535 for vendor-specific

applications (these are the codes with the first bit of the code

value equal to 1). Additional application protocols may be defined

in the future. Assignment of application protocol codes is

controlled by IANA. See Section 13 for IANA considerations.

Length:

The length of the address field, in bytes.

Address:

This is an address (prefix) of the family type given by Address

Family. The octet length of the address is variable and is

determined by the length field of the route.

5.1.1.2. Decimal Routing Numbers

The Decimal Routing Numbers address family is a super set of all

E.164 numbers, national numbers, local numbers, and private numbers.

It can also be used to represent the decimal routing numbers used in

conjunction with Number Portability in some countries/regions. A set

of telephone numbers is specified by a Decimal Routing Number prefix.

Decimal Routing Number prefixes are represented by a string of

digits, each digit encoded by its ASCII character representation.

This routing object covers all phone numbers starting with this

prefix. The syntax for the Decimal Routing Number prefix is:

Decimal-routing-number = *decimal-digit

decimal-digit = DECIMAL-DIGIT

DECIMAL-DIGIT = "0""1""2""3""4""5""6""7""8""9"

This DECIMAL Routing Number prefix is not bound in length. This

format is similar to the format for a global telephone number as

defined in SIP [8] without visual separators and without the "+"

prefix for international numbers. This format facilitates efficient

comparison when using TRIP to route SIP or H323, both of which use

character based representations of phone numbers. The prefix length

is determined from the length field of the route. The type of

Decimal Routing Number (private, local, national, or international)

can be deduced from the first few digits of the prefix.

5.1.1.3. PentaDecimal Routing Numbers

This address family is used to represent PentaDecimal Routing Numbers

used in conjunction with Number Portability in some

countries/regions. PentaDecimal Routing Number prefixes are

represented by a string of digits, each digit encoded by its ASCII

character representation. This routing object covers all routing

numbers starting with this prefix. The syntax for the PentaDecimal

Routing Number prefix is:

PentaDecimal-routing-number = *pentadecimal-digit

pentadecimal-routing-digit = PENTADECIMAL-DIGIT

PENTADECIMAL-DIGIT = "0""1""2""3""4""5""6""7"

"8""9""A""B""C""D""E"

Note the difference in alphabets between Decimal Routing Numbers and

PentaDecimal Routing Numbers. A PentaDecimal Routing Number prefix

is not bound in length.

Note that the address family, which suits the routing numbers of a

specific country/region depends on the alphabets used for routing

numbers in that country/region. For example, North American routing

numbers SHOULD use the Decimal Routing Numbers address family,

because their alphabet is limited to the digits "0" through "9".

Another example, in most European countries routing numbers use the

alphabet "0" through "9" and "A" through "E", and hence these

countries SHOULD use the PentaDecimal Routing Numbers address family.

5.1.1.4. E.164 Numbers

The E.164 Numbers address family is dedicated to fully qualified

E.164 numbers. A set of telephone numbers is specified by a E.164

prefix. E.164 prefixes are represented by a string of digits, each

digit encoded by its ASCII character representation. This routing

object covers all phone numbers starting with this prefix. The

syntax for the E.164 prefix is:

E164-number = *e164-digit

E164-digit = E164-DIGIT

E164-DIGIT = "0""1""2""3""4""5""6""7""8""9"

This format facilitates efficient comparison when using TRIP to route

SIP or H323, both of which use character based representations of

phone numbers. The prefix length is determined from the length field

of the route.

The E.164 Numbers address family and the Decimal Routing Numbers

address family have the same alphabet. The E.164 Numbers address

family SHOULD be used whenever possible. The Decimal Routing Numbers

address family can be used in case of private numbering plans or

applications that do not desire to advertise fully expanded, fully

qualified telephone numbers. If Decimal Routing Numbers are used to

advertise non-fully qualified prefixes, the prefixes may have to be

manipulated (e.g. expanded) at the boundary between ITADs. This adds

significant complexity to the ITAD-Border LS, because, it has to map

the prefixes from the format used in its own ITAD to the format used

in the peer ITAD.

5.2. ReachableRoutes

Conditional Mandatory: False.

Required Flags: Well-known.

Potential Flags: Link-State Encapsulation (when flooding).

TRIP Type Code: 2

The ReachableRoutes attribute specifies a set of routes that are to

be added to service by the receiving LS(s). The set of routes MAY be

empty, as indicated by setting the length field to zero.

5.2.1. Syntax of ReachableRoutes

The ReachableRoutes Attribute has the same syntax as the

WithdrawnRoutes Attribute. See Section 5.1.1.

5.2.2. Route Origination and ReachableRoutes

Routes are injected into TRIP by a method outside the scope of this

specification. Possible methods include a front-end protocol, an

intra-domain routing protocol, or static configuration.

5.2.3. Route Selection and ReachableRoutes

The routes in ReachableRoutes are necessary for route selection.

5.2.4. Aggregation and ReachableRoutes

To aggregate multiple routes, the set of ReachableRoutes to be

aggregated MUST combine to form a less specific set.

There is no mechanism within TRIP to communicate that a particular

address prefix is not used and thus that these addresses could be

skipped during aggregation. LSs MAY use methods outside of TRIP to

learn of invalid prefixes that may be ignored during aggregation.

If an LS advertises an aggregated route, it MUST include the

AtomicAggregate attribute.

5.2.5. Route Dissemination and ReachableRoutes

The ReachableRoutes attribute is recomputed at each LS except where

flooding is being used (e.g., within a domain). It is therefore

possible for an LS to change the Application Protocol field of a

route before advertising that route to an external peer.

If an LS changes the Application Protocol of a route it advertises,

it MUST include the ConvertedRoute attribute in the UPDATE message.

5.2.6. Aggregation Specifics for Decimal Routing Numbers, E.164 Numbers,

and PentaDecimal Routing Numbers

An LS that has routes to all valid numbers in a specific prefix

SHOULD advertise that prefix as the ReachableRoutes, even if there

are more specific prefixes that do not actually exist on the PSTN.

Generally, it takes 10 Decimal Routing/E.164 prefixes, or 15

PentaDecimal Routing prefixes, of length n to aggregate into a prefix

of length n-1. However, if an LS is aware that a prefix is an

invalid Decimal Routing/E.164 prefix, or PentaDecimal Routing prefix,

then the LS MAY aggregate by skipping this prefix. For example, if

the Decimal Routing prefix 19191 is known not to exist, then an LS

can aggregate to 1919 without 19191. A prefix representing an

invalid set of PSTN destinations is sometimes referred to as a

"black-hole." The method by which an LS is aware of black-holes is

not within the scope of TRIP, but if an LS has such knowledge, it can

use the knowledge when aggregating.

5.3. NextHopServer

Conditional Mandatory: True (if ReachableRoutes and/or

WithdrawnRoutes attribute is present).

Required Flags: Well-known.

Potential Flags: None.

TRIP Type Code: 3.

Given a route with application protocol A and destinations D, the

NextHopServer indicates to the next-hop that messages of protocol A

destined for D should be sent to it. This may or may not represent

the ultimate destination of those messages.

5.3.1. NextHopServer Syntax

For generality, the address of the next-hop server may be of various

types (domain name, IPv4, IPv6, etc). The NextHopServer attribute

includes the ITAD number of next-hop server, a length field, and a

next-hop name or address.

The syntax for the NextHopServer is given in Figure 13.

0 1 2 3

0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1

+---------------+---------------+--------------+----------------+

Next Hop ITAD

+---------------+---------------+--------------+----------------+

Length Server (variable) ...

+---------------+---------------+--------------+----------------+

Figure 13: NextHopServer Syntax

The Next-Hop ITAD indicates the domain of the next-hop. Length field

gives the number of octets in the Server field, and the Server field

contains the name or address of the next-hop server. The server

field is represented as a string of ASCII characters. It is defined

as follows:

Server = host [":" port ]

host = < A legal Internet host domain name

or an IPv4 address using the textual representation

defined in Section 2.1 of RFC1123 [9]

or an IPv6 address using the textual representation

defined in Section 2.2 of RFC2373 [10]. The IPv6

address MUST be enclosed in "[" and "]"

characters.>

port = *DIGIT

If the port is empty or not given, the default port is assumed (e.g.,

port 5060 if the application protocol is SIP).

5.3.2. Route Origination and NextHopServer

When an LS originates a routing object into TRIP, it MUST include a

NextHopServer within its domain. The NextHopServer could be an

address of the egress gateway or of a signaling proxy.

5.3.3. Route Selection and NextHopServer

LS policy may prefer certain next-hops or next-hop domains over

others.

5.3.4. Aggregation and NextHopServer

When aggregating multiple routing objects into a single routing

object, an LS MUST insert a new signaling server from within its

domain as the new NextHopServer unless all of the routes being

aggregated have the same next-hop.

5.3.5. Route Dissemination and NextHopServer

When propagating routing objects to peers, an LS may choose to insert

a signaling proxy within its domain as the new next-hop, or it may

leave the next-hop unchanged. Inserting a new next-hop will cause

the signaling messages to be sent to that address, and will provide

finer control over the signaling path. Leaving the next-hop

unchanged will yield a more efficient signaling path (fewer hops).

It is a local policy decision of the LS to decide whether to

propagate or change the NextHopServer.

5.4. AdvertisementPath

Conditional Mandatory: True (if ReachableRoutes and/or

WithdrawnRoutes attribute is present).

Required Flags: Well-known.

Potential Flags: None.

TRIP Type Code: 4.

This attribute identifies the ITADs through which routing information

carried in an advertisement has passed. The AdvertisementPath

attribute is analogous to the AS_PATH attribute in BGP. The

attributes differ in that BGP's AS_PATH also reflects the path to the

destination. In TRIP, not every domain need modify the next-hop, so

the AdvertisementPath may include many more hops than the actual path

to the destination. The RoutedPath attribute (Section 5.5) reflects

the actual signaling path to the destination.

5.4.1. AdvertisementPath Syntax

AdvertisementPath is a variable length attribute that is composed of

a sequence of ITAD path segments. Each ITAD path segment is

represented by a type-length-value triple.

The path segment type is a 1-octet long field with the following

values defined:

Value Segment Type

1 AP_SET: unordered set of ITADs a route in the

advertisement message has traversed

2 AP_SEQUENCE: ordered set of ITADs a route in

the advertisement message has traversed

The path segment length is a 1-octet long field containing the number

of ITADs in the path segment value field.

The path segment value field contains one or more ITAD numbers, each

encoded as a 4-octets long field. ITAD numbers uniquely identify an

Internet Telephony Administrative Domain, and must be oBTained from

IANA. See Section 13 for procedures to obtain an ITAD number from

IANA.

5.4.2. Route Origination and AdvertisementPath

When an LS originates a route then:

- The originating LS shall include its own ITAD number in the

AdvertisementPath attribute of all advertisements sent to LSs

located in neighboring ITADs. In this case, the ITAD number of

the originating LS's ITAD will be the only entry in the

AdvertisementPath attribute.

- The originating LS shall include an empty AdvertisementPath

attribute in all advertisements sent to LSs located in its own

ITAD. An empty AdvertisementPath attribute is one whose length

field contains the value zero.

5.4.3. Route Selection and AdvertisementPath

The AdvertisementPath may be used for route selection. Possible

criteria to be used are the number of hops on the path and the

presence or absence of particular ITADs on the path.

As discussed in Section 10, the AdvertisementPath is used to prevent

routing information from looping. If an LS receives a route with its

own ITAD already in the AdvertisementPath, the route MUST be

discarded.

