faqs.org - Internet FAQ Archives

RFC 6514 - BGP Encodings and Procedures for Multicast in MPLS/BG


Or Display the document by number




Internet Engineering Task Force (IETF)                       R. Aggarwal
Request for Comments: 6514                              Juniper Networks
Category: Standards Track                                       E. Rosen
ISSN: 2070-1721                                      Cisco Systems, Inc.
                                                                T. Morin
                                                 France Telecom - Orange
                                                              Y. Rekhter
                                                        Juniper Networks
                                                           February 2012

     BGP Encodings and Procedures for Multicast in MPLS/BGP IP VPNs

Abstract

   This document describes the BGP encodings and procedures for
   exchanging the information elements required by Multicast in MPLS/BGP
   IP VPNs, as specified in RFC 6513.

Status of This Memo

   This is an Internet Standards Track document.

   This document is a product of the Internet Engineering Task Force
   (IETF).  It represents the consensus of the IETF community.  It has
   received public review and has been approved for publication by the
   Internet Engineering Steering Group (IESG).  Further information on
   Internet Standards is available in Section 2 of RFC 5741.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   http://www.rfc-editor.org/info/rfc6514.

Copyright Notice

   Copyright (c) 2012 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1. Introduction ....................................................4
   2. Specification of Requirements ...................................4
   3. Terminology .....................................................4
   4. MCAST-VPN NLRI ..................................................5
     4.1. Intra-AS I-PMSI A-D Route ...................................6
     4.2. Inter-AS I-PMSI A-D Route ...................................7
     4.3. S-PMSI A-D Route ............................................7
     4.4. Leaf A-D Route ..............................................8
     4.5. Source Active A-D Route .....................................9
     4.6. C-Multicast Route ..........................................10
   5. PMSI Tunnel Attribute ..........................................10
   6. Source AS Extended Community ...................................13
   7. VRF Route Import Extended Community ............................14
   8. PE Distinguisher Labels Attribute ..............................15
   9. MVPN Auto-Discovery/Binding ....................................16
     9.1. MVPN Auto-Discovery/Binding - Intra-AS Operations ..........16
       9.1.1. Originating Intra-AS I-PMSI A-D Routes .................16
       9.1.2. Receiving Intra-AS I-PMSI A-D Routes ...................19
     9.2. MVPN Auto-Discovery/Binding - Inter-AS Operations ..........20
       9.2.1. Originating Inter-AS I-PMSI A-D Routes .................22
       9.2.2. When Not to Originate Inter-AS I-PMSI A-D Routes .......23
       9.2.3. Propagating Inter-AS I-PMSI A-D Routes .................23
         9.2.3.1. Propagating Inter-AS I-PMSI A-D Routes - Overview ..23
         9.2.3.2. Inter-AS I-PMSI A-D Route Received via EBGP ........24
           9.2.3.2.1. Originating Leaf A-D Route into EBGP ...........25
         9.2.3.3. Leaf A-D Route Received via EBGP ...................26
         9.2.3.4. Inter-AS I-PMSI A-D Route Received via IBGP ........27
           9.2.3.4.1. Originating Leaf A-D Route into IBGP ...........28
         9.2.3.5. Leaf A-D Route Received via IBGP ...................29
         9.2.3.6. Optimizing Bandwidth by IP Filtering on ASBRs ......30
   10. Non-Congruent Unicast and Multicast Connectivity ..............30
   11. Exchange of C-Multicast Routing Information among PEs .........32
     11.1. Originating C-Multicast Routes by a PE ....................32
       11.1.1. Originating Routes: PIM as the C-Multicast Protocol ...32
         11.1.1.1. Originating Source Tree Join C-Multicast Route ....33
         11.1.1.2. Originating Shared Tree Join C-Multicast Route ....33
       11.1.2. Originating Routes: mLDP as the C-Multicast Protocol ..34
       11.1.3. Constructing the Rest of the C-Multicast Route ........34
       11.1.4. Unicast Route Changes .................................35
     11.2. Propagating C-Multicast Routes by an ASBR .................36
     11.3. Receiving C-Multicast Routes by a PE ......................37
       11.3.1. Receiving Routes: PIM as the C-Multicast Protocol .....37
         11.3.1.1. Receiving Source Tree Join C-Multicast Route ......38
         11.3.1.2. Receiving Shared Tree Join C-Multicast Route ......38
       11.3.2. Receiving Routes: mLDP as the C-Multicast Protocol ....39
     11.4. C-Multicast Routes Aggregation ............................39

   12. Using S-PMSI A-D Routes to Bind C-Trees to P-Tunnels ..........40
     12.1. Originating S-PMSI A-D Routes .............................40
     12.2. Handling S-PMSI A-D Routes by ASBRs .......................43
       12.2.1. Merging S-PMSI into an I-PMSI .........................43
     12.3. Receiving S-PMSI A-D Routes by PEs ........................44
   13. Switching from Shared a C-Tree to a Source C-Tree .............45
     13.1. Source within a Site - Source Active Advertisement ........46
     13.2. Receiving Source Active A-D Route .........................47
       13.2.1. Pruning Sources off the Shared Tree ...................48
   14. Supporting PIM-SM without Inter-Site Shared C-Trees ...........49
     14.1. Discovering Active Multicast Sources ......................50
     14.2. Receiver(s) within a Site .................................51
     14.3. Receiving C-Multicast Routes by a PE ......................52
   15. Carrier's Carrier .............................................52
   16. Scalability Considerations ....................................52
     16.1. Dampening C-Multicast Routes ..............................54
       16.1.1. Dampening Withdrawals of C-Multicast Routes ...........54
       16.1.2. Dampening Source/Shared Tree Join C-Multicast Routes ..55
     16.2. Dampening Withdrawals of Leaf A-D Routes ..................55
   17. Security Considerations .......................................55
   18. IANA Considerations ...........................................56
   19. Acknowledgements ..............................................57
   20. References ....................................................57
     20.1. Normative References ......................................57
     20.2. Informative References ....................................58

1.  Introduction

   This document describes the BGP encodings and procedures for
   exchanging the information elements required by Multicast in MPLS/BGP
   IP VPNs, as specified in [MVPN].  This document assumes a thorough
   familiarity with the procedures, concepts, and terms described in
   [MVPN].

   This document defines a new Network Layer Reachability Information
   (NLRI), MCAST-VPN NLRI.  The MCAST-VPN NLRI is used for MVPN auto-
   discovery, advertising MVPN to Inclusive P-Multicast Service
   Interface (I-PMSI) tunnel binding, advertising (C-S,C-G) to Selective
   PMSI (S-PMSI) tunnel binding, VPN customer multicast routing
   information exchange among Provider Edge routers (PEs), choosing a
   single forwarder PE, and for procedures in support of co-locating a
   Customer Rendezvous Point (C-RP) on a PE.

   This document specifies two new BGP attributes: the P-Multicast
   Service Interface Tunnel (PMSI Tunnel) attribute and the PE
   Distinguisher Label attribute.

   This document also defines two new BGP Extended Communities: the
   Source Autonomous System (AS) Extended Community and the VPN Routing
   and Forwarding (VRF) Route Import Extended Community.

2.  Specification of Requirements

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in [RFC2119].

3.  Terminology

   In the context of this document, we will refer to the MVPN auto-
   discovery/binding information carried in BGP as "auto-discovery
   routes" ("A-D routes").  For a given MVPN, there are the following
   types of A-D routes:

      + Intra-AS I-PMSI A-D route;

      + Inter-AS I-PMSI A-D route;

      + S-PMSI A-D route;

      + Leaf A-D route;

      + Source Active A-D route.

   In the context of this document, we will refer to the MVPN customers'
   multicast routing information carried in BGP as "C-multicast routes".
   For a given MVPN, there are the following types of C-multicast
   routes:

      + Shared Tree Join route;

      + Source Tree Join route;

   For each MVPN present on a PE, the PE maintains a Tree Information
   Base (MVPN-TIB).  This is the same as TIB defined in [RFC4601],
   except that instead of a single TIB, a PE maintains multiple MVPN-
   TIBs: one per each MVPN.

   Throughout this document, we will use the term "VPN-IP route" to mean
   a route that is either in the VPN-IPv4 address family [RFC4364] or in
   the VPN-IPv6 address family [RFC4659].

4.  MCAST-VPN NLRI

   This document defines a new BGP NLRI, called the MCAST-VPN NLRI.

   The following is the format of the MCAST-VPN NLRI:

      +-----------------------------------+
      |    Route Type (1 octet)           |
      +-----------------------------------+
      |     Length (1 octet)              |
      +-----------------------------------+
      | Route Type specific (variable)    |
      +-----------------------------------+

   The Route Type field defines the encoding of the rest of MCAST-VPN
   NLRI (Route Type specific MCAST-VPN NLRI).

   The Length field indicates the length in octets of the Route Type
   specific field of the MCAST-VPN NLRI.

   This document defines the following Route Types for A-D routes:

      + 1 - Intra-AS I-PMSI A-D route;
      + 2 - Inter-AS I-PMSI A-D route;
      + 3 - S-PMSI A-D route;
      + 4 - Leaf A-D route;
      + 5 - Source Active A-D route.

   This document defines the following Route Types for C-multicast
   routes:

      + 6 - Shared Tree Join route;
      + 7 - Source Tree Join route;

   The MCAST-VPN NLRI is carried in BGP [RFC4271] using BGP
   Multiprotocol Extensions [RFC4760] with an Address Family Identifier
   (AFI) of 1 or 2 and a Subsequent AFI (SAFI) of MCAST-VPN.  The NLRI
   field in the MP_REACH_NLRI/MP_UNREACH_NLRI attribute contains the
   MCAST-VPN NLRI (encoded as specified above).  The value of the AFI
   field in the MP_REACH_NLRI/MP_UNREACH_NLRI attribute that carries the
   MCAST-VPN NLRI determines whether the multicast source and multicast
   group addresses carried in the S-PMSI A-D routes, Source Active A-D
   routes, and C-multicast routes are IPv4 or IPv6 addresses (AFI 1
   indicates IPv4 addresses, AFI 2 indicates IPv6 addresses).

   In order for two BGP speakers to exchange labeled MCAST-VPN NLRIs,
   they must use a BGP Capabilities Advertisement to ensure that they
   both are capable of properly processing such an NLRI.  This is done
   as specified in [RFC4760], by using capability code 1 (multiprotocol
   BGP) with an AFI of 1 or 2 and an SAFI of MCAST-VPN.

   The following describes the format of the Route Type specific MCAST-
   VPN NLRI for various Route Types defined in this document.

4.1.  Intra-AS I-PMSI A-D Route

   An Intra-AS I-PMSI A-D Route Type specific MCAST-VPN NLRI consists of
   the following:

      +-----------------------------------+
      |      RD   (8 octets)              |
      +-----------------------------------+
      |   Originating Router's IP Addr    |
      +-----------------------------------+

   The Route Distinguisher (RD) is encoded as described in [RFC4364].

   Usage of Intra-AS I-PMSI A-D routes is described in Section 9.2.

4.2.  Inter-AS I-PMSI A-D Route

   An Inter-AS I-PMSI A-D Route Type specific MCAST-VPN NLRI consists of
   the following:

      +-----------------------------------+
      |      RD   (8 octets)              |
      +-----------------------------------+
      |      Source AS (4 octets)         |
      +-----------------------------------+

   The RD is encoded as described in [RFC4364].

   The Source AS contains an Autonomous System Number (ASN).

   Two-octet ASNs are encoded in the two low-order octets of the Source
   AS field, with the two high-order octets set to zero.

   Usage of Inter-AS I-PMSI A-D routes is described in Section 9.1.

4.3.  S-PMSI A-D Route

   An S-PMSI A-D Route Type specific MCAST-VPN NLRI consists of the
   following:

      +-----------------------------------+
      |      RD   (8 octets)              |
      +-----------------------------------+
      | Multicast Source Length (1 octet) |
      +-----------------------------------+
      |  Multicast Source (variable)      |
      +-----------------------------------+
      |  Multicast Group Length (1 octet) |
      +-----------------------------------+
      |  Multicast Group   (variable)     |
      +-----------------------------------+
      |   Originating Router's IP Addr    |
      +-----------------------------------+

   The RD is encoded as described in [RFC4364].

   The Multicast Source field contains the C-S address.  If the
   Multicast Source field contains an IPv4 address, then the value of
   the Multicast Source Length field is 32.  If the Multicast Source
   field contains an IPv6 address, then the value of the Multicast
   Source Length field is 128.

   The Multicast Group field contains the C-G address or C-LDP (Label
   Distribution Protocol) MP Opaque Value Element (use of C-LDP MP
   Opaque Value Element is described in the Section 11.3.2.  If the
   Multicast Group field contains an IPv4 address, then the value of the
   Multicast Group Length field is 32.  If the Multicast Group field
   contains an IPv6 address, then the value of the Multicast Group
   Length field is 128.

   Usage of other values of the Multicast Source Length and Multicast
   Group Length fields is outside the scope of this document.

   Usage of S-PMSI A-D routes is described in Section 12.

4.4.  Leaf A-D Route

   A Leaf A-D Route Type specific MCAST-VPN NLRI consists of the
   following:

      +-----------------------------------+
      |      Route Key (variable)         |
      +-----------------------------------+
      |   Originating Router's IP Addr    |
      +-----------------------------------+

   Leaf A-D routes may be originated as a result of processing a
   received Inter-AS I-PMSI A-D route or S-PMSI A-D route.  A Leaf A-D
   route is originated in these situations only if the received route
   has a PMSI Tunnel attribute whose "Leaf Information Required" bit is
   set to 1.

