BIER Penultimate Hop Popping

The BIER architecture includes three layers: the "routing underlay", the "BIER layer", and the "multicast flow overlay". The multicast flow overlay is responsible for the BIER Forwarding Egress Routers (BFERs) to signal to BIER Forwarding Ingress Routers (BFIRs) that they are interested in receiving certain multicast flows so that BFIRs can encode the correct bitstring for BIER forwarding by the BIER layer. MVPN and EVPN are two similar overlays where BGP Auto-Discovery routes for MVPN/EVPN are exchanged among all PEs to signal which PEs need to receive multicast traffic for all or certain flows. Typically the same provider tunnel type is used for traffic to reach all receiving PEs. Consider an MVPN/EVPN deployment where enough provider routers are BIER-capable for BIER to become the preferred choice of provider tunnel . However, some PEs cannot be upgraded to support BIER forwarding. While there are ways to allow an ingress PE to send traffic to some PEs with one type of tunnel and send traffic to some other PEs with a different type of tunnel, the procedure becomes complicated and forwarding is not optimized. One way to solve this problem is to use Penultimate Hop Popping (PHP) so that the upstream BFR can pop the BIER header and send the payload "natively" (note that the upstream BFR can be connected directly or indirectly via any type of tunnel to the PE). This is similar to Multi-Protocol Label Switching (MPLS) PHP though it is the BIER header that is popped. The transition of an existing MVPN/EVPN deployment with traditional provider tunnels to using BIER with some PEs not capable of receiving BIER packets can be incremental. All PEs are first upgraded to support BIER at least in the control plane, with those not capable of BIER forwarding requesting PHP. Then BIER-capable ingress PEs independently and incrementally switch to BIER transport. While the above text uses MVPN/EVPN as example, BIER PHP is applicable to any scenario where the multicast flow overlay edge router does not support BIER, as long as the edge router does not need to know the transmitting BFIR or participate in BIER OAM procedures. This works well if a BIER-incapable PE only needs to receive multicast traffic. If it needs to send multicast traffic as well, then it must Ingress Replicate to a BIER-capable helper PE, who will in turn relay the packet to other PEs. The helper PE is either a Virtual Hub as specified in [RFC7024] for MVPN and for EVPN, or an AR-Replicator as specified in for EVPN.

The BIER Penultimate Hop Popping is intended only for the scenario where a multicast flow overlay router for a BIER domain does not support BIER forwarding, either entirely or just for some particular BitStringLengths (BSL). In the latter case, PHP is only for BIER packets with those BSL. The flow overlay router would be a BFER if it did support BIER forwarding, and PHP would not be done by its penultimate hop. The procedures in this section apply only if, by means outside the scope of this document, it is known that all potential penultimate hop BFRs support PHP (i.e., able to pop the BIER header when sending to a requesting flow overlay router) , and that the payload after BIER header is one of the following: MPLS packets with downstream-assigned label at top of stack (i.e., the Proto field in the BIER header is 1). For example, a label from a Domain-wide Common Block (DCB) is used as specified in . IPv4/IPv6 multicast packets for which Reverse Path Forwarding check is disabled.

With IS-IS signaling, a sub-TLV in another sub-TLV is called sub-sub-TLV (and more sub-levels are possible like sub-sub-sub-TLV). With other signaling protocols, a sub-TLV in another sub-TLV is still called sub-TLV. For convenience, in this document we use sub-TLV even when it is sub-sub-TLV in IS-IS, as there is no ambiguity with the name itself (e.g. MPLS Encapsulation). A BIER-incapable router, if acting as a multicast flow overlay router for BIER, MUST signal its BIER information as specified in [RFC8401], [RFC8444], , or with a PHP sub-TLV included in the BIER sub-TLV (or TLV in case of BGP) attached to the BIER-incapable router's BFR-prefix to request BIER PHP from other BFRs. The type of the sub-TLV or sub-TLV is TBD, and the length is 0. With MPLS encapsulation, the BIER-incapable multicast flow overlay router MAY omit the BIER MPLS Encapsulation sub-LV, or MUST set the Label field in BIER MPLS Encapsulation sub-TLV to Implicit Null Label [RFC3032]. With MPLS encapsulation, if a BFER (that does support BIER but) does not support a certain BSL, it MAY advertise a corresponding BIER MPLS Encapsulation sub-TLV with the Label field to Implicit Null Label to request PHP for that BSL. It MUST NOT include the PHP sub-TLV in this case. With non-MPLS encapsulation , the BIER-incapable multicast flow overlay router MAY omit the BIER non-MPLS Encapsulation sub-TLV, or MUST set the BIFT-id field in the BIER non-MPLS Encapsulation sub-TLV to 0. With non-MPLS encapsulation, if a BFER (that does support BIER but) does not support certain BSL, it MAY advertise a corresponding BIER non-MPLS Encapsulation sub-TLV but set the BIFT-id field to 0 to request PHP for that BSL. It MUST NOT include the PHP sub-TLV in this case.

If a BFR follows section 6.9 of [RFC8279] to handle BIER-incapable routers, it MUST treat a router as BIER-incapable for a BSL if the label in the corresponding MPLS Encapsulation sub-TLV advertised by the router is Implicit Null, or if the BIFT-id in the corresponding non-MPLS Encapsulation sub-TLV is 0. It MUST treat the router as BIER-incapable for all BSLs if the router advertises a PHP sub-TLV. That way, the router will not used as a transit BFR for certain or for all BSLs. If the downstream neighbor (either resulting in IGP calculation or carried in the BIER Nexthop sub-TLV in case of BGP) for a BFR-prefix is the one advertising the prefix with a PHP sub-TLV or with an Implicit Null Label in its BIER MPLS Encapsulation sub-TLV, or with BIFT-id 0 in its BIER non-MPLS Encapsulation sub-TLV, then when the corresponding BIRT or BIFT entry is created/updated, the forwarding behavior MUST be that the BIER header is removed and the payload be sent to the downstream router without the BIER header, either directly or over any type of tunnel.

This specification does not introduce additional security concerns beyond those already discussed in BIER architecture and OSPF/IS-IS/BGP extensions for BIER signaling.

This document requests a new sub-sub-TLV type value from the "Sub-sub-TLVs for BIER Info Sub-TLV" registry within the "IS-IS TLV Codepoints" registry:

Type Name ---- ---- TBD BIER PHP Request This document requests a new sub-TLV type value from the OSPFv2 Extended Prefix TLV Sub-TLV registry:

Type Name ---- ---- TBD BIER PHP Request This document requests a new sub-TLV type value from the OSPFv3 Extended LSA Sub-TLVs registry:

Type Name ---- ---- TBD BIER PHP Request This document requests a new sub-TLV type value from the BGP BIER TLV sub-TLV Types registry requested in :

Type Name ---- ---- TBD BIER PHP Request

The author wants to thank Eric Rosen and Antonie Przygienda for their review, comments and suggestions. The author also wants to thank Senthil Dhanaraj for his suggestion of requesting PHP if a BFER does not support certain BSL.