5.4.4. Aggregation and AdvertisementPath

The rules for aggregating AdvertisementPath attributes are given in

the following sections, where the term "path" used in Section 5.4.4.1

and 5.4.4.2 is understood to mean AdvertisementPath.

5.4.4.1. Aggregating Routes with Identical Paths

If all routes to be aggregated have identical path attributes, then

the aggregated route has the same path attribute as the individual

routes.

5.4.4.2. Aggregating Routes with Different Paths

For the purpose of aggregating path attributes we model each ITAD

within the path as a pair <type, value>, where "type" identifies a

type of the path segment (AP_SEQUENCE or AP_SET), and "value" is the

ITAD number. Two ITADs are said to be the same if their

corresponding <type, value> are the same.

If the routes to be aggregated have different path attributes, then

the aggregated path attribute shall satisfy all of the following

conditions:

- All pairs of the type AP_SEQUENCE in the aggregated path MUST

appear in all of the paths of routes to be aggregated.

- All pairs of the type AP_SET in the aggregated path MUST appear

in at least one of the paths of the initial set (they may

appear as either AP_SET or AP_SEQUENCE types).

- For any pair X of the type AP_SEQUENCE that precedes pair Y in

the aggregated path, X precedes Y in each path of the initial

set that contains Y, regardless of the type of Y.

- No pair with the same value shall appear more than once in the

aggregated path, regardless of the pair's type.

An implementation may choose any algorithm that conforms to these

rules. At a minimum, a conformant implementation MUST be able to

perform the following algorithm that meets all of the above

conditions:

- Determine the longest leading sequence of tuples (as defined

above) common to all the paths of the routes to be aggregated.

Make this sequence the leading sequence of the aggregated path.

- Set the type of the rest of the tuples from the paths of the

routes to be aggregated to AP_SET, and append them to the

aggregated path.

- If the aggregated path has more than one tuple with the same

value (regardless of tuple's type), eliminate all but one such

tuple by deleting tuples of the type AP_SET from the aggregated

path.

An implementation that chooses to provide a path aggregation

algorithm that retains significant amounts of path information may

wish to use the procedure of Section 5.4.4.3.

5.4.4.3. Example Path Aggregation Algorithm

An example algorithm to aggregate two paths works as follows:

- Identify the ITADs (as defined in Section 5.4.1) within each

path attribute that are in the same relative order within both

path attributes. Two ITADs, X and Y, are said to be in the

same order if either X precedes Y in both paths, or if Y

precedes X in both paths.

- The aggregated path consists of ITADs identified in (a) in

exactly the same order as they appear in the paths to be

aggregated. If two consecutive ITADs identified in (a) do not

immediately follow each other in both of the paths to be

aggregated, then the intervening ITADs (ITADs that are between

the two consecutive ITADs that are the same) in both attributes

are combined into an AP_SET path segment that consists of the

intervening ITADs from both paths; this segment is then placed

in between the two consecutive ITADs identified in (a) of the

aggregated attribute. If two consecutive ITADs identified in

(a) immediately follow each other in one attribute, but do not

follow in another, then the intervening ITADs of the latter are

combined into an AP_SET path segment; this segment is then

placed in between the two consecutive ITADs identified in (a)

of the aggregated path.

If as a result of the above procedure a given ITAD number appears

more than once within the aggregated path, all but the last instance

(rightmost occurrence) of that ITAD number should be removed from the

aggregated path.

5.4.5. Route Dissemination and AdvertisementPath

When an LS propagates a route which it has learned from another LS,

it shall modify the route's AdvertisementPath attribute based on the

location of the LS to which the route will be sent.

- When a LS advertises a route to another LS located in its own

ITAD, the advertising LS MUST NOT modify the AdvertisementPath

attribute associated with the route.

- When a LS advertises a route to an LS located in a neighboring

ITAD, then the advertising LS MUST update the AdvertisementPath

attribute as follows:

* If the first path segment of the AdvertisementPath is of

type AP_SEQUENCE, the local system shall prepend its own

ITAD number as the last element of the sequence (put it in

the leftmost position).

* If the first path segment of the AdvertisementPath is of

type AP_SET, the local system shall prepend a new path

segment of type AP_SEQUENCE to the AdvertisementPath,

including its own ITAD number in that segment.

5.5. RoutedPath

Conditional Mandatory: True

(if ReachableRoutes attribute is present).

Required Flags: Well-known.

Potential Flags: None.

TRIP Type Code: 5.

This attribute identifies the ITADs through which messages sent using

this route would pass. The ITADs in this path are a subset of those

in the AdvertisementPath.

5.5.1. RoutedPath Syntax

The syntax of the RoutedPath attribute is the same as that of the

AdvertisementPath attribute. See Section 5.4.1.

5.5.2. Route Origination and RoutedPath

When an LS originates a route it MUST include the RoutedPath

attribute.

- The originating LS shall include its own ITAD number in the

RoutedPath attribute of all advertisements sent to LSs located

in neighboring ITADs. In this case, the ITAD number of the

originating LS's ITAD will be the only entry in the RoutedPath

attribute.

- The originating LS shall include an empty RoutedPath attribute

in all advertisements sent to LSs located in its own ITAD. An

empty RoutedPath attribute is one whose length field contains

the value zero.

5.5.3. Route Selection and RoutedPath

The RoutedPath MAY be used for route selection, and in most cases is

preferred over the AdvertisementPath for this role. Some possible

criteria to be used are the number of hops on the path and the

presence or absence of particular ITADs on the path.

5.5.4. Aggregation and RoutedPath

The rules for aggregating RoutedPath attributes are given in Section

5.4.4.1 and 5.4.4.2, where the term "path" used in Section 5.4.4.1

and 5.4.4.2 is understood to mean RoutedPath.

5.5.5. Route Dissemination and RoutedPath

When an LS propagates a route that it learned from another LS, it

modifies the route's RoutedPath attribute based on the location of

the LS to which the route is sent.

- When an LS advertises a route to another LS located in its own

ITAD, the advertising LS MUST NOT modify the RoutedPath

attribute associated with the route.

- If the LS has not changed the NextHopServer attribute, then the

LS MUST NOT change the RoutedPath attribute.

- Otherwise, the LS changed the NextHopServer and is advertising

the route to an LS in another ITAD. The advertising LS MUST

update the RoutedPath attribute as follows:

* If the first path segment of the RoutedPath is of type

AP_SEQUENCE, the local system shall prepend its own ITAD

number as the last element of the sequence (put it in the

leftmost position).

* If the first path segment of the RoutedPath is of type

AP_SET, the local system shall prepend a new path segment of

type AP_SEQUENCE to the RoutedPath, including its own ITAD

number in that segment.

5.6. AtomicAggregate

Conditional Mandatory: False.

Required Flags: Well-known.

Potential Flags: None.

TRIP Type Code: 6.

The AtomicAggregate attribute indicates that a route may traverse

domains not listed in the RoutedPath. If an LS, when presented with

a set of overlapping routes from a peer LS, selects the less specific

route without selecting the more specific route, then the LS includes

the AtomicAggregate attribute with the routing object.

5.6.1. AtomicAggregate Syntax

This attribute has length zero (0); the value field is empty.

5.6.2. Route Origination and AtomicAggregate

Routes are never originated with the AtomicAggregate attribute.

5.6.3. Route Selection and AtomicAggregate

The AtomicAggregate attribute may be used in route selection - it

indicates that the RoutedPath may be incomplete.

5.6.4. Aggregation and AtomicAggregate

If any of the routes to aggregate has the AtomicAggregate attribute,

then so MUST the resultant aggregate.

5.6.5. Route Dissemination and AtomicAggregate

If an LS, when presented with a set of overlapping routes from a peer

LS, selects the less specific route (see Section 0) without selecting

the more specific route, then the LS MUST include the AtomicAggregate

attribute with the routing object (if it is not already present).

An LS receiving a routing object with an AtomicAggregate attribute

MUST NOT make the set of destinations more specific when advertising

it to other LSs, and MUST NOT remove the attribute when propagating

this object to a peer LS.

5.7. LocalPreference

Conditional Mandatory: False.

Required Flags: Well-known.

Potential Flags: None.

TRIP Type Code: 7.

The LocalPreference attribute is only used intra-domain, it indicates

the local LS's preference for the routing object to other LSs within

the same domain. This attribute MUST NOT be included when

communicating to an LS in another domain, and MUST be included over

intra-domain links.

5.7.1. LocalPreference Syntax

The LocalPreference attribute is a 4-octet unsigned numeric value. A

higher value indicates a higher preference.

5.7.2. Route Origination and LocalPreference

Routes MUST NOT be originated with the LocalPreference attribute to

inter-domain peers. Routes to intra-domain peers MUST be originated

with the LocalPreference attribute.

5.7.3. Route Selection and LocalPreference

The LocalPreference attribute allows one LS in a domain to calculate

a preference for a route, and to communicate this preference to other

LSs within the domain.

5.7.4. Aggregation and LocalPreference

The LocalPreference attribute is not affected by aggregation.

5.7.5. Route Dissemination and LocalPreference

An LS MUST include the LocalPreference attribute when communicating

with peer LSs within its own domain. An LS MUST NOT include the

LocalPreference attribute when communicating with LSs in other

domains. LocalPreference attributes received from inter-domain peers

MUST be ignored.

5.8. MultiExitDisc

Conditional Mandatory: False.

Required Flags: Well-known.

Potential Flags: None.

TRIP Type Code: 8.

When two ITADs are connected by more than one set of peers, the

MultiExitDisc attribute may be used to specify preferences for routes

received over one of those links versus routes received over other

links. The MultiExitDisc parameter is used only for route selection.

5.8.1. MultiExitDisc Syntax

The MultiExitDisc attribute carries a 4-octet unsigned numeric value.

A higher value represents a more preferred routing object.

5.8.2. Route Origination and MultiExitDisc

Routes originated to intra-domain peers MUST NOT be originated with

the MultiExitDisc attribute. When originating a route to an inter-

domain peer, the MultiExitDisc attribute may be included.

5.8.3. Route Selection and MultiExitDisc

The MultiExitDisc attribute is used to express a preference when

there are multiple links between two domains. If all other factors

are equal, then a route with a higher MultiExitDisc attribute is

preferred over a route with a lower MultiExitDisc attribute.

5.8.4. Aggregation and MultiExitDisc

Routes with differing MultiExitDisc parameters MUST NOT be

aggregated. Routes with the same value in the MultiExitDisc

attribute MAY be aggregated and the same MultiExitDisc attribute

attached to the aggregated object.

5.8.5. Route Dissemination and MultiExitDisc

If received from a peer LS in another domain, an LS MAY propagate the

MultiExitDisc to other LSs within its domain. The MultiExitDisc

attribute MUST NOT be propagated to LSs in other domains.

An LS may add the MultiExitDisc attribute when propagating routing

objects to an LS in another domain. The inclusion of the

MultiExitDisc attribute is a matter of policy, as is the value of the

attribute.

5.9. Communities

Conditional Mandatory: False.

Required Flags: Not Well-Known, Independent Transitive.

Potential Flags: None.

TRIP Type Code: 9.

A community is a group of destinations that share some common

property.

The Communities attribute is used to group destinations so that the

routing decision can be based on the identity of the group. Using

the Communities attribute should significantly simplify the

distribution of routing information by providing an administratively

defined aggregation unit.

Each ITAD administrator may define the communities to which a

particular route belongs. By default, all routes belong to the

general Internet Telephony community.