   If a Leaf A-D route is originated as a result of processing one of
   the received routes specified in the previous paragraph, the Route
   Key of the Leaf A-D route is set to the NLRI of the received route.

   Details of the use of the Leaf A-D route may be found in Sections
   9.2.3.2.1, 9.2.3.3, 9.2.3.4.1, 9.2.3.5, and 12.3.

4.5.  Source Active A-D Route

   A Source Active A-D Route Type specific MCAST-VPN NLRI consists of
   the following:

      +-----------------------------------+
      |      RD   (8 octets)              |
      +-----------------------------------+
      | Multicast Source Length (1 octet) |
      +-----------------------------------+
      |   Multicast Source (variable)     |
      +-----------------------------------+
      |  Multicast Group Length (1 octet) |
      +-----------------------------------+
      |  Multicast Group (variable)       |
      +-----------------------------------+

   The RD is encoded as described in [RFC4364].

   The Multicast Source field contains the C-S address.  If the
   Multicast Source field contains an IPv4 address, then the value of
   the Multicast Source Length field is 32.  If the Multicast Source
   field contains an IPv6 address, then the value of the Multicast
   Source Length field is 128.

   Use of the Source Active A-D routes with the Multicast Source Length
   field of 0 is outside the scope of this document.

   The Multicast Group field contains the C-G address.  If the Multicast
   Group field contains an IPv4 address, then the value of the Multicast
   Group Length field is 32.  If the Multicast Group field contains an
   IPv6 address, then the value of the Multicast Group Length field is
   128.

   Source Active A-D routes with a Multicast group belonging to the
   Source Specific Multicast (SSM) range (as defined in [RFC4607], and
   potentially extended locally on a router) MUST NOT be advertised by a
   router and MUST be discarded if received.

   Usage of Source Active A-D routes is described in Sections 13 and 14.

4.6.  C-Multicast Route

   A Shared Tree Join route and a Source Tree Join Route Type specific
   MCAST-VPN NLRI consists of the following:

      +-----------------------------------+
      |      RD   (8 octets)              |
      +-----------------------------------+
      |    Source AS (4 octets)           |
      +-----------------------------------+
      | Multicast Source Length (1 octet) |
      +-----------------------------------+
      |   Multicast Source (variable)     |
      +-----------------------------------+
      |  Multicast Group Length (1 octet) |
      +-----------------------------------+
      |  Multicast Group   (variable)     |
      +-----------------------------------+

   The RD is encoded as described in [RFC4364].

   The Source AS contains an ASN.  Two-octet ASNs are encoded in the
   low-order two octets of the Source AS field.

   For a Shared Tree Join route, the Multicast Source field contains the
   C-RP address; for a Source Tree Join route, the Multicast Source
   field contains the C-S address.  If the Multicast Source field
   contains an IPv4 address, then the value of the Multicast Source
   Length field is 32.  If the Multicast Source field contains an IPv6
   address, then the value of the Multicast Source Length field is 128.

   The Multicast Group field contains the C-G address or C-MP Opaque
   Value Element.  If the Multicast Group field contains an IPv4
   address, then the value of the Multicast Group Length field is 32.
   If the Multicast Group field contains an IPv6 address, then the value
   of the Multicast Group Length field is 128.

   Usage of C-multicast routes is described in Section 11.

5.  PMSI Tunnel Attribute

   This document defines and uses a new BGP attribute called the
   "P-Multicast Service Interface Tunnel (PMSI Tunnel) attribute".  This
   is an optional transitive BGP attribute.  The format of this
   attribute is defined as follows:

      +---------------------------------+
      |  Flags (1 octet)                |
      +---------------------------------+
      |  Tunnel Type (1 octets)         |
      +---------------------------------+
      |  MPLS Label (3 octets)          |
      +---------------------------------+
      |  Tunnel Identifier (variable)   |
      +---------------------------------+

   The Flags field has the following format:

       0 1 2 3 4 5 6 7
      +-+-+-+-+-+-+-+-+
      |  reserved   |L|
      +-+-+-+-+-+-+-+-+

   This document defines the following flags:

     + Leaf Information Required (L)

   The Tunnel Type identifies the type of the tunneling technology used
   to establish the PMSI tunnel.  The type determines the syntax and
   semantics of the Tunnel Identifier field.  This document defines the
   following Tunnel Types:

      + 0 - No tunnel information present
      + 1 - RSVP-TE P2MP LSP
      + 2 - mLDP P2MP LSP
      + 3 - PIM-SSM Tree
      + 4 - PIM-SM Tree
      + 5 - BIDIR-PIM Tree
      + 6 - Ingress Replication
      + 7 - mLDP MP2MP LSP

   If the MPLS Label field is non-zero, then it contains an MPLS label
   encoded as 3 octets, where the high-order 20 bits contain the label
   value.  Absence of an MPLS Label is indicated by setting the MPLS
   Label field to zero.

   When the Tunnel Type is set to "No tunnel information present", the
   PMSI Tunnel attribute carries no tunnel information (no Tunnel
   Identifier).  This type is to be used only in the following case: to
   enable explicit tracking for a particular customer multicast flow (by
   setting the Leaf Information Required flag to 1), but without binding
   this flow to a particular provider tunnel (by omitting any tunnel
   information).

   When the Tunnel Type is set to RSVP - Traffic Engineering (RSVP-TE)
   Point-to-Multipoint (P2MP) Label Switched Path (LSP), the Tunnel
   Identifier is <Extended Tunnel ID, Reserved, Tunnel ID, P2MP ID> as
   carried in the RSVP-TE P2MP LSP SESSION Object [RFC4875].

   When the Tunnel Type is set to multipoint Label Distribution Protocol
   (mLDP) P2MP LSP, the Tunnel Identifier is a P2MP Forwarding
   Equivalence Class (FEC) Element [mLDP].

   When the Tunnel Type is set to Protocol Independent Multicast -
   Sparse Mode (PIM-SM) tree, the Tunnel Identifier is <Sender Address,
   P-Multicast Group>.  The node that originated the attribute MUST use
   the address carried in the Sender Address as the source IP address
   for the IP/GRE (Generic Routing Encapsulation) encapsulation of the
   MVPN data.

   When the Tunnel Type is set to PIM-SSM tree, the Tunnel Identifier is
   <P-Root Node Address, P-Multicast Group>.  The node that originates
   the attribute MUST use the address carried in the P-Root Node Address
   as the source IP address for the IP/GRE encapsulation of the MVPN
   data.  The P-Multicast Group in the Tunnel Identifier of the Tunnel
   attribute MUST NOT be expected to be the same group for all Intra-AS
   A-D routes for the same MVPN.  According to [RFC4607], the group
   address can be locally allocated by the originating PE without any
   consideration for the group address used by other PE on the same
   MVPN.

   When the Tunnel Type is set to BIDIR-PIM tree, the Tunnel Identifier
   is <Sender Address, P-Multicast Group>.  The node that originated the
   attribute MUST use the address carried in the Sender Address as the
   source IP address for the IP/GRE encapsulation of the MVPN data.

   When the Tunnel Type is set to PIM-SM or BIDIR-PIM tree, then the
   P-Multicast Group in the Tunnel Identifier of the Tunnel attribute
   SHOULD contain the same multicast group address for all Intra-AS
   I-PMSI A-D routes for the same MVPN originated by PEs within a given
   AS.  How this multicast group address is chosen is outside the scope
   of this specification.

   When the Tunnel Type is set to Ingress Replication, the Tunnel
   Identifier carries the unicast tunnel endpoint IP address of the
   local PE that is to be this PE's receiving endpoint address for the
   tunnel.

   When the Tunnel Type is set to mLDP Multipoint-to-Multipoint (MP2MP)
   LSP, the Tunnel Identifier is an MP2MP FEC Element [mLDP].

   The use of mLDP MP2MP LSPs as Provider tunnels (P-tunnels) requires
   procedures that are outside the scope of this document.

   A router that supports the PMSI Tunnel attribute considers this
   attribute to be malformed if either (a) it contains an undefined
   tunnel type in the Tunnel Type field of the attribute, or (b) the
   router cannot parse the Tunnel Identifier field of the attribute as a
   tunnel identifier of the tunnel types specified in the Tunnel Type
   field of the attribute.

   When a router that receives a BGP Update that contains the PMSI
   Tunnel attribute with its Partial bit set determines that the
   attribute is malformed, the router SHOULD treat this Update as though
   all the routes contained in this Update had been withdrawn.

   An implementation MUST provide debugging facilities to permit issues
   caused by a malformed PMSI Tunnel attribute to be diagnosed.  At a
   minimum, such facilities MUST include logging an error when such an
   attribute is detected.

   The PMSI Tunnel attribute is used in conjunction with Intra-AS I-PMSI
   A-D routes, Inter-AS I-PMSI A-D routes, S-PMSI A-D routes, and Leaf
   A-D routes.

6.  Source AS Extended Community

   This document defines a new BGP Extended Community called "Source
   AS".

   The Source AS is an AS-specific Extended Community, of an extended
   type, and is transitive across AS boundaries [RFC4360].

   The Global Administrator field of this Community MUST be set to the
   ASN of the PE.  The Local Administrator field of this Community MUST
   be set to 0.

   Consider a given MVPN that uses BGP for exchanging C-multicast
   routes, and/or uses segmented inter-AS tunnels.  A PE that has sites
   of that MVPN connected to it, and originates a (unicast) route to
   VPN-IP addresses associated with the destinations within these sites,
   MUST include in the BGP Update message that carries this route the
   Source AS Extended Community.

   The usage of a received Source AS Extended Community is described in
   Section 11.1.3.

7.  VRF Route Import Extended Community

   This document defines a new BGP Extended Community called "VRF Route
   Import".

   The VRF Route Import is an IP-address-specific Extended Community, of
   an extended type, and is transitive across AS boundaries [RFC4360].

   To support MVPN in addition to the import/export Route Target(s)
   Extended Communities used by the unicast routing, each VRF on a PE
   MUST have an import Route Target Extended Community, except if it is
   known a priori that none of the (local) MVPN sites associated with
   the VRF contain multicast source(s) and/or C-RP; in which case, the
   VRF need not have this import Route Target.

   We refer to this Route Target as the "C-multicast Import RT", as this
   Route Target controls imports of C-multicast routes into a particular
   VRF.

   A PE constructs C-multicast Import RT as follows:

    + The Global Administrator field of the C-multicast Import RT MUST
      be set to an IP address of the PE.  This address SHOULD be common
      for all the VRFs on the PE (e.g., this address may be the PE's
      loopback address).

    + The Local Administrator field of the C-multicast Import RT
      associated with a given VRF contains a 2-octet number that
      uniquely identifies that VRF within the PE that contains the VRF
      (procedures for assigning such numbers are purely local to the PE
      and are outside the scope of this document).

   The way C-multicast Import RT is constructed allows it to uniquely
   identify a VRF.

   A PE that has site(s) of a given MVPN connected to it needs to
   communicate the value of the C-multicast Import RT associated with
   the VRF of that MVPN on the PE to all other PEs that have sites of
   that MVPN.  To accomplish this, a PE that originates a (unicast)
   route to VPN-IP addresses MUST include in the BGP Updates message
   that carries this route the VRF Route Import Extended Community that
   has the value of the C-multicast Import RT of the VRF associated with
   the route, except if it is known a priori (e.g., via provisioning)
   that none of these addresses could act as multicast sources and/or
   RP; in which case, the (unicast) route MUST NOT carry the VRF Route
   Import Extended Community.

   If a PE uses Route Target Constraint [RT-CONSTRAIN], the PE SHOULD
   advertise all such C-multicast Import RTs using Route Target
   Constraints (note that doing this requires just a single Route Target
   Constraint advertisement by the PE).  This allows each C-multicast
   route to reach only the relevant PE.  To constrain distribution of
   the Route Target Constraint routes to the AS of the advertising PE,
   these routes SHOULD carry the NO_EXPORT Community [RFC1997].

   Usage of VRF Route Import Extended Community is described in
   Section 11.1.3.

8.  PE Distinguisher Labels Attribute

   This document defines a new BGP attribute, called the "PE
   Distinguisher Labels" attribute.  This is an optional transitive BGP
   attribute.  The format of this attribute is defined as follows:

      +---------------------------------+
      |           PE Address            |
      +---------------------------------+
      |     Label (3 octets)            |
      +---------------------------------+
      .......
      +---------------------------------+
      |           PE Address            |
      +---------------------------------+
      |     Label (3 octets)            |
      +---------------------------------+

   The Label field contains an MPLS label encoded as 3 octets, where the
   high-order 20 bits contain the label value.

   A router that supports the PE Distinguisher Labels attribute
   considers this attribute to be malformed if the PE Address field does
   not contain a unicast address.  The attribute is also considered to
   be malformed if: (a) the PE Address field is expected to be an IPv4
   address, and the length of the attribute is not a multiple of 7 or
   (b) the PE Address field is expected to be an IPv6 address, and the
   length of the attribute is not a multiple of 19.  The length of the
   Route Type field of MCAST-VPN NLRI of the route that carries the PE
   Distinguisher Labels attribute provides the information on whether
   the PE Address field contains an IPv4 or IPv6 address.  Each of the
   PE addresses in the PE Distinguisher Labels attribute MUST be of the
   same address family as the "Originating Router's IP Address" of the
   route that is carrying the attribute.

   When a router that receives a BGP Update that contains the PE
   Distinguisher Labels attribute with its Partial bit set determines
   that the attribute is malformed, the router SHOULD treat this Update
   as though all the routes contained in this Update had been withdrawn.

   An implementation MUST provide debugging facilities to permit issues
   caused by malformed PE Distinguisher Label attribute to be diagnosed.
   At a minimum, such facilities MUST include logging an error when such
   an attribute is detected.

   Usage of this attribute is described in [MVPN].

9.  MVPN Auto-Discovery/Binding

   This section specifies procedures for the auto-discovery of MVPN
   memberships and the distribution of information used to instantiate
   I-PMSIs.

   There are two MVPN auto-discovery/binding mechanisms, dubbed "intra-
   AS" and "inter-AS" respectively.

   The intra-AS mechanisms provide auto-discovery/binding within a
   single AS.

   The intra-AS mechanisms also provide auto-discovery/binding across
   multiple ASes when non-segmented inter-AS tunnels are being used.

   The inter-AS mechanisms provide auto-discovery/binding across
   multiple ASes when segmented inter-AS tunnels are being used.

   Note that if a multi-AS system uses option (a) of section 10 of
   [RFC4364], the notion of inter-AS tunnels does not apply, and so it
   needs only the intra-AS mechanisms.

9.1.  MVPN Auto-Discovery/Binding - Intra-AS Operations

   This section describes exchanges of Intra-AS I-PMSI A-D routes
   originated/received by PEs within the same AS, or if non-segmented
   inter-AS tunnels are used, then by all PEs.

9.1.1.  Originating Intra-AS I-PMSI A-D Routes

   To participate in the MVPN auto-discovery/binding, a PE router that
   has a given VRF of a given MVPN MUST, except for the cases specified
   in this section, originate an Intra-AS I-PMSI A-D route and
   advertises this route in IBGP.  The route is constructed as follows.

   The route carries a single MCAST-VPN NLRI with the RD set to the RD
   of the VRF, and the Originating Router's IP Address field set to the
   IP address that the PE places in the Global Administrator field of
   the VRF Route Import Extended Community of the VPN-IP routes
   advertised by the PE.  Note that the <RD, Originating Router's IP
   Address> tuple uniquely identifies a given multicast VRF.

   The route carries the PMSI Tunnel attribute if and only if an I-PMSI
   is used for the MVPN (the conditions under which an I-PMSI is used
   can be found in [MVPN]).  Depending on the technology used for the
   P-tunnel for the MVPN on the PE, the PMSI Tunnel attribute of the
   Intra-AS I-PMSI A-D route is constructed as follows.

    + If the PE that originates the advertisement uses a P-multicast
      tree for the P-tunnel for the MVPN, the PMSI Tunnel attribute MUST
      contain the identity of the tree (note that the PE could create
      the identity of the tree prior to the actual instantiation of the
      tree).

    + A PE that uses a P-multicast tree for the P-tunnel MAY aggregate
      two or more MVPNs present on the PE onto the same tree.  In this
      case, in addition to carrying the identity of the tree, the PMSI
      Tunnel attribute of the Intra-AS I-PMSI A-D route MUST carry an
      MPLS upstream-assigned label that the PE has bound uniquely to the
      MVPN associated with this route (as determined by its RTs).

      If the PE has already advertised Intra-AS I-PMSI A-D routes for
      two or more MVPNs that it now desires to aggregate, then the PE
      MUST re-advertise those routes.  The re-advertised routes MUST be
      the same as the original ones, except for the PMSI Tunnel
      attribute and the label carried in that attribute.

    + If the PE that originates the advertisement uses ingress
      replication for the P-tunnel for the MVPN, the route MUST include
      the PMSI Tunnel attribute with the Tunnel Type set to Ingress
      Replication and Tunnel Identifier set to a routable address of the
      PE.  The PMSI Tunnel attribute MUST carry a downstream-assigned
      MPLS label.  This label is used to demultiplex the MVPN traffic
      received over a unicast tunnel by the PE.

    + The Leaf Information Required flag of the PMSI Tunnel attribute
      MUST be set to zero and MUST be ignored on receipt.

   Discovery of PE capabilities in terms of what tunnel types they
   support is outside the scope of this document.  Within a given AS,
   PEs participating in an MVPN are expected to advertise tunnel
   bindings whose tunnel types are supported by all other PEs that are

   participating in this MVPN and are part of the same AS.  In addition,
   in the inter-AS scenario with non-segmented inter-AS tunnels, the
   tunnel types have to be supported by all PEs that are participating
   in this MVPN, irrespective of whether or not these PEs are in the
   same AS.

   The Next Hop field of the MP_REACH_NLRI attribute of the route MUST
   be set to the same IP address as the one carried in the Originating
   Router's IP Address field.

   By default, the distribution of the Intra-AS I-PMSI A-D routes is
   controlled by the same Route Targets as the ones used for the
   distribution of VPN-IP unicast routes.  That is, by default, the
   Intra-AS I-PMSI A-D route MUST carry the export Route Target used by
   the unicast routing.  If any other PE has one of these Route Targets
   configured as an import Route Target for a VRF present on the PE, it
   treats the advertising PE as a member in the MVPN to which the VRF
   belongs.  The default could be modified via configuration by having a
   set of Route Targets used for the Intra-AS I-PMSI A-D routes being
   distinct from the ones used for the VPN-IP unicast routes (see also
   Section 10).

   To constrain distribution of the intra-AS membership/binding
   information to the AS of the advertising PE, the BGP Update message
   originated by the advertising PE SHOULD carry the NO_EXPORT Community
   [RFC1997].

   Note that if non-segmented inter-AS P-tunnels are being used, then
   the Intra-AS I-PMSI routes need to be distributed to other ASes and
   MUST NOT carry the NO_EXPORT Community.

   When BGP is used to exchange C-multicast routes, if (a) it is known a
   priori that, as a matter of policy, none of the MVPN sites connected
   to a given PE are allowed to send multicast traffic to other sites of
   that MVPN (in other words, all these sites are only in the Receiver
   Sites set), (b) the PE does not use ingress replication for the
   incoming traffic of that MVPN, and (c) none of the other PEs that
   have VRFs of that MVPN use RSVP-TE P2MP LSP for that MVPN, then the
   local PE SHOULD NOT originate an Intra-AS I-PMSI A-D route.

   When BGP is used to exchange C-multicast routes, if it is known a
   priori that, as a matter of policy, none of the MVPN sites connected
   to a given PE can receive multicast traffic from other sites of that
   MVPN (in other words, all these sites are only in the Sender Sites
   set), and the PE uses ingress replication for that MVPN, then the PE
   SHOULD NOT originate an Intra-AS I-PMSI A-D route for that MVPN.

9.1.2.  Receiving Intra-AS I-PMSI A-D Routes

   When a PE receives a BGP Update message that carries an Intra-AS
   I-PMSI A-D route such that (a) at least one of the Route Targets of
   the route matches one of the import Route Targets configured for a
   particular VRF on the local PE, (b) either the route was originated
   by some other PE within the same AS as the local PE, or the MVPN
   associated with the VRF uses non-segmented inter-AS tunnels, and (c)
   the BGP route selection determines that this is the best route with
   respect to the NLRI carried by the route, the PE performs the
   following.

   If the route does not carry the PMSI Tunnel attribute and ingress
   replication is not used, either a) the PE that originated the route
   will be using only S-PMSIs to send traffic to remote PEs, or b) as a
   matter of policy, the PE that originated the route cannot send
   multicast traffic from the MVPN sites connected to it to other sites
   of that MVPN (in other words, the sites connected to the PE are only
   in the Receiver Sites set).

   When BGP is used to exchange C-multicast routes, to distinguish
   between cases (a) and (b), we use the presence/absence of the VRF
   Route Import Extended Community in the unicast VPN routes, as
   follows.  As specified in Section 7, if it is know a priori that none
   of the addresses carried in the NLRI of a given (unicast) VPN route
   could act as multicast sources and/or C-RP, then such a route does
   not carry the VRF Route Import Extended Community.  Hence, based on
   the Upstream Multicast Hop (UMH) selection algorithm specified in
   [MVPN], such a route will be ineligible for the UMH selection.  This
   implies that if a given VPN route is selected by the UMH selection
   procedures, and the PE that originates this VPN route also originates
   an Intra-AS I-PMSI A-D route, but this route does not carry the PMSI
   Tunnel attribute, then this PE will be using only S-PMSIs for sending
   (multicast) data.

   If the route carries the PMSI Tunnel attribute, then:

    + If the Tunnel Type in the PMSI Tunnel attribute is set to Ingress
      Replication, then the MPLS label and the address carried in the
      Tunnel Identifier field of the PMSI Tunnel attribute should be
      used when the local PE sends multicast traffic to the PE that
      originated the route.

    + If the Tunnel Type in the PMSI Tunnel attribute is set to mLDP
      P2MP LSP, mLDP MP2MP LSP, PIM-SSM tree, PIM-SM tree, or BIDIR-PIM
      tree, the PE SHOULD join as soon as possible the P-multicast tree
      whose identity is carried in the Tunnel Identifier.

    + If the Tunnel Type in the PMSI Tunnel attribute is set to RSVP-TE
      P2MP LSP, then the PE that originated the route MUST establish an
      RSVP-TE P2MP LSP with the local PE as a leaf.  This LSP may have
      been established before the local PE receives the route, or it may
      be established after the local PE receives the route.

    + The receiving PE has to establish the appropriate state to
      properly handle the traffic received on the P-multicast tree.

    + If the PMSI Tunnel attribute does not carry a label, then all
      packets that are received on the P-multicast tree, as identified
      by the PMSI Tunnel attribute, are forwarded using the VRF that has
      at least one of its import Route Targets that matches one of the
      Route Targets of the received Intra-AS I-PMSI A-D route.

    + If the PMSI Tunnel attribute has the Tunnel Type set to mLDP P2MP
      LSP, PIM-SSM tree, PIM-SM tree, BIDIR-PIM tree, or RSVP-TE P2MP
      LSP, and the attribute also carries an MPLS label, then this is an
      upstream-assigned label, and all packets that are received on the
      P-multicast tree, as identified by the PMSI Tunnel attribute, with
      that upstream-assigned label are forwarded using the VRF that has
      at least one of its import Route Targets that matches one of the
      Route Targets of the received Intra-AS I-PMSI A-D route.

   Irrespective of whether the route carries the PMSI Tunnel attribute,
   if the local PE uses RSVP-TE P2MP LSP for sending (multicast) traffic
   from the VRF to the sites attached to other PEs, then the local PE
   uses the Originating Router's IP address information carried in the
   route to add the PE that originated the route as a leaf node to the
   LSP.

9.2.  MVPN Auto-Discovery/Binding - Inter-AS Operations

   This section applies only to the case where segmented inter-AS
   tunnels are used.

   An Autonomous System Border Router (ASBR) may be configured to
   support a particular MVPN as follows:

    + An ASBR MUST be configured with a set of (import) Route Targets
      (RTs) that specifies the set of MVPNs supported by the ASBR.
      These Route Targets control acceptance of Intra-AS/Inter-AS I-PMSI
      A-D routes by the ASBR.  As long as unicast and multicast
      connectivity are congruent, this could be the same set of Route
      Targets as the one used for supporting unicast (and therefore
      would not require any additional configuration above and beyond of

      what is required for unicast).  Note that instead of being
      configured, the ASBR MAY obtain this set of (import) Route Targets
      (RTs) by using Route Target Constraint [RT-CONSTRAIN].

    + The ASBR MUST be (auto-)configured with an import Route Target
      called "ASBR Import RT".  ASBR Import RT controls acceptance of
      Leaf A-D routes and C-multicast routes by the ASBR, and is used to
      constrain distribution of both Leaf A-D routes and C-multicast
      routes (see Section 11).

      ASBR Import RT is an IP-address-specific Route Target.  The Global
      Administrator field of the ASBR Import RT MUST be set to the IP
      address carried in the Next Hop of all the Inter-AS I-PMSI A-D
      routes and S-PMSI A-D routes advertised by this ASBR (if the ASBR
      uses different Next Hops, then the ASBR MUST be (auto-)configured
      with multiple ASBR Import RTs, one per each such Next Hop).  The
      Local Administrator field of the ASBR Import RT MUST be set to 0.

      If the ASBR supports Route Target Constraint [RT-CONSTRAIN], the
      ASBR SHOULD advertise its ASBR Import RT within its own AS using
      Route Target Constraints.  To constrain distribution of the Route
      Target Constraint routes to the AS of the advertising ASBR, these
      routes SHOULD carry the NO_EXPORT Community [RFC1997].

    + The ASBR MUST be configured with the tunnel types for the intra-AS
      segments of the MVPNs supported by the ASBR, as well as (depending
      on the tunnel type) the information needed to create the PMSI
      attribute for these tunnel types.  Note that instead of being
      configured, the ASBR MAY derive the tunnel types from the Intra-AS
      I-PMSI A-D routes received by the ASBR.

    + If the ASBR originates an Inter-AS I-PMSI A-D route for a
      particular MVPN present on some of the PEs within its own AS, the
      ASBR MUST be (auto-)configured with an RD for that MVPN.  It is
      RECOMMENDED that one of the following two options be used:

  (1) To allow more aggregation of Inter-AS I-PMSI A-D routes, it is
      recommended that all the ASBRs within an AS that are configured to
      originate an Inter-AS I-PMSI A-D route for a particular MVPN be
      configured with the same RD (although for a given MVPN each AS may
      assign this RD on its own, without coordination with other ASes).

  (2) To allow more control over spreading MVPN traffic among multiple
      ASBRs within a given AS, it is recommended that each ASBR have a
      distinct RD per each MVPN; in which case, such an RD SHOULD be
      auto-configured.

   If an ASBR is configured to support a particular MVPN, the ASBR MUST
   participate in the intra-AS MVPN auto-discovery/binding procedures
   for that MVPN within the ASBR's own AS, as specified in Section 9.1.