As an example, the Communities attribute could be used to define an

alliance between a group of Internet Telephony service providers for

a specific subset of routing information. In this case, members of

that alliance would accept only routes for destinations in this group

that are advertised by other members of the alliance. Other

destinations would be more freely accepted. To achieve this, a

member would tag each route with a designated Community attribute

value before disseminating it. This relieves the members of such an

alliance, from the responsibility of keeping track of the identities

of all other members of that alliance.

Another example use of the Communities attribute is with aggregation.

It is often useful to advertise both the aggregate route and the

component more-specific routes that were used to form the aggregate.

These information components are only useful to the neighboring TRIP

peer, and perhaps the ITAD of the neighboring TRIP peer, so it is

desirable to filter out the component routes. This can be achieved

by specifying a Community attribute value that the neighboring peers

will match and filter on. That way it can be assured that the more

specific routes will not propagate beyond their desired scope.

5.9.1. Syntax of Communities

The Communities attribute is of variable length. It consists of a

set of 8-octet values, each of which specifies a community. The

first 4 octets of the Community value are the Community ITAD Number

and the next 4 octets are the Community ID.

0 1 2 3

0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1

+---------------+---------------+--------------+----------------+

Community ITAD Number 1

+---------------+---------------+--------------+----------------+

Community ID 1

+---------------+---------------+--------------+----------------+

. . . . . . . . .

+---------------+---------------+--------------+----------------+

Figure 14: Communities Syntax

For administrative assignment, the following assumptions may be made:

The Community attribute values starting with a Community ITAD

Number of 0x00000000 are hereby reserved.

The following communities have global significance and their

operation MUST be implemented in any Community attribute-aware TRIP

LS.

- NO_EXPORT (Community ITAD Number = 0x00000000 and Community ID

= 0xFFFFFF01). Any received route with a community attribute

containing this value MUST NOT be advertised outside of the

receiving TRIP ITAD.

Other community values MUST be encoded using an ITAD number in the

four most significant octets. The semantics of the final four octets

(the Community ID octets) may be defined by the ITAD (e.g., ITAD 690

may define research, educational, and commercial community IDs that

may be used for policy routing as defined by the operators of that

ITAD).

5.9.2. Route Origination and Communities

The Communities attribute is not well-known. If a route has a

Communities attribute associated with it, the LS MUST include that

attribute in the advertisement it originates.

5.9.3. Route Selection and Communities

The Communities attribute may be used for route selection. A route

that is a member of a certain community may be preferred over another

route that is not a member of that community. Likewise, routes

without a certain community value may be excluded from consideration.

5.9.4. Aggregation and Communities

If a set of routes is to be aggregated and the resultant aggregate

does not carry an Atomic_Aggregate attribute, then the resulting

aggregate should have a Communities attribute that contains the union

of the Community attributes of the aggregated routes.

5.9.5. Route Dissemination and Communities

An LS may manipulate the Communities attribute before disseminating a

route to a peer. Community attribute manipulation may include adding

communities, removing communities, adding a Communities attribute (if

none exists), deleting the Communities attribute, etc.

5.10. ITAD Topology

Conditional Mandatory: False.

Required Flags: Well-known, Link-State encapsulated.

Potential Flags: None.

TRIP Type Code: 10.

Within an ITAD, each LS must know the status of other LSs so that LS

failure can be detected. To do this, each LS advertises its internal

topology to other LSs within the domain. When an LS detects that

another LS is no longer active, the information sourced by that LS

can be deleted (the Adj-TRIB-In for that peer may be cleared). The

ITAD Topology attribute is used to communicate this information to

other LSs within the domain.

An LS MUST send a topology update each time it detects a change in

its internal peer set. The topology update may be sent in an UPDATE

message by itself or it may be piggybacked on an UPDATE message which

includes ReachableRoutes and/or WithdrawnRoutes information.

When an LS receives a topology update from an internal LS, it MUST

recalculate which LSs are active within the ITAD via a connectivity

algorithm on the topology.

5.10.1. ITAD Topology Syntax

The ITAD Topology attribute indicates the LSs with which the LS is

currently peering. The attribute consists of a list of the TRIP

Identifiers with which the LS is currently peering, the format is

given in Figure 15. This attribute MUST use the link-state

encapsulation as defined in Section 4.3.2.4.

0 1 2 3

0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1

+---------------+---------------+--------------+----------------+

TRIP Identifier 1

+---------------+---------------+--------------+----------------+

TRIP Identifier 2 ...

+---------------+---------------+--------------+----------------+

Figure 15: ITAD Topology Syntax

5.10.2. Route Origination and ITAD Topology

The ITAD Topology attribute is independent of any routes in the

UPDATE. Whenever the set of internal peers of an LS changes, it MUST

create an UPDATE with the ITAD Topology Attribute included listing

the current set of internal peers. The LS MUST include this

attribute in the first UPDATE it sends to a peer after the peering

session is established.

5.10.3. Route Selection and ITAD Topology

This attribute is independent of any routing information in the

UPDATE. When an LS receives an UPDATE with an ITAD Topology

attribute, it MUST compute the set of LSs currently active in the

domain by performing a connectivity test on the ITAD topology as

given by the set of originated ITAD Topology attributes. The LS MUST

locally purge the Adj-TRIB-In for any LS that is no longer active in

the domain. The LS MUST NOT propagate this purging information to

other LSs as they will make a similar decision.

5.10.4. Aggregation and ITAD Topology

This information is not aggregated.

5.10.5. Route Dissemination and ITAD Topology

An LS MUST ignore the attribute if received from a peer in another

domain. An LS MUST NOT send this attribute to an inter-domain peer.

5.11. ConvertedRoute

Conditional Mandatory: False.

Required Flags: Well-known.

Potential Flags: None.

TRIP Type Code: 12.

The ConvertedRoute attribute indicates that an intermediate LS has

altered the route by changing the route's Application Protocol. For

example, if an LS receives a route with Application Protocol X and

changes the Application Protocol to Y before advertising the route to

an external peer, the LS MUST include the ConvertedRoute attribute.

The attribute is an indication that the advertised application

protocol will not be used end-to-end, i.e., the information

advertised about this route is not complete.

5.11.1. ConvertedRoute Syntax

This attribute has length zero (0); the value field is empty.

5.11.2. Route Origination and ConvertedRoute

Routes are never originated with the ConvertedRoute attribute.

5.11.3. Route Selection and ConvertedRoute

The ConvertedRoute attribute may be used in route selection - it

indicates that advertised routing information is not complete.

5.11.4. Aggregation and ConvertedRoute

If any of the routes to aggregate has the ConvertedRoute attribute,

then so MUST the resultant aggregate.

5.11.5. Route Dissemination and ConvertedRoute

If an LS changes the Application Protocol of a route before

advertising the route to an external peer, the LS MUST include the

ConvertedRoute attribute.

5.12. Considerations for Defining New TRIP Attributes

Any proposal for defining new TRIP attributes should specify the

following:

- the use of this attribute,

- the attribute's flags,

- the attribute's syntax,

- how the attribute works with route origination,

- how the attribute works with route aggregation, and

- how the attribute works with route dissemination and the

attribute's scope (e.g., intra-domain only like

LocalPreference)

IANA will manage the assignment of TRIP attribute type codes to new

attributes.

6. TRIP Error Detection and Handling

This section describes errors to be detected and the actions to be

taken while processing TRIP messages.

When any of the conditions described here are detected, a

NOTIFICATION message with the indicated Error Code, Error Subcode,

and Data fields MUST be sent, and the TRIP connection MUST be closed.

If no Error Subcode is specified, then a zero Subcode MUST be used.

The phrase "the TRIP connection is closed" means that the transport

protocol connection has been closed and that all resources for that

TRIP connection have been de-allocated. If the connection was

inter-domain, then routing table entries associated with the remote

peer MUST be marked as invalid. Routing table entries MUST NOT be

marked as invalid if an internal peering session is terminated. The

fact that the routes have been marked as invalid is passed to other

TRIP peers before the routes are deleted from the system.

Unless specified explicitly, the Data field of the NOTIFICATION

message that is sent to indicate an error MUST be empty.

6.1. Message Header Error Detection and Handling

All errors detected while processing the Message Header are indicated

by sending the NOTIFICATION message with the Error Code Message

Header Error. The Error Subcode elaborates on the specific nature of

the error. The error checks in this section MUST be performed by

each LS upon receipt of every message.

If the Length field of the message header is less than 3 or greater

than 4096, or if the Length field of an OPEN message is less than the

minimum length of the OPEN message, or if the Length field of an

UPDATE message is less than the minimum length of the UPDATE message,

or if the Length field of a KEEPALIVE message is not equal to 3, or

if the Length field of a NOTIFICATION message is less than the

minimum length of the NOTIFICATION message, then the Error Subcode

MUST be set to Bad Message Length. The Data field contains the

erroneous Length field.

If the Type field of the message header is not recognized, then the

Error Subcode MUST be set to "Bad Message Type." The Data field

contains the erroneous Type field.

6.2. OPEN Message Error Detection and Handling

All errors detected while processing the OPEN message are indicated

by sending the NOTIFICATION message with the Error Code "OPEN Message

Error." The Error Subcode elaborates on the specific nature of the

error. The error checks in this section MUST be performed by each LS

upon receipt of every OPEN message.

If the version number contained in the Version field of the received

OPEN message is not supported, then the Error Subcode MUST be set to

"Unsupported Version Number." The Data field is a 1-octet unsigned

integer, which indicates the largest locally supported version

number, which is less than the version of the remote TRIP peer bid

(as indicated in the received OPEN message).

If the ITAD field of the OPEN message is unacceptable, then the Error

Subcode MUST be set to "Bad Peer ITAD." The determination of

acceptable ITAD numbers is outside the scope of this protocol.

If the Hold Time field of the OPEN message is unacceptable, then the

Error Subcode MUST be set to "Unacceptable Hold Time." An

implementation MUST reject Hold Time values of one or two seconds.

An implementation MAY reject any proposed Hold Time. An

implementation that accepts a Hold Time MUST use the negotiated value

for the Hold Time.

If the TRIP Identifier field of the OPEN message is not valid, then

the Error Subcode MUST be set to "Bad TRIP Identifier." A TRIP

identifier is 4-octets in length and can take any value. An LS

considers the TRIP Identifier invalid if it already has an open

connection with another peer LS that has the same ITAD and TRIP

Identifier.

Any two LSs within the same ITAD MUST NOT have equal TRIP Identifier

values. This restriction does not apply to LSs in different ITADs

since the purpose is to uniquely identify an LS using its TRIP

Identifier and its ITAD number.

If one of the Optional Parameters in the OPEN message is not

recognized, then the Error Subcode MUST be set to "Unsupported

Optional Parameters."

If the Optional Parameters of the OPEN message include Capability

Information with an unsupported capability (unsupported in either

capability type or value), then the Error Subcode MUST be set to

"Unsupported Capability," and the entirety of the unsupported

capabilities MUST be listed in the Data field of the NOTIFICATION

message.

If the Optional Parameters of the OPEN message include Capability

Information which does not match the receiving LS's capabilities,

then the Error Subcode MUST be set to "Capability Mismatch," and the

entirety of the mismatched capabilities MUST be listed in the Data

field of the NOTIFICATION message.

6.3. UPDATE Message Error Detection and Handling

All errors detected while processing the UPDATE message are indicated

by sending the NOTIFICATION message with the Error Code "UPDATE

Message Error." The Error Subcode elaborates on the specific nature

of the error. The error checks in this section MUST be performed by

each LS upon receipt of every UPDATE message. These error checks

MUST occur before flooding procedures are invoked with internal

peers.

If any recognized attribute has Attribute Flags that conflict with

the Attribute Type Code, then the Error Subcode MUST be set to

"Attribute Flags Error." The Data field contains the erroneous

attribute (type, length and value).

If any recognized attribute has an Attribute Length that conflicts

with the expected length (based on the attribute type code), then the

Error Subcode MUST be set to "Attribute Length Error." The Data

field contains the erroneous attribute (type, length and value).

If any of the mandatory (i.e., conditional mandatory attribute and

the conditions for including it in the UPDATE message are fulfilled)

well-known attributes are not present, then the Error Subcode MUST be

set to "Missing Well-known Mandatory Attribute." The Data field

contains the Attribute Type Code of the missing well-known

conditional mandatory attributes.

If any of the well-known attributes are not recognized, then the

Error Subcode MUST be set to "Unrecognized Well-known Attribute."

The Data field contains the unrecognized attribute (type, length and

value).

If any attribute has a syntactically incorrect value, or an undefined

value, then the Error Subcode is set to "Invalid Attribute." The

Data field contains the incorrect attribute (type, length and value).

Such a NOTIFICATION message is sent, for example, when a

NextHopServer attribute is received with an invalid address.

The information carried by the AdvertisementPath attribute is checked

for ITAD loops. ITAD loop detection is done by scanning the full

AdvertisementPath, and checking that the ITAD number of the local

ITAD does not appear in the AdvertisementPath. If the local ITAD

number appears in the AdvertisementPath, then the route MAY be stored

in the Adj-TRIB-In. However unless the LS is configured to accept

routes with its own ITAD in the advertisement path, the route MUST

not be passed to the TRIP Decision Process. The operation of an LS

that is configured to accept routes with its own ITAD number in the

advertisement path are outside the scope of this document.

If the UPDATE message was received from an internal peer and either

the WithdrawnRoutes, ReachableRoutes, or ITAD Topology attribute does

not have the Link-State Encapsulation flag set, then the Error

Subcode is set to "Invalid Attribute" and the data field contains the

attribute. Likewise, the attribute is invalid if received from an

external peer and the Link-State Flag is set.

If any attribute appears more than once in the UPDATE message, then

the Error Subcode is set to "Malformed Attribute List."

6.4. NOTIFICATION Message Error Detection and Handling

If a peer sends a NOTIFICATION message, and there is an error in that

message, there is unfortunately no means of reporting this error via

a subsequent NOTIFICATION message. Any such error, such as an

unrecognized Error Code or Error Subcode, should be noticed, logged

locally, and brought to the attention of the administration of the

peer. The means to do this, however, are outside the scope of this

document.

6.5. Hold Timer Expired Error Handling

If a system does not receive successive messages within the period

specified by the negotiated Hold Time, then a NOTIFICATION message

with a "Hold Timer Expired" Error Code MUST be sent and the TRIP

connection MUST be closed.

6.6. Finite State Machine Error Handling

An error detected by the TRIP Finite State Machine (e.g., receipt of

an unexpected event) MUST result in sending a NOTIFICATION message

with the Error Code "Finite State Machine Error" and the TRIP

connection MUST be closed.

6.7. Cease

In the absence of any fatal errors (that are indicated in this

section), a TRIP peer MAY choose at any given time to close its TRIP

connection by sending the NOTIFICATION message with the Error Code

"Cease." However, the Cease NOTIFICATION message MUST NOT be used

when a fatal error indicated by this section exists.

6.8. Connection Collision Detection

If a pair of LSs try simultaneously to establish a transport

connection to each other, then two parallel connections between this

pair of speakers might well be formed. We refer to this situation as

connection collision. Clearly, one of these connections must be

closed.

Based on the value of the TRIP Identifier, a convention is

established for detecting which TRIP connection is to be preserved

when a collision occurs. The convention is to compare the TRIP

Identifiers of the peers involved in the collision and to retain only

the connection initiated by the LS with the higher-valued TRIP

Identifier.

Upon receipt of an OPEN message, the local LS MUST examine all of its

connections that are in the OpenConfirm state. An LS MAY also

examine connections in an OpenSent state if it knows the TRIP

Identifier of the peer by means outside of the protocol. If among

these connections there is a connection to a remote LS, whose TRIP

Identifier equals the one in the OPEN message, then the local LS MUST

perform the following collision resolution procedure:

The TRIP Identifier and ITAD of the local LS is compared to the TRIP

Identifier and ITAD of the remote LS (as specified in the OPEN

message). TRIP Identifiers are treated as 4-octet unsigned integers

for comparison.

If the value of the local TRIP Identifier is less than the remote

one, or if the two TRIP Identifiers are equal and the value of the

ITAD of the local LS is less than value of the ITAD of the remote LS,

then the local LS MUST close the TRIP connection that already exists

(the one that is already in the OpenConfirm state), and accept the

TRIP connection initiated by the remote LS:

1. Otherwise, the local LS closes the newly created TRIP

connection and continues to use the existing one (the one that

is already in the OpenConfirm state).

2. If a connection collision occurs with an existing TRIP

connection that is in the Established state, then the LS MUST

unconditionally close off the newly created connection. Note

that a connection collision cannot be detected with connections

in Idle, Connect, or Active states.

3. To close the TRIP connection (that results from the collision

resolution procedure), an LS MUST send a NOTIFICATION message

with the Error Code "Cease" and the TRIP connection MUST be

closed.

7. TRIP Version Negotiation

Peer LSs may negotiate the version of the protocol by making multiple

attempts to open a TRIP connection, starting with the highest version

number each supports. If an open attempt fails with an Error Code

"OPEN Message Error" and an Error Subcode "Unsupported Version

Number," then the LS has available the version number it tried, the

version number its peer tried, the version number passed by its peer

in the NOTIFICATION message, and the version numbers that it

supports. If the two peers support one or more common versions, then

this will allow them to rapidly determine the highest common version.

In order to support TRIP version negotiation, future versions of TRIP

must retain the format of the OPEN and NOTIFICATION messages.

8. TRIP Capability Negotiation

An LS MAY include the Capabilities Option in its OPEN message to a

peer to indicate the capabilities supported by the LS. An LS

receiving an OPEN message MUST NOT use any capabilities that were not

included in the OPEN message of the peer when communicating with that

peer.

9. TRIP Finite State Machine

This section specifies TRIP operation in terms of a Finite State

Machine (FSM). Following is a brief summary and overview of TRIP

operations by state as determined by this FSM. A condensed version

of the TRIP FSM is found in Appendix 1. There is one TRIP FSM per

peer and these FSMs operate independently.

Idle state:

Initially TRIP is in the Idle state for each peer. In this state,

TRIP refuses all incoming connections. No resources are allocated to

the peer. In response to the Start event (initiated by either the

system or the operator), the local system initializes all TRIP

resources, starts the ConnectRetry timer, initiates a transport

connection to the peer, starts listening for a connection that may be

initiated by the remote TRIP peer, and changes its state to Connect.

The exact value of the ConnectRetry timer is a local matter, but

should be sufficiently large to allow TCP initialization.

If an LS detects an error, it closes the transport connection and

changes its state to Idle. Transitioning from the Idle state

requires generation of the Start event. If such an event is

generated automatically, then persistent TRIP errors may result in

persistent flapping of the LS. To avoid such a condition, Start

events MUST NOT be generated immediately for a peer that was

previously transitioned to Idle due to an error. For a peer that was

previously transitioned to Idle due to an error, the time between

consecutive Start events, if such events are generated automatically,

MUST exponentially increase. The value of the initial timer SHOULD

be 60 seconds, and the time SHOULD be at least doubled for each

consecutive retry up to some maximum value.

Any other event received in the Idle state is ignored.

Connect State:

In this state, an LS is waiting for a transport protocol connection

to be completed to the peer, and is listening for inbound transport

connections from the peer.

If the transport protocol connection succeeds, the local LS clears

the ConnectRetry timer, completes initialization, sends an OPEN

message to its peer, sets its Hold Timer to a large value, and

changes its state to OpenSent. A Hold Timer value of 4 minutes is

suggested.

If the transport protocol connect fails (e.g., retransmission

timeout), the local system restarts the ConnectRetry timer, continues

to listen for a connection that may be initiated by the remote LS,

and changes its state to Active state.

In response to the ConnectRetry timer expired event, the local LS

cancels any outstanding transport connection to the peer, restarts

the ConnectRetry timer, initiates a transport connection to the

remote LS, continues to listen for a connection that may be initiated

by the remote LS, and stays in the Connect state.

If the local LS detects that a remote peer is trying to establish a

connection to it and the IP address of the peer is not an expected

one, then the local LS rejects the attempted connection and continues

to listen for a connection from its expected peers without changing

state.

If an inbound transport protocol connection succeeds, the local LS

clears the ConnectRetry timer, completes initialization, sends an

OPEN message to its peer, sets its Hold Timer to a large value, and

changes its state to OpenSent. A Hold Timer value of 4 minutes is

suggested.

The Start event is ignored in the Connect state.

In response to any other event (initiated by either the system or the

operator), the local system releases all TRIP resources associated

with this connection and changes its state to Idle.

Active state:

In this state, an LS is listening for an inbound connection from the

peer, but is not in the process of initiating a connection to the

peer.

If an inbound transport protocol connection succeeds, the local LS

clears the ConnectRetry timer, completes initialization, sends an

OPEN message to its peer, sets its Hold Timer to a large value, and

changes its state to OpenSent. A Hold Timer value of 4 minutes is

suggested.

In response to the ConnectRetry timer expired event, the local system

restarts the ConnectRetry timer, initiates a transport connection to

the TRIP peer, continues to listen for a connection that may be

initiated by the remote TRIP peer, and changes its state to Connect.

If the local LS detects that a remote peer is trying to establish a

connection to it and the IP address of the peer is not an expected

one, then the local LS rejects the attempted connection and continues

to listen for a connection from its expected peers without changing

state.

Start event is ignored in the Active state.

In response to any other event (initiated by either the system or the

operator), the local system releases all TRIP resources associated

with this connection and changes its state to Idle.

OpenSent state:

In this state, an LS has sent an OPEN message to its peer and is

waiting for an OPEN message from its peer. When an OPEN message is

received, all fields are checked for correctness. If the TRIP

message header checking or OPEN message checking detects an error

(see Section 6.2) or a connection collision (see Section 6.8), the

local system sends a NOTIFICATION message and changes its state to

Idle.

If there are no errors in the OPEN message, TRIP sends a KEEPALIVE

message and sets a KeepAlive timer. The Hold Timer, which was

originally set to a large value (see above), is replaced with the

negotiated Hold Time value (see Section 4.2). If the negotiated Hold

Time value is zero, then the Hold Time timer and KeepAlive timers are

not started. If the value of the ITAD field is the same as the local

ITAD number, then the connection is an "internal" connection;

otherwise, it is "external" (this will affect UPDATE processing).

Finally, the state is changed to OpenConfirm.

If the local LS detects that a remote peer is trying to establish a

connection to it and the IP address of the peer is not an expected

one, then the local LS rejects the attempted connection and continues

to listen for a connection from its expected peers without changing

state.

If a disconnect notification is received from the underlying

transport protocol, the local LS closes the transport connection,

restarts the ConnectRetry timer, continues to listen for a connection

that may be initiated by the remote TRIP peer, and goes into the

Active state.

If the Hold Timer expires, the local LS sends a NOTIFICATION message

with the Error Code "Hold Timer Expired" and changes its state to

Idle.