   Moreover, in addition to the above, the ASBR performs procedures
   described in Sections 9.2.1, 9.2.2, and 9.2.3.

9.2.1.  Originating Inter-AS I-PMSI A-D Routes

   For a given MVPN configured on an ASBR when the ASBR determines
   (using the intra-AS auto-discovery procedures) that at least one of
   the PEs of its own AS has (directly) connected site(s) of the MVPN,
   the ASBR originates an Inter-AS I-PMSI A-D route and advertises it in
   External BGP (EBGP).  The route is constructed as follows:

    + The route carries a single MCAST-VPN NLRI with the RD set to the
      RD configured for that MVPN on the ASBR, and the Source AS set to
      the ASN of the ASBR.

    + The route carries the PMSI Tunnel attribute if and only if an
      I-PMSI is used for the MVPN.  The Tunnel Type in the attribute is
      set to Ingress Replication; the Leaf Information Required flag is
      set to 1; the attribute carries no MPLS labels.

    + The Next Hop field of the MP_REACH_NLRI attribute is set to a
      routable IP address of the ASBR.

    + The default policy for aggregation of Intra-AS I-PMSI A-D routes
      into an Inter-AS I-PMSI A-D route is that a given Inter-AS I-PMSI
      A-D route aggregates only the Intra-AS I-PMSI A-D routes that
      carry exactly the same set of RTs (note that this set may have
      just one RT).  In this case, an Inter-AS I-PMSI A-D route
      originated by an ASBR carries exactly the same RT(s) as the RT(s)
      carried by the Intra-AS I-PMSI A-D routes that the ASBR aggregates
      into that Inter-AS I-PMSI A-D route.  An implementation MUST
      support the default policy for aggregation of Intra-AS I-PMSI A-D
      routes into an Inter-AS I-PMSI A-D route.

    + The default policy for aggregation could be modified via
      configuration on the ASBR.  An implementation MAY support such
      functionality.  Modified policy MUST include rules for
      constructing RTs carried by the Inter-AS I-PMSI A-D routes
      originated by the ASBR.

   An Inter-AS I-PMSI A-D route for a given <AS, MVPN> indicates the
   presence of the MVPN sites connected to one or more PEs of the AS.

   An Inter-AS I-PMSI A-D route originated by an ASBR aggregates Intra-
   AS I-PMSI A-D routes originated within the ASBR's own AS.  Thus,
   while the Intra-AS I-PMSI A-D routes originated within an AS are at
   the granularity of <PE, MVPN> within that AS, outside of that AS the
   (aggregated) Inter-AS I-PMSI A-D routes could be at the granularity
   of <AS, MVPN>.

9.2.2.  When Not to Originate Inter-AS I-PMSI A-D Routes

   If, for a given MVPN and a given AS, all of the sites connected to
   the PEs within the AS are known a priori to have no multicast
   sources, then ASBRs of that AS MAY refrain from originating an Inter-
   AS I-PMSI A-D route for that MVPN at all.

9.2.3.  Propagating Inter-AS I-PMSI A-D Routes

   An Inter-AS I-PMSI A-D route for a given MVPN originated by an ASBR
   within a given AS is propagated via BGP to other ASes.

9.2.3.1.  Propagating Inter-AS I-PMSI A-D Routes - Overview

   Suppose that ASBR A installs an Inter-AS I-PMSI A-D route for MVPN V
   that originated at a particular AS, AS1.  The BGP Next Hop of that
   route becomes A's "upstream multicast hop" on a multicast
   distribution tree for V that is rooted at AS1.  When the Inter-AS
   I-PMSI A-D routes have been distributed to all the necessary ASes,
   they define a "reverse path" from any AS that supports MVPN V back to
   AS1.  For instance, if AS2 supports MVPN V, then there will be a
   reverse path for MVPN V from AS2 to AS1.  This path is a sequence of
   ASBRs, the first of which is in AS2, and the last of which is in AS1.
   Each ASBR in the sequence is the BGP Next Hop of the previous ASBR in
   the sequence on the given Inter-AS I-PMSI A-D route.

   This reverse path information can be used to construct a
   unidirectional multicast distribution tree for MVPN V, containing all
   the ASes that support V, and having AS1 at the root.  We call such a
   tree an "inter-AS tree".  Multicast data originating in MVPN sites
   connected to PEs within a given AS will travel downstream along the
   tree, which is rooted at that AS.

   The path along an inter-AS tree is a sequence of ASBRs; it is still
   necessary to specify how the multicast data gets from a given ASBR to
   the set of ASBRs that are immediately downstream of the given ASBR
   along the tree.  This is done by creating "segments": ASBRs in
   adjacent ASes will be connected by inter-AS segments, ASBRs in the
   same AS will be connected by "intra-AS segments".

   An ASBR initiates creation of an intra-AS segment when the ASBR
   receives an Inter-AS I-PMSI A-D route from an EBGP neighbor.
   Creation of the segment is completed as a result of distributing, via
   IBGP, this route within the ASBR's own AS.

   For a given inter-AS tunnel, each of its intra-AS segments could be
   constructed by its own independent mechanism.  Moreover, by using
   upstream-assigned labels within a given AS multiple intra-AS segments
   of different inter-AS tunnels of either the same or different MVPNs
   may share the same P-multicast tree.

   If the P-multicast tree that serves as a particular intra-AS segment
   of an inter-AS tunnel is created by a multicast control protocol that
   uses receiver-initiated joins (e.g., mLDP, any PIM variant), and this
   P-multicast tree does not aggregate multiple segments, then all the
   information needed to create that segment is present in the PMSI
   Tunnel attribute of the Inter-AS I-PMSI A-D routes.  However, if the
   P-multicast tree that serves as the segment is created by a protocol
   that does not use receiver-initiated joins (e.g., RSVP-TE, ingress
   unicast replication), or if this P-multicast tree aggregates multiple
   segments (irrespective of the multicast control protocol used to
   create the tree), then it is also necessary to use Leaf A-D routes.
   The precise conditions under which Leaf A-D routes need to be used
   are described in subsequent sections.

   Since (aggregated) Inter-AS I-PMSI A-D routes could have granularity
   of <AS, MVPN>, an MVPN that is present in N ASes could have a total
   of N inter-AS tunnels.  Thus, for a given MVPN, the number of inter-
   AS tunnels constituting the I-PMSIs is independent of the number of
   PEs that have this MVPN.

   The precise rules for distributing and processing the Inter-AS I-PMSI
   A-D routes across ASes are given in the following sections.

9.2.3.2.  Inter-AS I-PMSI A-D Route Received via EBGP

   When an ASBR receives, from one of its EBGP neighbors, a BGP Update
   message that carries an Inter-AS I-PMSI A-D route, if (a) at least
   one of the Route Targets carried in the message matches one of the
   import Route Targets configured on the ASBR, and (b) the ASBR
   determines that the received route is the best route for its NLRI,
   the ASBR re-advertises this route to other PEs and ASBRs within its
   own AS (handling of this route by other PEs and ASBRs is described in
   Section 9.2.3.4).

   When re-advertising an Inter-AS I-PMSI A-D route, the ASBR MUST set
   the Next Hop field of the MP_REACH_NLRI attribute to a routable IP
   address of the ASBR.

   If the received Inter-AS I-PMSI A-D route carries the PMSI Tunnel
   attribute, then, depending on the technology used to instantiate the
   intra-AS segment of the inter-AS tunnel, the ASBR constructs the PMSI
   Tunnel attribute of the re-advertised Inter-AS I-PMSI A-D route as
   follows.

    + If the ASBR uses ingress replication for the intra-AS segment of
      the inter-AS tunnel, the re-advertised route MUST carry the PMSI
      Tunnel attribute with the Tunnel Type set to Ingress Replication,
      but no MPLS labels.

    + If the ASBR uses a P-multicast tree for the intra-AS segment of
      the inter-AS tunnel, the PMSI Tunnel attribute MUST contain the
      identity of the tree (note that the ASBR could create the identity
      of the tree prior to the actual instantiation of the tree).  If,
      in order to instantiate the tree, the ASBR needs to know the
      leaves of the tree, then the ASBR obtains this information from
      the Leaf A-D routes received from other PEs/ASBRs in the ASBR's
      own AS (as described in Section 9.2.3.5) by setting the Leaf
      Information Required flag in the PMSI Tunnel attribute to 1.

    + An ASBR that uses a P-multicast tree as the intra-AS segment of
      the inter-AS tunnel MAY aggregate two or more MVPNs present on the
      ASBR onto the same tree.  In this case, in addition to the
      identity of the tree, the PMSI Tunnel attribute of the Inter-AS I-
      PMSI A-D route MUST carry an MPLS upstream-assigned label that the
      PE has bound uniquely to the MVPN associated with this route (as
      determined by its RTs).

      If the ASBR has already advertised Inter-AS I-PMSI A-D routes for
      two or more MVPNs that it now desires to aggregate, then the ASBR
      MUST re-advertise those routes.  The re-advertised routes MUST be
      the same as the original ones, except for the PMSI Tunnel
      attribute and the MVPN label.

9.2.3.2.1.  Originating Leaf A-D Route into EBGP

   In addition, the ASBR MUST send to the EBGP neighbor from whom it
   received the Inter-AS I-PMSI A-D route, a BGP Update message that
   carries a Leaf A-D route constructed as follows.

    + The route carries a single MCAST-VPN NLRI with the Route Key field
      set to the MCAST-VPN NLRI of the Inter-AS I-PMSI A-D route
      received from that neighbor and the Originating Router's IP
      address set to the IP address of the ASBR (this MUST be a routable
      IP address).

    + The Leaf A-D route MUST include the PMSI Tunnel attribute with the
      Tunnel Type set to Ingress Replication and the Tunnel Identifier
      set to a routable address of the advertising router.  The PMSI
      Tunnel attribute MUST carry a downstream-assigned MPLS label that
      is used by the advertising router to demultiplex the MVPN traffic
      received over a unicast tunnel from the EBGP neighbor.

    + The ASBR constructs an IP-based Route Target Extended Community by
      placing the IP address carried in the Next Hop of the received
      Inter-AS I-PMSI A-D route in the Global Administrator field of the
      Community, with the Local Administrator field of this Community
      set to 0 and setting the Extended Communities attribute of the
      Leaf A-D route to that Community.  Note that this Route Target is
      the same as the ASBR Import RT of the EBGP neighbor from which the
      ASBR received the Inter-AS I-PMSI A-D route.

    + The Next Hop field of the MP_REACH_NLRI attribute of the route
      MUST be set to the same IP address as the one carried in the
      Originating Router's IP Address field of the route.

    + To constrain the distribution scope of this route, the route MUST
      carry the NO_ADVERTISE BGP Community [RFC1997].

   Handling of this Leaf A-D route by the EBGP neighbor is described in
   Section 9.2.3.3.

   The ASBR MUST set up its forwarding state such that packets that
   arrive on the one-hop ASBR-ASBR LSP, as specified in the PMSI Tunnel
   attribute of the Leaf A-D route, are transmitted on the intra-AS
   segment, as specified in the PMSI Tunnel attribute of the Inter-AS
   I-PMSI A-D route that the ASBR re-advertises in its own AS.  However,
   the packets MAY be filtered before forwarding, as specified in
   Section 9.2.3.6.

9.2.3.3.  Leaf A-D Route Received via EBGP

   When an ASBR receives, via EBGP, a Leaf A-D route originated by its
   neighbor ASBR, if the Route Target carried in the Extended
   Communities attribute of the route matches one of the ASBR Import RT
   (auto-)configured on the ASBR, the ASBR performs the following.

    + The ASBR finds an Inter-AS I-PMSI A-D route whose MCAST-VPN NLRI
      has the same value as the Route Key field of the Leaf A-D route.

    + If the found Inter-AS I-PMSI A-D route was originated by ASBR
      itself, then the ASBR sets up its forwarding state such that
      packets received on the intra-AS tunnels originating in the ASBR's
      own AS are transmitted on the one-hop ASBR-ASBR LSP specified by

      the MPLS label carried in the PMSI Tunnel attribute of the
      received Leaf A-D route.  (However, the packets MAY be filtered
      before transmission as specified in Section 9.2.3.6).  The intra-
      AS tunnels are specified in the PMSI Tunnel attribute of all the
      Intra-AS I-PMSI A-D routes received by the ASBR that the ASBR
      aggregated into the Inter-AS I-PMSI A-D route.  For each of these
      intra-AS tunnels, if a non-zero MPLS label is carried in the PMSI
      Tunnel attribute (i.e., aggregation is used), then only packets
      received on the inner LSP corresponding to that label MUST be
      forwarded, not the packets received on the outer LSP, as the outer
      LSP possibly carries the traffic of other VPNs.

    + If the found Inter-AS I-PMSI A-D route was originated by some
      other ASBR, then the ASBR sets up its forwarding state such that
      packets received on the intra-AS tunnel segment, as specified in
      the PMSI Tunnel attribute of the found Inter-AS I-PMSI A-D route,
      are transmitted on the one-hop ASBR-ASBR LSP, as specified by the
      MPLS label carried in the PMSI Tunnel attribute of the Leaf A-D
      route.

9.2.3.4.  Inter-AS I-PMSI A-D Route Received via IBGP

   In the context of this section, we use the term "PE/ASBR router" to
   denote either a PE or an ASBR router.

   If a given Inter-AS I-PMSI A-D route is received via IBGP by a BGP
   route reflector, the BGP route reflector MUST NOT modify the Next Hop
   field of the MP_REACH_NLRI attribute when re-advertising the route
   into IBGP (this is because the information carried in the Next Hop is
   used for controlling flow of C-multicast routes, as specified in
   Section 11.2).