In response to the Stop event (initiated by either system or

operator) the local LS sends a NOTIFICATION message with the Error

Code "Cease" and changes its state to Idle.

The Start event is ignored in the OpenSent state.

In response to any other event the local LS sends a NOTIFICATION

message with the Error Code "Finite State Machine Error" and changes

its state to Idle.

Whenever TRIP changes its state from OpenSent to Idle, it closes the

transport connection and releases all resources associated with that

connection.

OpenConfirm state:

In this state, an LS has sent an OPEN to its peer, received an OPEN

from its peer, and sent a KEEPALIVE in response to the OPEN. The LS

is now waiting for a KEEPALIVE or NOTIFICATION message in response to

its OPEN.

If the local LS receives a KEEPALIVE message, it changes its state to

Established.

If the Hold Timer expires before a KEEPALIVE message is received, the

local LS sends NOTIFICATION message with the Error Code "Hold Timer

Expired" and changes its state to Idle.

If the local LS receives a NOTIFICATION message, it changes its state

to Idle.

If the KeepAlive timer expires, the local LS sends a KEEPALIVE

message and restarts its KeepAlive timer.

If a disconnect notification is received from the underlying

transport protocol, the local LS closes the transport connection,

restarts the ConnectRetry timer, continues to listen for a connection

that may be initiated by the remote TRIP peer, and goes into the

Active state.

In response to the Stop event (initiated by either the system or the

operator) the local LS sends NOTIFICATION message with the Error Code

"Cease" and changes its state to Idle.

The Start event is ignored in the OpenConfirm state.

In response to any other event the local LS sends a NOTIFICATION

message with the Error Code "Finite State Machine Error" and changes

its state to Idle.

Whenever TRIP changes its state from OpenConfirm to Idle, it closes

the transport connection and releases all resources associated with

that connection.

Established state:

In the Established state, an LS can exchange UPDATE, NOTIFICATION,

and KEEPALIVE messages with its peer.

If the negotiated Hold Timer is zero, then no procedures are

necessary for keeping a peering session alive. If the negotiated

Hold Time value is non-zero, the procedures of this paragraph apply.

If the Hold Timer expires, the local LS sends a NOTIFICATION message

with the Error Code "Hold Timer Expired" and changes its state to

Idle. If the KeepAlive Timer expires, then the local LS sends a

KeepAlive message and restarts the KeepAlive Timer. If the local LS

receives an UPDATE or KEEPALIVE message, then it restarts its Hold

Timer. Each time the LS sends an UPDATE or KEEPALIVE message, it

restarts its KeepAlive Timer.

If the local LS receives a NOTIFICATION message, it changes its state

to Idle.

If the local LS receives an UPDATE message and the UPDATE message

error handling procedure (see Section6.3) detects an error, the local

LS sends a NOTIFICATION message and changes its state to Idle.

If a disconnect notification is received from the underlying

transport protocol, the local LS changes its state to Idle.

In response to the Stop event (initiated by either the system or the

operator), the local LS sends a NOTIFICATION message with the Error

Code "Cease" and changes its state to Idle.

The Start event is ignored in the Established state.

In response to any other event, the local LS sends a NOTIFICATION

message with Error Code "Finite State Machine Error" and changes its

state to Idle.

Whenever TRIP changes its state from Established to Idle, it closes

the transport connection and releases all resources associated with

that connection. Additionally, if the peer is an external peer, the

LS deletes all routes derived from that connection.

10. UPDATE Message Handling

An UPDATE message may be received only in the Established state.

When an UPDATE message is received, each field is checked for

validity as specified in Section 6.3. The rest of this section

presumes that the UPDATE message has passed the error-checking

procedures of Section 6.3.

If the UPDATE message was received from an internal peer, the

flooding procedures of Section 10.1 MUST be applied. The flooding

process synchronizes the Loc-TRIBs of all LSs within the domain.

Certain routes within the UPDATE may be marked as old or duplicates

by the flooding process and are ignored during the rest of the UPDATE

processing.

If the UPDATE message contains withdrawn routes, then the

corresponding previously advertised routes shall be removed from the

Adj-TRIB-In. This LS MUST rerun its Decision Process since the

previously advertised route is no longer available for use.

If the UPDATE message contains a route, then the route MUST be placed

in the appropriate Adj-TRIB-In, and the following additional actions

MUST be taken:

1. If its destinations are identical to those of a route currently

stored in the Adj-TRIB-In, then the new route MUST replace the

older route in the Adj-TRIB-In, thus implicitly withdrawing the

older route from service. The LS MUST rerun its Decision

Process since the older route is no longer available for use.

2. If the new route is more specific than an earlier route

contained in the Adj-TRIB-In and has identical attributes, then

no further actions are necessary.

3. If the new route is more specific than an earlier route

contained in the Adj-TRIB-In but does not have identical

attributes, then the LS MUST run its Decision Process since the

more specific route has implicitly made a portion of the less

specific route unavailable for use.

4. If the new route has destinations that are not present in any

of the routes currently stored in the Adj-TRIB-In, then the LS

MUST run its Decision Process.

5. If the new route is less specific than an earlier route

contained in the Adj-TRIB-In, the LS MUST run its Decision

Process on the set of destinations that are described only by

the less specific route.

10.1. Flooding Process

When an LS receives an UPDATE message from an internal peer, the LS

floods the new information from that message to all of its other

internal peers. Flooding is used to efficiently synchronize all of

the LSs within a domain without putting any constraints on the

domain's internal topology. The flooding mechanism is based on the

techniques used in OSPF [4] and SCSP [6]. One may argue that TRIP's

flooding process is in reality a controlled broadcast mechanism.

10.1.1. Database Information

The LS MUST maintain the sequence number and originating TRIP

identifier for each link-state encapsulated attribute in an internal

Adj-TRIB-In. These values are included with the route in the

ReachableRoutes, WithdrawnRoutes, and ITAD Topology attributes. The

originating TRIP identifier gives the internal LS that originated

this route into the ITAD, the sequence number gives the version of

this route at the originating LS.

10.1.2. Determining Newness

For each route in the ReachableRoutes or WithdrawnRoutes field, the

LS decides if the route is new or old. This is determined by

comparing the Sequence Number of the route in the UPDATE with the

Sequence Number of the route saved in the Adj-TRIB-In. The route is

new if either the route does not exist in the Adj-TRIB-In for the

originating LS, or if the route does exist in the Adj-TRIB-In but the

Sequence Number in the UPDATE is greater than the Sequence Number

saved in the Adj-TRIBs-In. Note that the newness test is

independently applied to each link-state encapsulated attribute in

the UPDATE (WithdrawnRoutes or ReachableRoutes or ITAD Topology).

10.1.3. Flooding

Each route in the ReachableRoutes or WithdrawnRoutes field that is

determined to be old is ignored in further processing. If the route

is determined to be new then the following actions occur.

If the route is being withdrawn, then the LS MUST flood the withdrawn

route to all other internal peers, and MUST mark the route as

withdrawn. An LS MUST maintain routes marked as withdrawn in its

databases for MaxPurgeTime seconds.

If the route is being updated, then the LS MUST update the route in

the Adj-TRIB-In and MUST flood it to all other internal peers.

If these procedures result in changes to the Adj-TRIB-In, then the

route is also made available for local route processing as described

early in Section 10.

To implement flooding, the following is recommended. All routes

received in a single UPDATE message that are determined to be new

should be forwarded to all other internal peers in a single UPDATE

message. Other variations of flooding are possible, but the local LS

MUST ensure that each new route (and any associated attributes)

received from an internal peer get forwarded to every other internal

peer.

10.1.4. Sequence Number Considerations

The Sequence Number is used to determine when one version of a Route

is newer than another version of a route. A larger Sequence Number

indicates a newer version. The Sequence Number is assigned by the LS

originating the route into the local ITAD. The Sequence Number is an

unsigned 4-octet integer in the range of 1 thru 2^31-1 MinSequenceNum

thru MaxSequenceNum). The value 0 is reserved. When an LS first

originates a route (including when the LS restarts/reboots) into its

ITAD, it MUST originate it with a Sequence Number of MinSequenceNum.

Each time the route is updated within the ITAD by the originator, the

Sequence Number MUST be increased.

If it is ever the case that the sequence number is MaxSequenceNum-1

and it needs to be increased, then the TRIP module of the LS MUST be

disabled for a period of TripDisableTime so that all routes

originated by this LS with high sequence numbers can be removed.

10.1.5. Purging a Route Within the ITAD

To withdraw a route that it originated within the ITAD, an LS

includes the route in the WithdrawnRoutes field of an UPDATE message.

The Sequence Number MUST be greater than the last valid version of

the route. The LS MAY choose to use a sequence number of

MaxSequenceNum when withdrawing routes within its ITAD, but this is

not required.

After withdrawing a route, an LS MUST mark the route as "withdrawn"

in its database, and maintain the withdrawn route in its database for

MaxPurgeTime seconds. If the LS needs to re-originate a route that

had been purged but is still in its database, it can either re-

originate the route immediately using a Sequence Number that is

greater than that used in the withdraw, or the LS may wait until

MaxPurgeTime seconds have expired since the route was withdrawn.

10.1.6. Receiving Self-Originated Routes

It is common for an LS to receive UPDATES for routes that it

originated within the ITAD via the flooding procedure. If the LS

receives an UPDATE for a route that it originated that is newer (has

a higher sequence number) than the LSs current version, then special

actions must be taken. This should be a relatively rare occurrence

and indicates that a route still exists within the ITAD since the LSs

last restart/reboot.

If an LS receives a self-originated route update that is newer than

the current version of the route at the LS, then the following

actions MUST be taken. If the LS still wishes to advertise the

information in the route, then the LS MUST increase the Sequence

Number of the route to a value greater than that received in the

UPDATE and re-originate the route. If the LS does not wish to

continue to advertise the route, then it MUST purge the route as

described in Section 10.1.5.

10.1.7. Removing Withdrawn Routes

An LS SHOULD ensure that routes marked as withdrawn are removed from

the database in a timely fashion after the MaxPurgeTime has expired.

This could be done, for example, by periodically sweeping the

database, and deleting those entries that were withdrawn more than

MaxPurgeTime seconds ago.

10.2. Decision Process

The Decision Process selects routes for subsequent advertisement by

applying the policies in the local Policy Information Base (PIB) to

the routes stored in its Adj-TRIBs-In. The output of the Decision

process is the set of routes that will be advertised to all peers;

the selected routes will be stored in the local LS's Adj-TRIBs-Out.

The selection process is formalized by defining a function that takes

the attributes of a given route as an argument and returns a non-

negative integer denoting the degree of preference for the route.

The function that calculates the degree of preference for a given

route shall not use as its inputs any of the following: the

existence of other routes, the non-existence of other routes, or the

attributes of other routes. Route selection then consists of an

individual application of the degree of preference function to each

feasible route, followed by the choice of the one with the highest

degree of preference.

All internal LSs in an ITAD MUST run the Decision Process and apply

the same decision criteria, otherwise it will not be possible to

synchronize their Loc-TRIBs.

The Decision Process operates on routes contained in each Adj-TRIBs-

In, and is responsible for:

- selection of routes to be advertised to internal peers

- selection of routes to be advertised to external peers

- route aggregation and route information reduction

The Decision Process takes place in three distinct phases, each

triggered by a different event:

- Phase 1 is responsible for calculating the degree of preference

for each route received from an external peer.

- Phase 2 is invoked on completion of phase 1. It is responsible

for choosing the best route out of all those available for each

distinct destination, and for installing each chosen route into

the Loc-TRIB.