   If a given Inter-AS I-PMSI A-D route is advertised within an AS by
   multiple ASBRs of that AS, the BGP best route selection performed by
   other PE/ASBR routers within the AS does not require all these
   PE/ASBR routers to select the route advertised by the same ASBR -- to
   the contrary, different PE/ASBR routers may select routes advertised
   by different ASBRs.

   When a PE/ASBR router receives, from one of its IBGP neighbors, a BGP
   Update message that carries an Inter-AS I-PMSI A-D route, if (a) at
   least one of the Route Targets carried in the message matches one of
   the import Route Targets configured on the PE/ASBR, and (b) the
   PE/ASBR determines that the received route is the best route to the
   destination carried in the NLRI of the route, the PE/ASBR performs
   the following operations.

    + If the router is a PE, then the router imports the route into the
      VRF(s) that have the matching import Route Targets.

    + If the router is an ASBR, then the ASBR propagates the route to
      its EBGP neighbors.  When propagating the route to the EBGP
      neighbors, the ASBR MUST set the Next Hop field of the
      MP_REACH_NLRI attribute to a routable IP address of the ASBR.  If
      the received Inter-AS I-PMSI A-D route carries the PMSI Tunnel
      attribute, then the propagated route MUST carry the PMSI Tunnel
      attribute with the Tunnel Type set to Ingress Replication; the
      attribute carries no MPLS labels.

    + If the received Inter-AS I-PMSI A-D route carries the PMSI Tunnel
      attribute with the Tunnel Type set to mLDP P2MP LSP, PIM-SSM tree,
      PIM-SM tree, or BIDIR-PIM tree, the PE/ASBR SHOULD join as soon as
      possible the P-multicast tree whose identity is carried in the
      Tunnel Identifier.

    + If the received Inter-AS I-PMSI A-D route carries the PMSI Tunnel
      attribute with the Tunnel Identifier set to RSVP-TE P2MP LSP, then
      the ASBR that originated the route MUST establish an RSVP-TE P2MP
      LSP with the local PE/ASBR as a leaf.  This LSP MAY have been
      established before the local PE/ASBR receives the route, or it MAY
      be established after the local PE receives the route.

    + If the received Inter-AS I-PMSI A-D route carries the PMSI Tunnel
      attribute with the Tunnel Type set to mLDP P2MP LSP, RSVP-TE P2MP
      LSP, PIM-SSM, PIM-SM tree, or BIDIR-PIM tree, but the attribute
      does not carry a label, then the P-multicast tree, as identified
      by the PMSI Tunnel attribute, is an intra-AS LSP segment that is
      part of the inter-AS tunnel for the MVPN advertised by the Inter-
      AS I-PMSI A-D route and rooted at the AS that originated the
      Inter-AS I-PMSI A-D route.  If the PMSI Tunnel attribute carries a
      (upstream-assigned) label, then a combination of this tree and the
      label identifies the intra-AS segment.  If the receiving router is
      an ASBR, this intra-AS segment may further be stitched to the
      ASBR-ASBR inter-AS segment of the inter-AS tunnel.  If the PE/ASBR
      has local receivers in the MVPN, packets received over the intra-
      AS segment must be forwarded to the local receivers using the
      local VRF.

9.2.3.4.1.  Originating Leaf A-D Route into IBGP

   If the Leaf Information Required flag in the PMSI Tunnel attribute of
   the received Inter-AS I-PMSI A-D route is set to 1, then the PE/ASBR
   MUST originate a new Leaf A-D route as follows.

    + The route carries a single MCAST-VPN NLRI with the Route Key field
      set to the MCAST-VPN NLRI of the Inter-AS I-PMSI A-D route
      received from that neighbor and the Originating Router's IP
      address set to the IP address of the PE/ASBR (this MUST be a
      routable IP address).

    + If the received Inter-AS I-PMSI A-D route carries the PMSI Tunnel
      attribute with the Tunnel Type set to Ingress Replication, then
      the Leaf A-D route MUST carry the PMSI Tunnel attribute with the
      Tunnel Type set to Ingress Replication.  The Tunnel Identifier
      MUST carry a routable address of the PE/ASBR.  The PMSI Tunnel
      attribute MUST carry a downstream-assigned MPLS label that is used
      to demultiplex the MVPN traffic received over a unicast tunnel by
      the PE/ASBR.

    + The PE/ASBR constructs an IP-based Route Target Extended Community
      by placing the IP address carried in the Next Hop of the received
      Inter-AS I-PMSI A-D route in the Global Administrator field of the
      Community, with the Local Administrator field of this Community
      set to 0 and setting the Extended Communities attribute of the
      Leaf A-D route to that Community.

    + The Next Hop field of the MP_REACH_NLRI attribute of the route
      MUST be set to the same IP address as the one carried in the
      Originating Router's IP Address field of the route.

    + To constrain the distribution scope of this route, the route MUST
      carry the NO_EXPORT Community [RFC1997].

    + Once the Leaf A-D route is constructed, the PE/ASBR advertises
      this route into IBGP.

9.2.3.5.  Leaf A-D Route Received via IBGP

   When an ASBR receives, via IBGP, a Leaf A-D route, if the Route
   Target carried in the Extended Communities attribute of the route
   matches one of the ASBR Import RT (auto-)configured on the ASBR, the
   ASBR performs the following.

   The ASBR finds an Inter-AS I-PMSI A-D route whose MCAST-VPN NLRI has
   the same value as the Route Key field of the Leaf A-D route.

   The received route may carry either (a) no PMSI Tunnel attribute, or
   (b) the PMSI Tunnel attribute, but only with the Tunnel Type set to
   Ingress Replication.

   If the received route does not carry the PMSI Tunnel attribute, the
   ASBR uses the information from the received route to determine the
   leaves of the P-multicast tree rooted at the ASBR that would be used
   for the intra-AS segment associated with the found Inter-AS I-PMSI
   A-D route.  The IP address of a leaf is the IP address carried in the
   Originating Router's IP address field of the received Leaf A-D route.

   If the received route carries the PMSI Tunnel attribute with the
   Tunnel Type set to Ingress Replication, the ASBR uses the information
   carried by the route to construct the intra-AS segment with ingress
   replication.

9.2.3.6.  Optimizing Bandwidth by IP Filtering on ASBRs

   An ASBR that has a given Inter-AS I-PMSI A-D route MAY discard some
   of the traffic carried in the tunnel specified in the PMSI Tunnel
   attribute of this route, if the ASBR determines that there are no
   downstream receivers for that traffic.

   When BGP is being used to distribute C-multicast routes, an ASBR that
   has a given Inter-AS I-PMSI A-D route MAY discard traffic from a
   particular customer multicast source C-S and destined to a particular
   customer multicast group address C-G that is carried over the tunnel
   specified in the PMSI Tunnel attribute of the route, if none of the
   C-multicast routes on the ASBR with RD and Source AS being the same
   as the RD and Source AS of the Inter-AS I-PMSI A-D route matches the
   (C-S,C-G) tuple.  A C-multicast route is said to match a (C-S,C-G)
   tuple, if it is a Source Tree Join route with Multicast Source set to
   C-S and Multicast Group set to C-G or a Shared Tree Join route with
   Multicast Group set to C-G.

   The above procedures MAY also apply to an ASBR that originates a
   given Inter-AS I-PMSI A-D route.  In this case, the ASBR applies them
   to the traffic carried over the tunnels specified in the PMSI Tunnel
   attribute of the Intra-AS I-PMSI A-D routes that the ASBR aggregates
   into the Inter-AS I-PMSI A-D route and whose tails are stitched to
   the one-hop ASBR-ASBR tunnel specified in the Inter-AS I-PMSI A-D
   route.

10.  Non-Congruent Unicast and Multicast Connectivity

   It is possible to deploy MVPN such that the multicast routing and the
   unicast routing are "non-congruent".  For instance, the CEs may be
   distributing to the PEs a special set of unicast routes that are to
   be used exclusively for the purpose of upstream multicast hop
   selection, and not used for unicast routing at all.  (For example,
   when BGP is the CE-PE unicast routing protocol, the CEs may be using
   SAFI 2 ("Network Layer Reachability Information used for multicast

   forwarding" [IANA-SAFI]), and either IPv4 or IPv6 AFI to distribute a
   special set of routes that are to be used for, and only for, upstream
   multicast hop selection.) In such a situation, we will speak of the
   MVPN as having two VRFs on a given PE: one containing the routes that
   are used for unicast, the other containing the unicast routes that
   are used for UMH selection.  We will call the former the "unicast
   routing VRF" and the latter the "UMH VRF" (upstream-multicast-hop
   VRF).

   In this document, when we speak without qualification of the MVPN's
   VRF, then if the MVPN has both a unicast VRF and a UMH VRF, we are
   speaking of the UMH VRF.  (Of course, if there is no separate UMH
   VRF, then we are speaking of the unicast VRF.)

   If there is a separate UMH VRF, it MAY have its own import and export
   Route Targets, different from the ones used by the unicast VRF.
   These Route Targets MUST be used to control distribution of auto-
   discovery routes.  In addition, the export Route Targets of the UMH
   VRF are added to the Route Targets used by the unicast VRF when
   originating (unicast) VPN-IP routes.  The import Route Targets
   associated with a given UMH VRF are used to determine which of the
   received (unicast) VPN-IP routes should be accepted into the UMH VRF.

   If a PE maintains an UMH VRF for that MVPN, then it is RECOMMENDED
   that the UMH VRF use the same RD as the one used by the unicast VRF
   of that MVPN.

   If an MVPN site is multihomed to several PEs, then to support non-
   congruent unicast and multicast connectivity, on each of these PEs,
   the UMH VRF of the MVPN MUST use its own distinct RD (although on a
   given PE, the RD used by the UMH VRF SHOULD be the same as the one
   used by the unicast VRF).

   If an MVPN has a UMH VRF distinct from its unicast VRF, then one
   option to support non-congruency is to exchange the routes to/from
   that UMH VRF by using the same AFI/SAFI as used by the routes from
   the unicast VRF.

   Another option is to exchange the routes to/from the UMH VRF using
   the IPv4 or IPv6 AFI (as appropriate), but with the SAFI set to SAFI
   129 "Multicast for BGP/MPLS IP Virtual Private Networks (VPNs)"
   [IANA-SAFI].  The NLRI carried by these routes is defined as follows:

      +---------------------------+
      |   Length (1 octet)        |
      +---------------------------+
      |   Prefix (variable)       |
      +---------------------------+

   The use and the meaning of these fields are as follows:

   a) Length:

      The Length field indicates the length, in bits, of the address
      prefix.

   b) Prefix:

      The Prefix field contains a Route Distinguisher as defined in
      [RFC4364] prepended to an IPv4 or IPv6 address prefix, followed by
      enough trailing bits to make the end of the field fall on an octet
      boundary.  Note that the value of trailing bits is irrelevant.

   These routes MUST carry the VRF Route Import Extended Community.  If,
   for a given MVPN, BGP is used for exchanging C-multicast routes, or
   if segmented inter-AS tunnels are used, then these routes MUST also
   carry the Source AS Extended Community.

   The detailed procedures for selecting forwarder PE in the presence of
   such routes are outside the scope of this document.  However, this
   document requires these procedures to preserve the constraints
   imposed by the single forwarder PE selection procedures, as specified
   in [MVPN].

11.  Exchange of C-Multicast Routing Information among PEs

   VPN C-Multicast Routing Information is exchanged among PEs by using
   C-multicast routes that are carried using an MCAST-VPN NLRI.  These
   routes are originated and propagated as follows.

11.1.  Originating C-Multicast Routes by a PE

   Part of the procedures for constructing MCAST-VPN NLRI depends on the
   multicast routing protocol between CE and PE (C-multicast protocol).

11.1.1.  Originating Routes: PIM as the C-Multicast Protocol

   The following specifies the construction of MCAST-VPN NLRI of
   C-multicast routes for the case where the C-multicast protocol is
   PIM.  These C-multicast routes are originated as a result of updates
   in the (C-S,C-G), or (C-*,C-G) state learned by a PE via the
   C-multicast protocol.

   Note that creation and deletion of (C-S,C-G,rpt) states on a PE when
   the C-multicast protocol is PIM do not result in any BGP actions.

11.1.1.1.  Originating Source Tree Join C-Multicast Route

   Whenever (a) a C-PIM instance on a particular PE creates a new
   (C-S,C-G) state, and (b) the selected upstream PE for C-S (see
   [MVPN]) is not the local PE, then the local PE MUST originate a
   C-multicast route of type Source Tree Join.  The Multicast Source
   field in the MCAST-VPN NLRI of the route is set to C-S; the Multicast
   Group field is set of C-G.

   This C-multicast route is said to "correspond" to the C-PIM (C-S,C-G)
   state.

   The semantics of the route are such that the PE has one or more
   receivers for (C-S,C-G) in the sites connected to the PE (the route
   has the (C-S,C-G) Join semantics).

   Whenever a C-PIM instance on a particular PE deletes a (C-S,C-G)
   state, the corresponding C-multicast route MUST be withdrawn.  (The
   withdrawal of the route has the (C-S,C-G) Prune semantics).  The
   MCAST-VPN NLRI of the withdrawn route is carried in the
   MP_UNREACH_NLRI attribute.

11.1.1.2.  Originating Shared Tree Join C-Multicast Route

   Whenever (a) a C-PIM instance on a particular PE creates a new
   (C-*,C-G) state, and (b) the selected upstream PE for the C-RP
   corresponding to the C-G (see [MVPN]) is not the local PE, then the
   local PE MUST originate a C-multicast route of type Shared Tree Join.
   The Multicast Source field in the MCAST-VPN NLRI of the route is set
   to the C-RP address.  The Multicast Group field in the MCAST-VPN NLRI
   is set to the C-G address.

   This C-multicast route is said to "correspond" to the C-PIM (C-*,C-G)
   state.

   The semantics of the route are such that the PE has one or more
   receivers for (C-*,C-G) in the sites connected to the PE (the route
   has the (C-*,C-G) Join semantics).

   Whenever a C-PIM instance on a particular PE deletes a (C-*,C-G)
   state, the corresponding C-multicast route MUST be withdrawn.  (The
   withdrawal of the route has the (C-S,C-G) Prune semantics).  The
   MCAST-VPN NLRI of the withdrawn route is carried in the
   MP_UNREACH_NLRI attribute.

11.1.2.  Originating Routes: mLDP as the C-Multicast Protocol

   The following specifies the construction of the MCAST-VPN NLRI of
   C-multicast routes for the case where the C-multicast protocol is
   mLDP [mLDP].

   Whenever a PE receives, from one of its CEs, a P2MP Label Map
   <X, Y, L> over interface I, where X is the Root Node Address, Y is
   the Opaque Value, and L is an MPLS label, the PE checks whether it
   already has state for <X, Y> in the VRF associated with the CE.  If
   so, then all the PE needs to do in this case is to update its
   forwarding state by adding <I, L> to the forwarding state associated
   with <X, Y>.

   If the PE does not have state for <X, Y> in the VRF associated with
   the CE, then the PE constructs a Source Tree Join C-multicast route
   whose MCAST-VPN NLRI contains X as the Multicast Source field, and Y
   as the Multicast Group field.

   Whenever a PE deletes a previously created <X, Y> state that had
   resulted in originating a C-multicast route, the PE withdraws the
   C-multicast route.  The MCAST-VPN NLRI of the withdrawn route is
   carried in the MP_UNREACH_NLRI attribute.

11.1.3.  Constructing the Rest of the C-Multicast Route

   The rest of the C-multicast route is constructed as follows (the same
   procedures apply to both PIM and mLDP as the C-Multicast protocol).

   The local PE executes the procedures of [MVPN] to find the selected
   Upstream Multicast Hop (UMH) route and the selected upstream PE for
   the address carries in the Multicast Source field of MCAST-VPN NLRI.

   From the selected UMH route, the local PE extracts (a) the ASN of the
   upstream PE (as carried in the Source AS Extended Community of the
   route), and (b) the C-multicast Import RT of the VRF on the upstream
   PE (the value of this C-multicast Import RT is the value of the VRF
   Route Import Extended Community carried by the route).  The Source AS
   field in the C-multicast route is set to that AS.  The Route Target
   Extended Community of the C-multicast route is set to that
   C-multicast Import RT.

   If there is more than one (remote) PE that originates the (unicast)
   route to the address carried in the Multicast Source field of the
   MCAST-VPN NLRI, then the procedures for selecting the UMH route and
   the upstream PE to reach that address are as specified in [MVPN].

   If the local and the upstream PEs are in the same AS, then the RD of
   the advertised MCAST-VPN NLRI is set to the RD of the VPN-IP route
   that contains the address carried in the Multicast Source field.

   The C-multicast route is then advertised into IBGP.

   If the local and the upstream PEs are in different ASes, then the
   local PE finds in its VRF an Inter-AS I-PMSI A-D route whose Source
   AS field carries the ASN of the upstream PE.  The RD of the found
   Inter-AS I-PMSI A-D route is used as the RD of the advertised
   C-multicast route.  The local PE constructs an IP-based Route Target
   Extended Community by placing the Next Hop of the found Inter-AS I-
   PMSI A-D route in the Global Administrator field of this Community,
   with the Local Administrator field of this Community set to 0; it
   then adds this Community to the Extended Communities attribute of the
   C-multicast route.  (Note that this Route Target is the same as the
   ASBR Import RT of the ASBR identified by the Next Hop of the found
   Inter-AS I-PMSI A-D route.)

   Inter-AS I-PMSI A-D routes are not used to support non-segmented
   inter-AS tunnels.  To support non-segmented inter-AS tunnels, if the
   local and the upstream PEs are in different ASes, the local system
   finds in its VRF an Intra-AS I-PMSI A-D route from the upstream PE
   (the Originating Router's IP Address field of that route has the same
   value as the one carried in the VRF Route Import of the (unicast)
   route to the address carried in the Multicast Source field).  The RD
   of the found Intra-AS I-PMSI A-D route is used as the RD of the
   advertised C-multicast route.  The Source AS field in the C-multicast
   route is set to value of the Originating Router's IP Address field of
   the found Intra-AS I-PMSI A-D route.

   The Next Hop field of the MP_REACH_NLRI attribute MUST be set to a
   routable IP address of the local PE.

   If the Next Hop of the found (Inter-AS or Intra-AS) I-PMSI A-D route
   is an EBGP neighbor of the local PE, then the PE advertises the C-
   multicast route to that neighbor.  If the Next Hop of the found
   (Inter-AS or Intra-AS) I-PMSI A-D route is within the same AS as the
   local PE, then the PE advertises the C-multicast route into IBGP.

11.1.4.  Unicast Route Changes

   The particular UMH route that is selected by a given PE for a given
   C-S may be influenced by the network's unicast routing.  In that
   case, a change in the unicast routing may invalidate prior choices of
   the UMH route for some C-S.  If this happens, the local PE MUST
   execute the UMH route selection procedures for C-S again.  If the

   result is that a different UMH route is selected, then for all C-G,
   any previously originated C-multicast routes for (C-S,C-G) MUST be
   re-originated.

   Similarly, if a unicast routing change results in a change of the UMH
   route for a C-RP, then for all C-G such that C-RP is the RP
   associated with C-G, any previously originated C-multicast routes for
   (C-*,C-G) MUST be re-originated.

11.2.  Propagating C-Multicast Routes by an ASBR

   When an ASBR receives a BGP Update message that carries a C-multicast
   route, if at least one of the Route Targets of the route matches one
   of the ASBR Import RTs (auto-)configured on the ASBR, the ASBR finds
   an Inter-AS I-PMSI A-D route whose RD and Source AS matches the RD
   and Source AS carried in the C-multicast route.  If no matching route
   is found, the ASBR takes no further action.  If a matching route is
   found, the ASBR proceeds as follows.

   To support non-segmented inter-AS tunnels, instead of matching the RD
   and Source AS carried in the C-multicast route against the RD and
   Source AS of an Inter-AS I-PMSI A-D route, the ASBR should match it
   against the RD and the Originating Router's IP Address of the Intra-
   AS I-PMSI A-D routes.

   The ASBR first checks if it already has one or more C-multicast
   routes that have the same MCAST-VPN NLRI as the newly received route.
   If such a route(s) already exists, the ASBR keeps the newly received
   route, but SHALL NOT re-advertise the newly received route.
   Otherwise, the ASBR re-advertises the route, as described in this
   section.

   When an ASBR receives a BGP Update message that carries a withdrawal
   of a previously advertised C-multicast route, the ASBR first checks
   if it already has at least one other C-multicast route that has the
   same MCAST-VPN NLRI.  If such a route already exists, the ASBR
   processes the withdrawn route, but SHALL NOT re-advertise the
   withdrawal.  Otherwise, the ASBR re-advertises the withdrawal of the
   previously advertised C-multicast route, as described below.

   If the ASBR is the ASBR that originated the found Inter-AS I-PMSI A-D
   route, then before re-advertising the C-multicast route into IBGP,
   the ASBR removes from the route the Route Target that matches one of
   the ASBR Import RTs (auto-)configured on the ASBR.

   If the ASBR is not the ASBR that originated the found Inter-AS I-PMSI
   A-D route, then before re-advertising the C-multicast route, the ASBR
   modifies the Extended Communities attribute of the C-multicast route

   by replacing the Route Target of the route that matches one of the
   ASBR Import RTs (auto-)configured on the ASBR with a new Route Target
   constructed as follows.  The new Route Target is an IP-based Route
   Target that has the Global Administrator field set to the Next Hop of
   the found Inter-AS I-PMSI A-D route, and Local Administrator field of
   this Community set to 0.  Note that this newly constructed Route
   Target is the same as the ASBR Import RT of the ASBR identified by
   the Next Hop of the found Inter-AS I-PMSI A-D route.  The rest of the
   Extended Communities attribute of the route SHOULD be passed
   unmodified.

   The Next Hop field of the MP_REACH_NLRI attribute SHOULD be set to an
   IP address of the ASBR.

   If the Next Hop field of the MP_REACH_NLRI of the found (Inter-AS or
   Intra-AS) I-PMSI A-D route is an EBGP neighbor of the ASBR, then the
   ASBR re-advertises the C-multicast route to that neighbor.  If the
   Next Hop field of the MP_REACH_NLRI of the found (Inter-AS or Intra-
   AS) I-PMSI A-D route is an IBGP neighbor of the ASBR, the ASBR re-
   advertises the C-multicast route into IBGP.  If it is the ASBR that
   originated the found Inter-AS I-PMSI A-D route in the first place,
   then the ASBR just re-advertises the C-multicast route into IBGP.

11.3.  Receiving C-Multicast Routes by a PE

   When a PE receives a C-multicast route the PE checks if any of the
   Route Target Extended Communities carried in the Extended Communities
   attribute of the route match any of the C-multicast Import RTs
   associated with the VRFs of any MVPN maintained by the PE.  If no
   match is found, the PE SHOULD discard the route.  Otherwise, (if a
   match is found), the PE checks if the address carried in the
   Multicast Source field of the C-multicast route matches one of the
   (unicast) VPN-IP routes advertised by PE from the VRF.  If no match
   is found the PE SHOULD discard the route.  Otherwise, (if a match is
   found), the PE proceeds as follows, depending on the multicast
   routing protocol between CE and PE (C-multicast protocol).

11.3.1.  Receiving Routes: PIM as the C-Multicast Protocol

   The following describes procedures when PIM is used as the multicast
   routing protocol between CE and PE (C-multicast protocol).

   Since C-multicast routing information is disseminated by BGP, PIM
   messages are never sent from one PE to another.

11.3.1.1.  Receiving Source Tree Join C-Multicast Route

   If the received route has the Route Type set to Source Tree Join,
   then the PE creates a new (C-S,C-G) state in its MVPN-TIB from the
   Multicast Source and Multicast Group fields in the MCAST-VPN NLRI of
   the route, if such a state does not already exist.

   If the local policy on the PE is to bind (C-S,C-G) to an S-PMSI, then
   the PE adds the S-PMSI to the outgoing interface list of the
   (C-S,C-G) state, if it is not already there.  Otherwise, the PE adds
   an I-PMSI to the outgoing interface list of the (C-S,C-G) state, if
   it is not already there.

   When, for a said VRF, the last Source Tree Join C-multicast route for
   (C-S,C-G) is withdrawn, resulting in the situation where the VRF
   contains no Source Tree Join C-multicast route for (C-S,C-G), the PE
   MUST remove the I-PMSI/S-PMSI from the outgoing interface list of the
   (C-S,C-G) state.  Depending on the (C-S,C-G) state of the PE-CE
   interfaces, this may result in the PE using PIM procedures to prune
   itself off the (C-S,C-G) tree.  If C-G is not in the SSM range for
   the VRF, then removing the I-PMSI/S-PMSI from the outgoing interface
   list of the (C-S,C-G) state SHOULD be done after a delay that is
   controlled by a timer.  The value of the timer MUST be configurable.

   The purpose of this timer is to ensure that the PE does not stop
   forwarding (C-S,C-G) onto a PMSI tunnel until all the PEs of the same
   MVPN have had time to receive the withdrawal of the Source Active A-D
   route for (C-S,C-G) (see Section 13.1), and the PE connected to C-RP
   starts forwarding (C-S,C-G) on the C-RPT.

   Note that before the PE stops forwarding (C-S,C-G), there is a
   possibility to have (C-S,C-G) packets being sent at the same time on
   the PMSI by both the local PE and the PE connected to the site that
   contains C-RP.  This would result in a transient unnecessary traffic
   on the provider backbone.  However, no duplicates will reach customer
   hosts subscribed to C-G as long as the downstream PEs apply
   procedures described in Section 9.1 of [MVPN].

11.3.1.2.  Receiving Shared Tree Join C-Multicast Route

   If the received route has the Route Type set to Shared Tree Join,
   then the PE creates a new (C-*,C-G) state in its MVPN-TIB with the RP
   address for that state taken from the Multicast Source, and C-G for
   that state taken from the Multicast Group fields of the MCAST-VPN
   NLRI of the route, if such a state does not already exist.  If there
   is no S-PMSI for (C-*,C-G), then the PE adds I-PMSI to the outgoing

   interface list of the state if it is not already there.  If there is
   an S-PMSI for (C-*,C-G), then the PE adds S-PMSI to the outgoing
   interface list of the state if it is not already there.

   When, for a said VRF, the last Shared Tree Join C-multicast route for
   (C-*,C-G) is withdrawn, resulting in the situation where the VRF
   contains no Shared Tree Join C-multicast route for (C-*,C-G), the PE
   MUST remove the I-PMSI/S-PMSI from the outgoing interface list of the
   (C-*,C-G) state.  Depending on the (C-*,C-G) state of the PE-CE
   interfaces, this may result in the PE using PIM procedures to prune
   itself off the (C-*,C-G) tree.

11.3.2.  Receiving Routes: mLDP as the C-Multicast Protocol

   The following describes procedures when mLDP is used as the multicast
   routing protocol between CE and PE (C-multicast protocol).

   When mLDP is used as a C-multicast protocol, the only valid type of a
   C-multicast route that a PE could receive is a Source Tree Join
   C-multicast route.