- Phase 3 is invoked after the Loc-TRIB has been modified. It is

responsible for disseminating routes in the Loc-TRIB to each

external peer, according to the policies contained in the PIB.

Route aggregation and information reduction can optionally be

performed within this phase.

10.2.1. Phase 1: Calculation of Degree of Preference

The Phase 1 decision function shall be invoked whenever the local LS

receives from a peer an UPDATE message that advertises a new route, a

replacement route, or a withdrawn route.

The Phase 1 decision function is a separate process that is completed

when it has no further work to do.

The Phase 1 decision function shall lock an Adj-TRIB-In prior to

operating on any route contained within it, and shall unlock it after

operating on all new or replacement routes contained within it.

The local LS MUST determine a degree of preference for each newly

received or replacement route. If the route is learned from an

internal peer, the value of the LocalPreference attribute MUST be

taken as the degree of preference. If the route is learned from an

external peer, then the degree of preference MUST be computed based

on pre-configured policy information and used as the LocalPreference

value in any intra-domain TRIP advertisement. The exact nature of

this policy information and the computation involved is a local

matter.

The output of the degree of preference determination process is the

local preference of a route. The local LS computes the local

preference of routes learned from external peers or originated

internally at that LS. The local preference of a route learned from

an internal peer is included in the LocalPreference attribute

associated with that route.

10.2.2. Phase 2: Route Selection

The Phase 2 decision function shall be invoked on completion of Phase

1. The Phase 2 function is a separate process that completes when it

has no further work to do. Phase 2 consists of two sub-phases: 2a

and 2b. The same route selection function is applied in both sub-

phases, but the inputs to each phase are different. The Phase 2a

process MUST consider as inputs all external routes, that are present

in the Adj-TRIBs-In of external peers, and all local routes. The

output of Phase 2a is inserted into the Ext-TRIB. The Phase 2b

process shall be invoked upon completion of Phase 2a and it MUST

consider as inputs all routes in the Ext-TRIB and all routes that are

present in the Adj-TRIBs-In of internal LSs. The output of Phase 2b

is stored in the Loc-TRIB.

The Phase 2 decision function MUST be blocked from running while the

Phase 3 decision function is in process. The Phase 2 function MUST

lock all Adj-TRIBs-In and the Ext-TRIB prior to commencing its

function, and MUST unlock them on completion.

If the LS determines that the NextHopServer listed in a route is

unreachable, then the route MAY be excluded from the Phase 2 decision

function. The means by which such a determination is made is not

mandated here.

For each set of destinations for which one or more routes exist, the

local LS's route selection function MUST identify the route that has:

- the highest degree of preference, or

- is selected as a result of the tie breaking rules specified in

10.2.2.1.

Withdrawn routes MUST be removed from the Loc-TRIB, Ext-TRIB, and the

Adj-TRIBs-In.

10.2.2.1. Breaking Ties (Phase 2)

Several routes to the same destination that have the same degree of

preference may be input to the Phase 2 route selection function. The

local LS can select only one of these routes for inclusion in the

associated Ext-TRIB (Phase 2a) or Loc-TRIB (Phase 2b). The local LS

considers all routes with the same degrees of preference. The

following algorithm shall be used to break ties.

- If the local LS is configured to use the MultiExitDisc

attribute to break ties, and candidate routes received from the

same neighboring ITAD differ in the value of the MultiExitDisc

attribute, then select the route that has the larger value of

MultiExitDisc.

- If at least one of the routes was originated by an internal LS,

select the route route that was advertised by the internal LS

that has the lowest TRIP ID.

- Otherwise, select the route that was advertised by the neighbor

domain that has the lowest ITAD number.

10.2.3. Phase 3: Route Dissemination

The Phase 3 decision function MUST be invoked upon completion of

Phase 2 if Phase 2 results in changes to the Loc-TRIB or when a new

LS-to-LS peer session is established.

The Phase 3 function is a separate process that is completed when it

has no further work to do. The Phase 3 routing decision function

MUST be blocked from running while the Phase 2 decision function is

in process.

All routes in the Loc-TRIB shall be processed into a corresponding

entry in the associated Adj-TRIBs-Out. Route aggregation and

information reduction techniques (see 10.3.4) MAY optionally be

applied.

When the updating of the Adj-TRIBs-Out is complete, the local LS MUST

run the external update process of 10.3.2.

10.2.4. Overlapping Routes

When overlapping routes are present in the same Adj-TRIB-In, the more

specific route shall take precedence, in order, from most specific to

least specific.

The set of destinations described by the overlap represents a portion

of the less specific route that is feasible, but is not currently in

use. If a more specific route is later withdrawn, the set of

destinations described by the more specific route will still be

reachable using the less specific route.

If an LS receives overlapping routes, the Decision Process MUST take

into account the semantics of the overlapping routes. In particular,

if an LS accepts the less specific route while rejecting the more

specific route from the same peer, then the destinations represented

by the overlap may not forward along the domains listed in the

AdvertisementPath attribute of that route. Therefore, an LS has the

following choices:

1. Install both the less and the more specific routes

2. Install the more specific route only

3. Install the non-overlapping part of the less specific route

only (that implies disaggregation of the less-specific route)

4. Aggregate the two routes and install the aggregated route

5. Install the less specific route only

6. Install neither route

If an LS chooses 5), then it SHOULD add AtomicAggregate attribute to

the route. A route that carries AtomicAggregate attribute MUST NOT

be de-aggregated. That is, the route cannot be made more specific.

Forwarding along such a route does not guarantee that route traverses

only domains listed in the RoutedPath of the route. If an LS chooses

1), then it MUST NOT advertise the less specific route without the

more specific route.

10.3. Update-Send Process

The Update-Send process is responsible for advertising UPDATE

messages to all peers. For example, it distributes the routes chosen

by the Decision Process to other LSs that may be located in either

the same ITAD or a neighboring ITAD. Rules for information exchange

between peer LSs located in different ITADs are given in 10.3.2;

rules for information exchange between peer LSs located in the same

ITAD are given in 10.3.1.

Before forwarding routes to peers, an LS MUST determine which

attributes should be forwarded along with that route. If a not

well-known non-transitive attribute is unrecognized, it is quietly

ignored. If a not well-known dependent-transitive attribute is

unrecognized, and the NextHopServer attribute has been changed by the

LS, the unrecognized attribute is quietly ignored. If a not well-

known dependent-transitive attribute is unrecognized, and the

NextHopServer attribute has not been modified by the LS, the Partial

bit in the attribute flags octet is set to 1, and the attribute is

retained for propagation to other TRIP speakers. Similarly, if an

not well-known independent-transitive attribute is unrecognized, the

Partial bit in the attribute flags octet is set to 1, and the

attribute is retained for propagation to other TRIP speakers.

If a not well-known attribute is recognized, and has a valid value,

then, depending on the type of the not well-known attribute, it is

updated, if necessary, for possible propagation to other TRIP

speakers.

10.3.1. Internal Updates

The Internal update process is concerned with the distribution of

routing information to internal peers.

When an LS receives an UPDATE message from another TRIP LS located in

its own ITAD, it is flooded as described in Section 10.1.

When an LS receives a new route from an LS in a neighboring ITAD, or

if a local route is injected into TRIP, the LS determines the

preference of that route. If the new route has the highest degree of

preference for all external routes and local routes to a given

destination (or if the route was selected via a tie-breaking

procedure as specified in 10.3.1.1), the LS MUST insert that new

route into the Ext-TRIB database and the LS MUST advertise that route

to all other LSs in its ITAD by means of an UPDATE message. The LS

MUST advertise itself as the Originator of that route within the

ITAD.

When an LS receives an UPDATE message with a non-empty

WithdrawnRoutes attribute from an external peer, or if a local route

is withdrawn from TRIP, the LS MUST remove from its Adj-TRIB-In all

routes whose destinations were carried in this field. If the

withdrawn route was previously selected into the Ext-TRIB, the LS

MUST take the following additional steps:

- If a new route is selected for advertisement for those

destinations, then the LS MUST insert the replacement route

into Ext-TRIB to replace the withdrawn route and advertise it

to all internal LSs.

- If a replacement route is not available for advertisement, then

the LS MUST include the destinations of the route in the

WithdrawnRoutes attribute of an UPDATE message, and MUST send

this message to each internal peer. The LS MUST also remove

the withdrawn route from the Ext-TRIB.

10.3.1.1. Breaking Ties (Routes Received from External Peers)

If an LS has connections to several external peers, there will be

multiple Adj-TRIBs-In associated with these peers. These databases

might contain several equally preferable routes to the same

destination, all of which were advertised by external peers. The

local LS shall select one of these routes according to the following

rules:

- If the LS is configured to use the MultiExitDisc attribute to

break ties, and the candidate routes differ in the value of the

MultiExitDisc attribute, then select the route that has the

lowest value of MultiExitDisc, else

- Select the route that was advertised by the external LS that

has the lowest TRIP Identifier.

10.3.2. External Updates

The external update process is concerned with the distribution of

routing information to external peers. As part of the Phase 3 route

selection process, the LS has updated its Adj-TRIBs-Out. All newly

installed routes and all newly unfeasible routes for which there is

no replacement route MUST be advertised to external peers by means of

UPDATE messages.

Any routes in the Loc-TRIB marked as withdrawn MUST be removed.

Changes to the reachable destinations within its own ITAD SHALL also

be advertised in an UPDATE message.

10.3.3. Controlling Routing Traffic Overhead

The TRIP protocol constrains the amount of routing traffic (that is,

UPDATE messages) in order to limit both the link bandwidth needed to

advertise UPDATE messages and the processing power needed by the

Decision Process to digest the information contained in the UPDATE

messages.

10.3.3.1. Frequency of Route Advertisement

The parameter MinRouteAdvertisementInterval determines the minimum

amount of time that must elapse between advertisements of routes to a

particular destination from a single LS. This rate limiting

procedure applies on a per-destination basis, although the value of

MinRouteAdvertisementInterval is set on a per LS peer basis.

Two UPDATE messages sent from a single LS that advertise feasible

routes to some common set of destinations received from external

peers MUST be separated by at least MinRouteAdvertisementInterval.

Clearly, this can only be achieved precisely by keeping a separate

timer for each common set of destinations. This would be unwarranted

overhead. Any technique which ensures that the interval between two

UPDATE messages sent from a single LS that advertise feasible routes

to some common set of destinations received from external peers will

be at least MinRouteAdvertisementInterval, and will also ensure that

a constant upper bound on the interval is acceptable.

Two UPDATE messages, sent from a single LS to an external peer, that

advertise feasible routes to some common set of destinations received

from internal peers MUST be separated by at least

MinRouteAdvertisementInterval.

Since fast convergence is needed within an ITAD, this rate limiting

procedure does not apply to routes received from internal peers and

being broadcast to other internal peers. To avoid long-lived black

holes, the procedure does not apply to the explicit withdrawal of

routes (that is, routes whose destinations explicitly withdrawn by

UPDATE messages).

This procedure does not limit the rate of route selection, but only

the rate of route advertisement. If new routes are selected multiple

times while awaiting the expiration of MinRouteAdvertisementInterval,

the last route selected shall be advertised at the end of

MinRouteAdvertisementInterval.

10.3.3.2. Frequency of Route Origination

The parameter MinITADOriginationInterval determines the minimum

amount of time that must elapse between successive advertisements of

UPDATE messages that report changes within the advertising LS's own

ITAD.