   When the PE receives a Source Tree Join C-multicast route, the PE
   applies, in the scope of this VRF, the P2MP mLDP procedures for a
   transit node using the value carried in the Multicast Source field of
   the route as the C-Root Node Identifier, and the value carried in the
   Multicast Group of the route as the C-LDP MP Opaque Value Element.

   If there is no S-PMSI for <C-Root Node Identifier, C-LDP MP Opaque
   Value Element>, then the PE creates and advertises an S-PMSI as
   described in Section 12 using C-Root Node Identifier as the value for
   the Multicast Source field of the S-PMSI A-D route and C-LDP MP
   Opaque Value Element as the value for the Multicast Group field of
   the route.

   To improve scalability when mLDP is used as the C-Multicast protocol
   for a given MVPN, within each AS that has sites of that MVPN
   connected to the PEs of that AS, all the S-PMSIs of that MVPN MAY be
   aggregated into a single P-multicast tree (by using upstream-assigned
   labels).

11.4.  C-Multicast Routes Aggregation

   Note that C-multicast routes are "de facto" aggregated by BGP.  This
   is because the MCAST-VPN NLRIs advertised by multiple PEs, for a
   C-multicast route for a particular C-S and C-G (or a particular C-*
   and C-G) of a given MVPN are identical.

   Hence, a BGP route reflector or ASBR that receives multiple such
   routes with the same NLRI will re-advertise only one of these routes
   to other BGP speakers.

   This implies that C-multicast routes for a given (S,G) of a given
   MVPN originated by PEs that are clients of a given route reflector
   are aggregated by the route reflector.  For instance, if multiple PEs
   that are clients of a route reflector, have receivers for a specific
   SSM channel of a MVPN, they will all advertise an identical NLRI for
   the Source Tree Join C-multicast route.  However, only one
   C-multicast route will be advertised by the route reflector for this
   specific SSM channel of that MVPN, to other PEs and route reflectors
   that are clients of the route reflector.

   This also implies that an ASBR aggregates all the received
   C-multicast routes for a given (S,G) (or a given (*,G)) of a given
   MVPN into a single C-multicast route.

   To further reduce the routing churn due to C-multicast routes
   changes, a route reflector that re-advertises a C-multicast route
   SHOULD set the Next Hop field of the MP_REACH_NLRI attribute of the
   route to an IP address of the route reflector.  Likewise, an ASBR
   that re-advertises a C-multicast route SHOULD set the Next Hop field
   of the MP_REACH_NLRI attribute of the route to an IP address of the
   ASBR.

   Further, a BGP receiver, which receives multiple such routes with the
   same NLRI for the same C-multicast route, will potentially create
   forwarding state based on a single C-multicast route.  Per the
   procedures described in Section 11.3, this forwarding state will be
   the same as the state that would have been created based on another
   route with same NLRI.

12.  Using S-PMSI A-D Routes to Bind C-Trees to P-Tunnels

   This section describes BGP-based procedures for using S-PMSIs A-D
   routes to bind (C-S,C-G) trees to P-tunnels.

12.1.  Originating S-PMSI A-D Routes

   The following describes procedures for originating S-PMSI A-D routes
   by a PE.

   The PE constructs the MCAST-VPN NLRI of an S-PMSI A-D route for a
   given (C-S,C-G) as follows.

    + The RD in this NLRI is set to the RD of the MVPN's VRF associated
      with (C-S,C-G).

    + The Multicast Source field MUST contain the source address
      associated with the C-multicast stream, and the Multicast Source
      Length field is set appropriately to reflect this.

    + The Multicast Group field MUST contain the group address
      associated with the C-multicast stream, and the Multicast Group
      Length field is set appropriately to reflect this.

    + The Originating Router's IP Address field MUST be set to the IP
      address that the (local) PE places in the Global Administrator
      field of the VRF Route Import Extended Community of the VPN-IP
      routes advertised by the PE.  Note that the <RD, Originating
      Router's IP address> tuple uniquely identifies a given multicast
      VRF.

   The PE constructs the rest of the S-PMSI A-D route as follows.

   Depending on the type of P-multicast tree used for the P-tunnel, the
   PMSI Tunnel attribute of the S-PMSI A-D route is constructed as
   follows:

    + The PMSI Tunnel attribute MUST contain the identity of the
      P-multicast tree (note that the PE could create the identity of
      the tree prior to the actual instantiation of the tree).

    + If, in order to establish the P-multicast tree, the PE needs to
      know the leaves of the tree within its own AS, then the PE obtains
      this information from the Leaf A-D routes received from other
      PEs/ASBRs within its own AS (as other PEs/ASBRs originate Leaf A-D
      routes in response to receiving the S-PMSI A-D route) by setting
      the Leaf Information Required flag in the PMSI Tunnel attribute to
      1.

    + If a PE originates S-PMSI A-D routes with the Leaf Information
      Required flag in the PMSI Tunnel attribute set to 1, then the PE
      MUST be (auto-)configured with an import Route Target, which
      controls acceptance of Leaf A-D routes by the PE.  (Procedures for
      originating Leaf A-D routes by the PEs that receive the S-PMSI A-D
      route are described in Section 12.3.)

      This Route Target is IP address specific.  The Global
      Administrator field of this Route Target MUST be set to the IP
      address carried in the Next Hop of all the S-PMSI A-D routes
      advertised by this PE (if the PE uses different Next Hops, then
      the PE MUST be (auto-)configured with multiple import RTs, one per
      each such Next Hop).  The Local Administrator field of this Route
      Target MUST be set to 0.

      If the PE supports Route Target Constraint [RT-CONSTRAIN], the PE
      SHOULD advertise this import Route Target within its own AS using
      Route Target Constraints.  To constrain distribution of the Route
      Target Constraint routes to the AS of the advertising PE, these
      routes SHOULD carry the NO_EXPORT Community [RFC1997].

    + A PE MAY aggregate two or more S-PMSIs originated by the PE onto
      the same P-multicast tree.  If the PE already advertises S-PMSI
      A-D routes for these S-PMSIs, then aggregation requires the PE to
      re-advertise these routes.  The re-advertised routes MUST be the
      same as the original ones, except for the PMSI Tunnel attribute.
      If the PE has not previously advertised S-PMSI A-D routes for
      these S-PMSIs, then the aggregation requires the PE to advertise
      (new) S-PMSI A-D routes for these S-PMSIs.  The PMSI Tunnel
      attribute in the newly advertised/re-advertised routes MUST carry
      the identity of the P-multicast tree that aggregates the S-PMSIs.
      If at least some of the S-PMSIs aggregated onto the same
      P-multicast tree belong to different MVPNs, then all these routes
      MUST carry an MPLS upstream-assigned label [RFC5331].

   If all these aggregated S-PMSIs belong to the same MVPN, and this
   MVPN uses PIM as its C-multicast routing protocol, then the
   corresponding S-PMSI A-D routes MAY carry an MPLS upstream-assigned
   label [RFC5331].  Moreover, in this case, the labels MUST be distinct
   on a per-MVPN basis and MAY be distinct on a per-route basis.

   If all these aggregated S-PMSIs belong to the MVPN(s) that uses mLDP
   as its C-multicast routing protocol, then the corresponding S-PMSI
   A-D routes MUST carry an MPLS upstream-assigned label [RFC5331], and
   these labels MUST be distinct on a per-route (per-mLDP FEC) basis,
   irrespective of whether the aggregated S-PMSIs belong to the same or
   different MVPNs.

   The Next Hop field of the MP_REACH_NLRI attribute of the route MUST
   be set to the same IP address as the one carried in the Originating
   Router's IP Address field.

   The route always carries a set of Route Targets.  The default set of
   Route Targets is determined as follows:

    + If there is a (unicast) VPN-IP route to C-S originated from the
      VRF, but no (unicast) VPN-IP route to C-RP originated from the
      VRF, then the set of Route Targets is formed by a set intersection
      between the set of Route Targets carried in the Intra-AS I-PMSI A-
      D route originated from the VRF and the set of Route Targets
      carried by the (unicast) VPN-IP route to C-S.

    + If there is no (unicast) VPN-IP route to C-S originated from the
      VRF, but there is a (unicast) VPN-IP route to C-RP originated from
      the VRF, then the set of Route Targets is formed by a set
      intersection between the set of Route Targets carried in the
      intra-AS I-PMSI A-D route originated from the VRF and the set of
      Route Targets carried by the (unicast) VPN-IP route to C-RP.

    + If there is a (unicast) VPN-IP route to C-S originated from the
      VRF, and a (unicast) VPN-IP route to C-RP originated from the VRF,
      then the set of Route Targets is formed by a set intersection
      between the set of Route Targets carried in the Intra-AS I-PMSI A-
      D route originated from the VRF and the set union of Route Targets
      carried by the (unicast) VPN-IP route to C-S and the (unicast)
      VPN-IP route to C-RP.

   In each of the above cases, an implementation MUST allow the set of
   Route Targets carried by the route to be specified by configuration.
   In the absence of a configured set of Route Targets, the route MUST
   carry the default set of Route Targets, as specified above.

12.2.  Handling S-PMSI A-D Routes by ASBRs

   Procedures for handling an S-PMSI A-D route by ASBRs (both within and
   outside of the AS of the PE that originates the route) are the same
   as specified in Section 9.2.3, except that instead of Inter-AS I-PMSI
   A-D routes, the procedures apply to S-PMSI A-D routes.

12.2.1.  Merging S-PMSI into an I-PMSI

   Consider the situation where:

    + An ASBR is receiving (or expecting to receive) inter-AS (C-S,C-G)
      data from upstream via an S-PMSI.

    + The ASBR is sending (or expecting to send) the inter-AS (C-S,C-G)
      data downstream via an I-PMSI.

   This situation may occur if the upstream providers have a policy of
   using S-PMSIs but the downstream providers have a policy of using
   I-PMSIs.  To support this situation, an ASBR MAY, under certain
   conditions, merge one or more upstream S-PMSIs into a downstream
   I-PMSI.

   An S-PMSI (corresponding to a particular S-PMSI A-D route) MAY be
   merged by a particular ASBR into an I-PMSI (corresponding to a
   particular Inter-AS I-PMSI A-D route) if and only if the following
   conditions all hold:

    + BGP is used to exchange C-multicast routes.

    + The S-PMSI A-D route and the Inter-AS I-PMSI A-D route originate
      in the same AS.  The Inter-AS I-PMSI A-D route carries the
      originating AS in the Source AS field of the NLRI of the route and
      in the AS_PATH attribute of the route.  The S-PMSI A-D route
      carries the originating AS in the AS_PATH attribute of the route.

    + The S-PMSI A-D route and the Inter-AS I-PMSI A-D route have
      exactly the same set of RTs.

    + For each (C-S,C-G) mentioned in the S-PMSI route, if the ASBR has
      installed a Source Tree Join (C-S,C-G) C-multicast route, then the
      S-PMSI route was originated by the upstream PE of the C-multicast
      route.  The address of the upstream PE is carried in the RT of the
      C-multicast route.  The address of the PE that originated the
      S-PMSI route is carried in the Originating Router's IP Address
      field of the MCAST-VPN NLRI of the route.

    + The ASBR supports the optional capability to discard (C-S,C-G)
      traffic received on an I-PMSI.

   An ASBR performs merging by stitching the tail end of the P-tunnel,
   as specified in the PMSI Tunnel attribute of the S-PMSI A-D route
   received by the ASBR, to the head of the P-tunnel, as specified in
   the PMSI Tunnel attribute of the Inter-AS I-PMSI A-D route re-
   advertised by the ASBR.

   IP processing during merge: If an ASBR merges a (C-S,C-G) S-PMSI A-D
   route into an Inter-AS I-PMSI A-D route, the ASBR MUST discard all
   (C-S,C-G) traffic it receives on the tunnel advertised in the I-PMSI
   A-D route.

   An ASBR that merges an S-PMSI A-D route into an Inter-AS I-PMSI A-D
   route MUST NOT re-advertise the S-PMSI A-D route.

12.3.  Receiving S-PMSI A-D Routes by PEs

   Consider a PE that receives an S-PMSI A-D route.  If one or more of
   the VRFs on the PE have their import Route Targets that contain one
   or more of the Route Targets carried by the received S-PMSI A-D
   route, then for each such VRF (and associated MVPN-TIB) the PE
   performs the following.

   Procedures for receiving an S-PMSI A-D route by a PE (both within and
   outside of the AS of the PE that originates the route) are the same
   as specified in Section 9.2.3.4 except that (a) instead of Inter-AS

   I-PMSI A-D routes, the procedures apply to S-PMSI A-D routes and (b)
   a PE performs procedures specified in that section only if, in
   addition to the criteria there, one of the following is true:

    + the PE originates a Source Tree Join (C-S,C-G) C-multicast route,
      and the upstream PE of that route is the PE that originates the
      S-PMSI A-D route; or

    + the PE does not originate a Source Tree Join (C-S,C-G) C-multicast
      route, but it originates a Shared Tree Join (C-*,C-G) C-multicast
      route.  The best (as determined by the BGP route selection
      procedures) Source Active A-D route for (C-S,C-G) selected by the
      PE is originated by the same PE as the one that originates the
      S-PMSI A-D route; or

    + the PE does not originate a Source Tree Join (C-S,C-G), has not
      received any Source Active A-D routes for (C-S,C-G), but does
      originate a Shared Tree Join (C-*,C-G) route.  The upstream PE for
      that route is the PE that originates the received S-PMSI A-D
      route.