10.3.3.3. Jitter

To minimize the likelihood that the distribution of TRIP messages by

a given LS will contain peaks, jitter should be applied to the timers

associated with MinITADOriginationInterval, KeepAlive, and

MinRouteAdvertisementInterval. A given LS shall apply the same

jitter to each of these quantities regardless of the destinations to

which the updates are being sent; that is, jitter will not be applied

on a "per peer" basis.

The amount of jitter to be introduced shall be determined by

multiplying the base value of the appropriate timer by a random

factor that is uniformly distributed in the range from 0.75 to 1.0.

10.3.4. Efficient Organization of Routing Information

Having selected the routing information that it will advertise, a

TRIP speaker may use methods to organize this information in an

efficient manner. These methods are discussed in the following

sections.

10.3.4.1. Information Reduction

Information reduction may imply a reduction in granularity of policy

control - after information has collapsed, the same policies will

apply to all destinations and paths in the equivalence class.

The Decision Process may optionally reduce the amount of information

that it will place in the Adj-TRIBs-Out by any of the following

methods:

- ReachableRoutes: A set of destinations can be usually

represented in compact form. For example, a set of E.164 phone

numbers can be represented in more compact form using E.164

prefixes.

- AdvertisementPath: AdvertisementPath information can be

represented as ordered AP_SEQUENCEs or unordered AP_SETs.

AP_SETs are used in the route aggregation algorithm described

in Section 5.4.4. They reduce the size of the AP_PATH

information by listing each ITAD number only once, regardless

of how many times it may have appeared in multiple

advertisement paths that were aggregated.

An AP_SET implies that the destinations advertised in the UPDATE

message can be reached through paths that traverse at least some of

the constituent ITADs. AP_SETs provide sufficient information to

avoid route looping; however their use may prune potentially feasible

paths, since such paths are no longer listed individually as in the

form of AP_SEQUENCEs. In practice this is not likely to be a

problem, since once a call arrives at the edge of a group of ITADs,

the LS at that point is likely to have more detailed path information

and can distinguish individual paths to destinations.

10.3.4.2. Aggregating Routing Information

Aggregation is the process of combining the characteristics of

several different routes in such a way that a single route can be

advertised. Aggregation can occur as part of the decision process to

reduce the amount of routing information that is placed in the Adj-

TRIBs-Out.

Aggregation reduces the amount of information an LS must store and

exchange with other LSs. Routes can be aggregated by applying the

following procedure separately to attributes of like type.

Routes that have the following attributes shall not be aggregated

unless the corresponding attributes of each route are identical:

MultiExitDisc, NextHopServer.

Attributes that have different type codes cannot be aggregated.

Attributes of the same type code may be aggregated. The rules for

aggregating each attribute MUST be provided together with attribute

definition. For example, aggregation rules for TRIP's basic

attributes, e.g., ReachableRoutes and AdvertisementPath, are given in

Section 5.

10.4. Route Selection Criteria

Generally speaking, additional rules for comparing routes among

several alternatives are outside the scope of this document. There

are two exceptions:

- If the local ITAD appears in the AdvertisementPath of the new

route being considered, then that new route cannot be viewed as

better than any other route. If such a route were ever used, a

routing loop could result (see Section 6.3).

- In order to achieve successful distributed operation, only

routes with a likelihood of stability can be chosen. Thus, an

ITAD must avoid using unstable routes, and it must not make

rapid spontaneous changes to its choice of route. Quantifying

the terms "unstable" and "rapid" in the previous sentence will

require experience, but the principle is clear.

10.5. Originating TRIP Routes

An LS may originate local routes by injecting routing information

acquired by some other means (e.g. via an intra-domain routing

protocol or through manual configuration or some dynamic registration

mechanism/protocol) into TRIP. An LS that originates TRIP routes

shall assign the degree of preference to these routes by passing them

through the Decision Process (see Section 10.2). To TRIP, local

routes are identical to external routes and are subjected to the same

two phase route selection mechanism. A local route which is selected

into the Ext-TRIB MUST be advertised to all internal LSs. The

decision whether to distribute non-TRIP acquired routes within an

ITAD via TRIP or not depends on the environment within the ITAD (e.g.

type of intra-domain routing protocol) and should be controlled via

configuration.

11. TRIP Transport

This specification defines the use of TCP as the transport layer for

TRIP. TRIP uses TCP port 6069. Running TRIP over other transport

protocols is for further study.

12. ITAD Topology

There are no restrictions on the intra-domain topology of TRIP LSs.

For example, LSs in an ITAD can be configured in a full mesh, star,

or any other connected topology. Similarly, there are no

restrictions on the topology of TRIP ITADs. For example, the ITADs

can be organized in a flat topology (mesh or ring) or in multi-level

hierarchy or any other topology.

The border between two TRIP ITADs may be located either on the link

between two TRIP LSs or it may coincide on a TRIP LS. In the latter

case, the same TRIP LS will be member in more than one ITAD, and it

appears to be an internal peer to LSs in each ITAD it is member of.

13. IANA Considerations

This document creates a new IANA registry for TRIP parameters. The

following TRIP parameters are included in the registry:

- TRIP Capabilities

- TRIP Attributes

- TRIP Address Families

- TRIP Application Protocols

- TRIP ITAD Numbers

Protocol parameters are frequently initialized/reset to 0. This

document reserves the value 0 of each of the above TRIP parameters in

order to clearly distinguish between an unset parameter and any other

registered values for that parameter.

The sub-registries for each of the above parameters are discussed in

the sections below.

13.1. TRIP Capabilities

Requests to add TRIP capabilities other than those defined in Section

4.2.1.1 must be submitted to iana@iana.org. Following the assigned

number policies outlined in [11], Capability Codes in the range

32768-65535 are reserved for Private Use (these are the codes with

the first bit of the code value equal to 1). This document reserves

value 0. Capability Codes 1 and 2 have been assigned in Section

4.2.1.1. Capability Codes in the range 2-32767 are controlled by

IANA, and are allocated subject to the Specification Required (IETF

RFCor equivalent) condition. The specification MUST include a

description of the capability, the possible values it may take, and

what constitutes a capability mismatch.

13.2. TRIP Attributes

This document reserves Attribute Type Codes 224-255 for Private Use

(these are the codes with the first three bits of the code equal to

1). This document reserves the value 0. Attribute Type Codes 1

through 11 have already been allocated by this document. Attribute

Type Codes 1 through 11 are defined in Sections 5.1 through 5.11.

Attribute Type Codes in the range 12-223 are controlled by IANA, and

require a Specification document (RFCor equivalent). The

specification MUST provide all information required in Section 5.12

of this document.

Attribute Type Code registration requests must be sent to

iana@iana.org. In addition to the specification requirement, the

request MUST include an indication of who has change control over the

attribute and contact information (postal and email address).

13.3. Destination Address Families

This document reserves address family 0. Requests to add TRIP address

families other than those defined in Section 5.1.1.1 ( address

families 1, 2, and 3), i.e., in the range 4-32767, must be submitted

to iana@iana.org. The request MUST include a brief description of

the address family, its alphabet, and special processing rules and

guidelines, such as guidelines for aggregation, if any. The requests

are subject to Expert Review. This document reserves the address

family codes 32768-65535 for vendor-specific applications.

13.4. TRIP Application Protocols

This document creates a new IANA registry for TRIP application

protocols. This document reserves the application protocol code 0.

Requests to add TRIP application protocols other than those defined

in Section 5.1.1.1 (application protocols 1 through 4), i.e., in the

range 5-32767, must be submitted to iana@iana.org. The request MUST

include a brief background on the application protocol, and a

description of how TRIP can be used to advertise routes for that

protocol. The requests are subject to Expert Review. This document

reserves the application protocol codes 32768-65535 for vendor-

specific applications.

13.5. ITAD Numbers

This document reserves the ITAD number 0. ITAD numbers in the range

1-255 are designated for Private Use. ITAD numbers in the range from

256 to (2**32)-1 are allocated by IANA on a First-Come-First-Serve

basis. Requests for ITAD numbers must be submitted to iana@iana.org.

The requests MUST include the following:

- Information about the organization that will administer the

ITAD.

- Contact information (postal and email address).

14. Security Considerations

This section covers security between peer TRIP LSs when TRIP runs

over TCP in an IP environment.

A security mechanism is clearly needed to prevent unauthorized

entities from using the protocol defined in this document for setting

up unauthorized peer sessions with other TRIP LSs or interfering with

authorized peer sessions. The security mechanism for the protocol,

when transported over TCP in an IP network, is IPsec [12]. IPsec

uses two protocols to provide traffic security: Authentication Header

(AH) [13] and Encapsulating Security Payload (ESP) [14].

The AH header affords data origin authentication, connectionless

integrity and optional anti-replay protection of messages passed

between the peer LSs. The ESP header provides origin authentication,

connectionless integrity, anti-replay protection, and confidentiality

of messages.

Implementations of the protocol defined in this document employing

the ESP header SHALL comply with section 5 of [14], which defines a

minimum set of algorithms for integrity checking and encryption.

Similarly, implementations employing the AH header SHALL comply with

section 5 of [13], which defines a minimum set of algorithms for

integrity checking using manual keys.

Implementations SHOULD use IKE [15] to permit more robust keying

options. Implementations employing IKE SHOULD support authentication

with RSA signatures and RSA public key encryption.

A Security Association (SA) [12] is a simplex "connection" that

affords security services to the traffic carried by it. Security

services are afforded to a SA by the use of AH, or ESP, but not both.

Two types of SAs are defined: transport mode and tunnel mode [12]. A

transport mode SA is a security association between two hosts, and is

appropriate for protecting the TRIP session between two peer LSs.

A1. Appendix 1: TRIP FSM State Transitions and Actions

This Appendix discusses the transitions between states in the TRIP

FSM in response to TRIP events. The following is the list of these

states and events when the negotiated Hold Time value is non-zero.

TRIP States:

1 - Idle

2 - Connect

3 - Active

4 - OpenSent

5 - OpenConfirm

6 - Established

TRIP Events:

1 - TRIP Start

2 - TRIP Stop

3 - TRIP Transport connection open

4 - TRIP Transport connection closed

5 - TRIP Transport connection open failed

6 - TRIP Transport fatal error

7 - ConnectRetry timer expired

8 - Hold Timer expired

9 - KeepAlive timer expired

10 - Receive OPEN message

11 - Receive KEEPALIVE message

12 - Receive UPDATE messages

13 - Receive NOTIFICATION message

The following table describes the state transitions of the TRIP FSM

and the actions triggered by these transitions.

Event Actions Message Sent Next State

--------------------------------------------------------------------

Idle (1)

1 Initialize resources none 2

Start ConnectRetry timer

Initiate a transport connection

others none none 1

Connect(2)

1 none none 2

3 Complete initialization OPEN 4

Clear ConnectRetry timer

5 Restart ConnectRetry timer none 3

7 Restart ConnectRetry timer none 2

Initiate a transport connection

others Release resources none 1

Active (3)

1 none none 3

3 Complete initialization OPEN 4

Clear ConnectRetry timer

5 Close connection 3

Restart ConnectRetry timer

7 Restart ConnectRetry timer none 2

Initiate a transport connection

others Release resources none 1

OpenSent(4)

1 none none 4

4 Close transport connection none 3

Restart ConnectRetry timer

6 Release resources none 1

10 Process OPEN is OK KEEPALIVE 5

Process OPEN failed NOTIFICATION 1

others Close transport connection NOTIFICATION 1

Release resources

OpenConfirm (5)

1 none none 5

4 Release resources none 1

6 Release resources none 1

9 Restart KeepAlive timer KEEPALIVE 5

11 Complete initialization none 6

Restart Hold Timer

13 Close transport connection 1

Release resources

others Close transport connection NOTIFICATION 1

Release resources

Established (6)

1 none none 6

4 Release resources none 1

6 Release resources none 1

9 Restart KeepAlive timer KEEPALIVE 6

11 Restart Hold Timer none 6

12 Process UPDATE is OK UPDATE 6

Process UPDATE failed NOTIFICATION 1

13 Close transport connection 1

Release resources

others Close transport connection NOTIFICATION 1

Release resources

-----------------------------------------------------------------

The following is a condensed version of the above state transition

table.

Events Idle Connect Active OpenSent OpenConfirm Estab

(1) (2) (3) (4) (5) (6)

----------------------------------------------------------

1 2 2 3 4 5 6

2 1 1 1 1 1 1

3 1 4 4 1 1 1

4 1 1 1 3 1 1

5 1 3 3 1 1 1

6 1 1 1 1 1 1

7 1 2 2 1 1 1

8 1 1 1 1 1 1

9 1 1 1 1 5 6

10 1 1 1 1 or 5 1 1

11 1 1 1 1 6 6

12 1 1 1 1 1 1 or 6

13 1 1 1 1 1 1

--------------------------------------------------------------

A2. Appendix 2: Implementation Recommendations

This section presents some implementation recommendations.

A.2.1: Multiple Networks Per Message

The TRIP protocol allows for multiple address prefixes with the same

advertisement path and next-hop server to be specified in one

message. Making use of this capability is highly recommended. With

one address prefix per message there is a substantial increase in

overhead in the receiver. Not only does the system overhead increase

due to the reception of multiple messages, but the overhead of

scanning the routing table for updates to TRIP peers is incurred

multiple times as well. One method of building messages containing

many address prefixes per advertisement path and next hop from a

routing table that is not organized per advertisement path is to

build many messages as the routing table is scanned. As each address

prefix is processed, a message for the associated advertisement path

and next hop is allocated, if it does not exist, and the new address

prefix is added to it. If such a message exists, the new address

prefix is just appended to it. If the message lacks the space to

hold the new address prefix, it is transmitted, a new message is

allocated, and the new address prefix is inserted into the new

message. When the entire routing table has been scanned, all

allocated messages are sent and their resources released. Maximum

compression is achieved when all the destinations covered by the

address prefixes share the same next hop server and common

attributes, making it possible to send many address prefixes in one

4096-byte message.

When peering with a TRIP implementation that does not compress

multiple address prefixes into one message, it may be necessary to

take steps to reduce the overhead from the flood of data received

when a peer is acquired or a significant network topology change

occurs. One method of doing this is to limit the rate of updates.

This will eliminate the redundant scanning of the routing table to

provide flash updates for TRIP peers. A disadvantage of this

approach is that it increases the propagation latency of routing

information. By choosing a minimum flash update interval that is not

much greater than the time it takes to process the multiple messages,

this latency should be minimized. A better method would be to read

all received messages before sending updates.

A.2.2: Processing Messages on a Stream Protocol

TRIP uses TCP as a transport mechanism. Due to the stream nature of

TCP, all the data of a received message does not necessarily arrive

at the same time. This can make it difficult to process the data as

messages, especially on systems where it is not possible to determine

how much data has been received but not yet processed.

One method that can be used in this situation is to first try to read

just the message header. For the KEEPALIVE message type, this is a

complete message; for other message types, the header should first be

verified, in particular the total length. If all checks are

successful, the specified length, minus the size of the message

header is the amount of data left to read. An implementation that

would "hang" the routing information process while trying to read

from a peer could set up a message buffer (4096 bytes) per peer and

fill it with data as available until a complete message has been

received.

A.2.3: Reducing Route Flapping

To avoid excessive route flapping an LS which needs to withdraw a

destination and send an update about a more specific or less specific

route SHOULD combine them into the same UPDATE message.

A.2.4: TRIP Timers

TRIP employs seven timers: ConnectRetry, Hold Time, KeepAlive,

MaxPurgeTime, TripDisableTime, MinITADOriginationInterval, and

MinRouteAdvertisementInterval. The suggested value for the

ConnectRetry timer is 120 seconds. The suggested value for the Hold

Time is 90 seconds. The suggested value for the KeepAlive timer is

30 seconds. The suggested value for the MaxPurgeTime timer is 10

seconds. The suggested value for the TripDisableTime timer is 180

seconds. The suggested value for the MinITADOriginationInterval is

30 seconds. The suggested value for the

MinRouteAdvertisementInterval is 30 seconds.

An implementation of TRIP MUST allow these timers to be configurable.

A.2.5: AP_SET Sorting

Another useful optimization that can be done to simplify this

situation is to sort the ITAD numbers found in an AP_SET. This

optimization is entirely optional.

Acknowledgments

We wish to thank Dave Oran for his insightful comments and

suggestions.

References

[1] Bradner, S., "Keywords for use in RFCs to Indicate Requirement

Levels", BCP 14, RFC2119, March 1997.

[2] Rosenberg, J. and H. Schulzrinne, "A Framework for a Gateway

Location Protocol", RFC2871, June 2000.

[3] Rekhter, Y. and T. Li, "Border Gateway Protocol 4 (BGP-4)," RFC

1771, March 1995.

[4] Moy, J., "Open Shortest Path First Version 2", STD 54, RFC

2328, April 1998.

[5] "Intermediate System to Intermediate System Intra-Domain

Routing Exchange Protocol for use in Conjunction with the

Protocol for Providing the Connectionless-mode Network Service

(ISO 8473)," ISO DP 10589, February 1990.

[6] Luciani, J., Armitage, G., Halpern, J. and N. Doraswamy,

"Server Cache Synchronization Protocol (SCSP)", RFC2334, April

1998.

[7] International Telecommunication Union, "Packet-Based Multimedia

Communication Systems," Recommendation H.323, Version 3

Telecommunication Standardization Sector of ITU, Geneva,

Switzerland, November 2000.

[8] Handley, H., Schulzrinne, H., Schooler, E. and J. Rosenberg,

"SIP: Session Initiation Protocol", RFC2543, March 1999.

[9] Braden, R., "Requirements for Internet Hosts -- Application and

Support", STD 3, RFC1123, October 1989.

[10] Hinden, R. and S. Deering, "IP Version 6 Addressing

Architecture", RFC2373, July 1998.

[11] Narten, T. and H. Alvestrand, "Guidelines for Writing an IANA

Considerations Section in RFCs", BCP 26, RFC2434, October

1998.

[12] Kent, S. and R. Atkinson, "Security Architecture for the

Internet Protocol", RFC2401, November 1998.

[13] Kent, S. and R. Atkinson, "IP Authentication Header", RFC2402,

November 1998.

[14] Kent, S. and R. Atkinson, "IP Encapsulating Security Payload

(ESP)", RFC2406, November 1998.

[15] Harkins, D. and D. Carrel, "The Internet Key Exchange (IKE)",

RFC2409, November 1998.

Intellectual Property Notice

The IETF takes no position regarding the validity or scope of any

intellectual property or other rights that might be claimed to

pertain to the implementation or use of the technology described in

this document or the extent to which any license under such rights

might or might not be available; neither does it represent that it

has made any effort to identify any such rights. Information on the

IETF's procedures with respect to rights in standards-track and

standards-related documentation can be found in BCP 11. Copies of

claims of rights made available for publication and any assurances of

licenses to be made available, or the result of an attempt made to

obtain a general license or permission for the use of such

proprietary rights by implementers or users of this specification can

be obtained from the IETF Secretariat.

The IETF invites any interested party to bring to its attention any

copyrights, patents or patent applications, or other proprietary

rights which may cover technology that may be required to practice

this standard. Please address the information to the IETF Executive

Director.

The IETF has been notified of intellectual property rights claimed in

regard to some or all of the specification contained in this

document. For more information consult the online list of claimed

rights.

Authors' Addresses

Jonathan Rosenberg

dynamicsoft

72 Eagle Rock Avenue

First Floor

East Hanover, NJ 07936

Phone: 973-952-5000

EMail: jdrosen@dynamicsoft.com

Hussein F. Salama

Cisco Systems

170 W. Tasman Drive

San Jose, CA 95134

Phone: 408-527-7147

EMail: hsalama@cisco.com

Matt Squire

Hatteras Networks

639 Davis Drive

Suite 200

Durham, NC 27713

EMail: mattsquire@acm.org

Full Copyright Statement

Copyright (C) The Internet Society (2002). All Rights Reserved.

This document and translations of it may be copied and furnished to

others, and derivative works that comment on or otherwise explain it

or assist in its implementation may be prepared, copied, published

and distributed, in whole or in part, without restriction of any

kind, provided that the above copyright notice and this paragraph are

included on all such copies and derivative works. However, this

document itself may not be modified in any way, such as by removing

the copyright notice or references to the Internet Society or other

Internet organizations, except as needed for the purpose of

developing Internet standards in which case the procedures for

copyrights defined in the Internet Standards process must be

followed, or as required to translate it into languages other than

English.

The limited permissions granted above are perpetual and will not be

revoked by the Internet Society or its successors or assigns.

This document and the information contained herein is provided on an

"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING

TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING

BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION

HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF

MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

Acknowledgement

Funding for the RFCEditor function is currently provided by the

Internet Society.

 
 
 
免责声明:本文为网络用户发布,其观点仅代表作者个人观点,与本站无关,本站仅提供信息存储服务。文中陈述内容未经本站证实,其真实性、完整性、及时性本站不作任何保证或承诺,请读者仅作参考,并请自行核实相关内容。
2023年上半年GDP全球前十五强
 百态   2023-10-24
美众议院议长启动对拜登的弹劾调查
 百态   2023-09-13
上海、济南、武汉等多地出现不明坠落物
 探索   2023-09-06
印度或要将国名改为“巴拉特”
 百态   2023-09-06
男子为女友送行,买票不登机被捕
 百态   2023-08-20
手机地震预警功能怎么开?
 干货   2023-08-06
女子4年卖2套房花700多万做美容:不但没变美脸,面部还出现变形
 百态   2023-08-04
住户一楼被水淹 还冲来8头猪
 百态   2023-07-31
女子体内爬出大量瓜子状活虫
 百态   2023-07-25
地球连续35年收到神秘规律性信号,网友:不要回答!
 探索   2023-07-21
全球镓价格本周大涨27%
 探索   2023-07-09
钱都流向了那些不缺钱的人,苦都留给了能吃苦的人
 探索   2023-07-02
倩女手游刀客魅者强控制(强混乱强眩晕强睡眠)和对应控制抗性的关系
 百态   2020-08-20
美国5月9日最新疫情:美国确诊人数突破131万
 百态   2020-05-09
荷兰政府宣布将集体辞职
 干货   2020-04-30
倩女幽魂手游师徒任务情义春秋猜成语答案逍遥观:鹏程万里
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案神机营:射石饮羽
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案昆仑山:拔刀相助
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案天工阁:鬼斧神工
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案丝路古道:单枪匹马
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案镇郊荒野:与虎谋皮
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案镇郊荒野:李代桃僵
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案镇郊荒野:指鹿为马
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案金陵:小鸟依人
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案金陵:千金买邻
 干货   2019-11-12
 
推荐阅读
 
 
 
>>返回首頁<<
 
靜靜地坐在廢墟上,四周的荒凉一望無際,忽然覺得,淒涼也很美
© 2005- 王朝網路 版權所有