   If the received S-PMSI A-D route has a PMSI Tunnel attribute with the
   Leaf Information Required flag set to 1, then the PE originates a
   Leaf A-D route.  The Route Key of the Leaf A-D route is set to the
   MCAST-VPN NLRI of the S-PMSI A-D route.  The rest of the Leaf A-D
   route is constructed using the same procedures as specified in
   section 9.2.3.4.1, except that instead of originating Leaf A-D routes
   in response to receiving Inter-AS I-PMSI A-D routes, the procedures
   apply to originating Leaf A-D routes in response to receiving S-PMSI
   A-D routes.

   In addition to the procedures specified in Section 9.2.3.4.1, the PE
   MUST set up its forwarding path to receive (C-S,C-G) traffic from the
   tunnel advertised by the S-PMSI A-D route (the PE MUST switch to the
   S-PMSI).

   If a PE that is a leaf node of a particular Selective tunnel
   determines that it no longer needs to receive any of (C-S,C-G)s
   carried over that tunnel, the PE SHOULD prune itself off that tunnel.
   Procedures for pruning are specific to a particular tunneling
   technology.

13.  Switching from Shared a C-Tree to a Source C-Tree

   The procedures defined in this section only apply when the
   C-multicast routing protocol is PIM [RFC4601]; moreover, they only
   apply for the multicast ASM mode and MUST NOT be applied to multicast

   group addresses belonging to the SSM range.  The procedures also MUST
   NOT be applied when the C-multicast routing protocol is BIDIR-PIM
   [RFC5015].

   The procedures of this section are applicable only to MVPNs that use
   both shared (i.e., rooted at a C-RP) and source (i.e., rooted at a
   C-S) inter-site C-trees.

   These procedures are not applicable to MVPNs that do not use shared
   inter-site C-trees and rely solely on source inter-site C-trees.  See
   Section 14 for the procedures applicable to that scenario.

   Whether or not a given MVPN uses both inter-site shared and source
   C-trees must be known a priori (e.g., via provisioning).

   In the scenario where an MVPN customer switches from a C-RP-based
   tree (RPT) to the shortest path tree (SPT), in order to avoid packet
   duplication, choosing of a single consistent upstream PE, as
   described in [MVPN], may not suffice.  To illustrate this, consider a
   set of PEs {PE2, PE4, PE6} that are on the C-RP tree for (C-*,C-G)
   and have chosen a consistent upstream PE, as described in [MVPN], for
   (C-*,C-G) state.  Further, this upstream PE, say PE1, is using a
   Multidirectional Inclusive PMSI (MI-PMSI) for (C-*,C-G).  If a site
   attached to one of these PEs, say PE2, switches to the C-S tree for
   (C-S,C-G), PE2 generates a Source Tree Join C-multicast route towards
   the upstream PE that is on the path to C-S, say PE3.  PE3 also uses
   the MI-PMSI for (C-S,C-G), as PE1 uses for (C-*,C-G).  This results
   in {PE2, PE4, PE6} receiving duplicate traffic for (C-S,C-G) -- both
   on the C-RP tree (from PE1) and C-S tree (from PE3).  If it is
   desirable to suppress receiving duplicate traffic, then it is
   necessary to choose a single forwarder PE for (C-S,C-G).  The
   following describes how this is achieved.

13.1.  Source within a Site - Source Active Advertisement

   When, as a result of receiving a Source Tree Join C-multicast route
   for (C-S,C-G) from some other PE the local PE adds either the S-PMSI
   or the I-PMSI to the outgoing interface list of the (C-S,C-G) state
   (see Section 11.3.1.1), the local PE MUST originate a Source Active
   A-D route if the PE has not originated such route already.  The route
   carries a single MCAST-VPN NLRI constructed as follows:

    + The RD in this NLRI is set to the RD of the VRF of the MVPN on the
      PE.

    + The Multicast Source field MUST be set to C-S.  The Multicast
      Source Length field is set appropriately to reflect this.

    + The Multicast Group field MUST be set to C-G.  The Multicast Group
      Length field is set appropriately to reflect this.

   The Next Hop field of the MP_REACH_NLRI attribute MUST be set to the
   IP address that the PE places in the Global Administrator field of
   the VRF Route Import Extended Community of the VPN-IP routes
   advertised by the PE from the MVPN's VRF.

   The route SHOULD carry the same set of Route Targets as the Intra-AS
   I-PMSI A-D route of the MVPN originated by the PE.

   Using the normal BGP procedures, the Source Active A-D route is
   propagated to all the PEs of the MVPN.

   Note that the advertisement of a Source Active A-D route for a given
   (C-S,C-G) could be combined, if desired, with the advertisement of an
   S-PMSI A-D route for the same (C-S,C-G).  This is accomplished by
   using the same BGP Update message to carry both the NLRI of the
   S-PMSI A-D route and the NLRI of the Source Active A-D route.

   Note that even if the originating PE advertises both the Source
   Active A-D route and the S-PMSI A-D route in the same BGP Update
   message, an implementation cannot assume that all other PEs will
   receive both of these routes in the same Update message.

   When, as a result of receiving a withdrawal of the previously
   advertised Source Tree Join C-multicast route for (C-S,C-G), the PE
   is going to remove the S-PMSI/I-PMSI from the outgoing interface list
   of the (C-S,C-G) state.  The local PE MUST also withdraw the Source
   Active A-D route for (C-S,C-G), if such a route has been advertised.

   Note that if the PE is also acting as a C-RP, but inter-site shared
   trees are being used, the reception of a PIM Register message by the
   PE does not result in the origination of a Source Active A-D route.

13.2.  Receiving Source Active A-D Route

   When a PE receives a new Source Active A-D route from some other PE,
   the PE finds a VRF whose import Route Targets match one or more of
   the Route Targets carried by the route.  If the match is found, then
   the PE updates the VRF with the received route.

   We say that a given (C-S,C-G) Source Active A-D route stored in a
   given VRF on a PE matches a given (C-*,C-G) entry present in the
   MVPN-TIB associated with the VRF if C-G carried by the route is the
   same as C-G of the entry, and the PE originates a Shared Tree Join
   C-multicast route for the same C-G as the C-G of the entry.

   When (as a result of receiving PIM messages from one of its CEs) a PE
   creates in one of its MVPN-TIBs a (new) (C-*,C-G) entry with a non-
   empty outgoing interface list that contains one or more PE-CE
   interfaces, the PE MUST check if it has any matching Source Active
   A-D routes.  If there is one or more such matching route, such that
   the PE does not have (C-S,C-G) state in its MVPN-TIB for (C-S,C-G)
   carried in the route, then the PE selects one of them (using the BGP
   route selection procedures), and sets up its forwarding path to
   receive (C-S,C-G) traffic from the tunnel that the originator of the
   selected Source Active A-D route uses for sending (C-S,C-G).

   When, as a result of receiving a new Source Active A-D route, a PE
   updates its VRF with the route, the PE MUST check if the newly
   received route matches any (C-*,C-G) entries.  If (a) there is a
   matching entry, (b) the PE does not have (C-S,C-G) state in its MVPN-
   TIB for (C-S,C-G) carried in the route, and (c) the received route is
   selected as the best (using the BGP route selection procedures), then
   the PE sets up its forwarding path to receive (C-S,C-G) traffic from
   the tunnel the originator of the selected Source Active A-D route
   uses for sending (C-S,C-G).

   Note that if the PE is also acting as a C-RP, and inter-site shared
   trees are being used, the BGP Source Active A-D routes do not replace
   the Multicast Source Discovery Protocol (MSDP) or PIM-based Anycast
   RP peerings among C-RPs that would be needed to disseminate source
   discovery information among C-RPs.

13.2.1.  Pruning Sources off the Shared Tree

   In addition to the procedures in the previous section, a PE applies
   the following procedure when importing a Source Active A-D route for
   (C-S,C-G) into a VRF.

   The PE finds a (C-*,C-G) entry in the MVPN-TIB whose C-G is the same
   as the C-G carried in the Multicast Group field of the Source Active
   A-D route.

   If the outgoing interface list (oif) for the found (C-*,C-G) entry in
   the MVPN-TIB on the PE contains either I-PMSI or S-PMSI, and the PE
   does not originate the Source Tree Join C-multicast route for
   (C-S,C-G) (where C-S is address carried in the Multicast Source field
   and C-G is the address carried in the Multicast Group field of the
   received Source Active A-D route), then the PE MUST transition the
   (C-S,C-G,rpt) downstream state machine on I-PMSI/S-PMSI to the Prune
   state.  (Conceptually, the C-PIM state machine on the PE will act "as
   if" it had received Prune (C-S,C-G,rpt) on I-PMSI/S-PMSI, without

   actually having received one.)  Depending on the (C-S,C-G,rpt) state
   of the PE-CE interfaces, this may result in the PE using PIM
   procedures to prune the C-S off the (C-*,C-G) tree.

   Transitioning the state machine to the Prune state SHOULD be done
   after a delay that is controlled by a timer.  The value of the timer
   MUST be configurable.  The purpose of this timer is to ensure that
   the C-S is not pruned off the shared tree until all PEs have had time
   to receive the Source Active A-D route for (C-S,C-G).

   Note that before C-S is pruned off the shared tree, there is a
   possibility to have (C-S,C-G) packets sent at the same time on the
   PMSI by distinct PEs.  This would result in a transient unnecessary
   traffic on the provider backbone.  However, no duplicates will reach
   customer hosts subscribed to C-G as long as the downstream PEs apply
   procedures described in Section 9.1 of [MVPN].

   The PE MUST keep the (C-S,C-G,rpt) downstream state machine on
   I-PMSI/S-PMSI in the Prune state for as long as (a) the outgoing
   interface list (oif) for the found (C-*,C-G) entry in the MVPN-TIB on
   the PE contains either I-PMSI or S-PMSI, (b) the PE has at least one
   Source Active A-D route for (C-S,C-G), and (c) the PE does not
   originate the Source Tree Join C-multicast route for (C-S,C-G).  Once
   any of these conditions become no longer valid, the PE MUST
   transition the (C-S,C-G,rpt) downstream state machine on
   I-PMSI/S-PMSI to the NoInfo state.

   Note that changing the state on the downstream state machine on
   I-PMSI/S-PMSI, as described above, does not imply exchanging PIM
   messages over I-PMSI/S-PMSI.

   Also, note that except for the scenario described in the third
   paragraph of this section, in all other scenarios relying solely on
   PIM procedures on the PE is sufficient to ensure the correct behavior
   when pruning sources off the shared tree.

14.  Supporting PIM-SM without Inter-Site Shared C-Trees

   The procedures defined in this section only apply when the
   C-multicast routing protocol is PIM [RFC4601]; moreover, only apply
   for the multicast ASM mode, and MUST NOT be applied to multicast
   group addresses belonging to the SSM range.  The procedures also MUST
   NOT be applied when the C-multicast routing protocol is BIDIR-PIM
   [RFC5015].

   The procedures of this section are applicable only to MVPNs that do
   not use inter-site shared (i.e., rooted at a C-RP) C-trees.

   These procedures are not applicable to MVPNs that use both shared and
   shortest path inter-site C-trees.  See Section 13 for the procedures
   applicable to that scenario.

   Whether or not a given MVPN uses inter-site shared C-trees must be
   known a priori (e.g., via provisioning).

14.1.  Discovering Active Multicast Sources

   A PE can obtain information about active multicast sources within a
   given MVPN in a variety of ways.  One way is for the PE to act as a
   fully functional customer RP (C-RP) for that MVPN.  Another way is to
   use PIM Anycast RP procedures [PIM-ANYCAST-RP] to convey information
   about active multicast sources from one or more of the MVPN C-RPs to
   the PE.  Yet another way is to use MSDP [MSDP] to convey information
   about active multicast sources from the MVPN C-RPs to the PE.

   When a PE using any of the above methods first learns of a new
   (multicast) source within that MVPN, the PE constructs a Source
   Active A-D route and sends this route to all other PEs that have one
   or more sites of that MVPN connected to them.  The route carries a
   single MCAST-VPN NLRI constructed as follows:

    + The RD in this NLRI is set to the RD of the VRF of the MVPN on the
      PE.

    + The Multicast Source field MUST be set to the source IP address of
      the multicast data packet carried in the PIM Register message
      (RP/PIM register case) or of the MSDP Source-Active message (MSDP
      case).  The Multicast Source Length field is set appropriately to
      reflect this.

    + The Multicast Group field MUST be set to the group IP address of
      the multicast data packet carried in the PIM Register message
      (RP/PIM register case) or of the MSDP Source-Active message (MSDP
      case).  The Multicast Group Length field is set appropriately to
      reflect this.

   The Next Hop field of the MP_REACH_NLRI attribute MUST be set to the
   IP address that the PE places in the Global Administrator field of
   the VRF Route Import Extended Community of the VPN-IP routes
   advertised by the PE.

   The route SHOULD carry the same set of Route Targets as the Intra-AS
   I-PMSI A-D route of the MVPN originated by the PE.

   Using the normal BGP procedures, the Source Active A-D route is
   propagated to all the PEs of the MVPN.

   When a PE that previously advertised a Source Active A-D route for a
   given (multicast) source learns that the source is no longer active
   (the PE learns this by using the same mechanism by which the PE
   learned that the source was active), the PE SHOULD withdraw the
   previously advertised Source Active route.

14.2.  Receiver(s) within a Site

   A PE follows the procedures specified in Section 11.1, except that
   the procedures specified in Section 11.1.1.2 are replaced with the
   procedures specified in this section.

   When a PE receives a new Source Active A-D route, the PE finds a VRF
   whose import Route Targets match one or more of the Route Targets
   carried by the route.  If the match is found, then the PE updates the
   VRF with the received route.

   We say that a given (C-S,C-G) Source Active A-D route stored in a
   given VRF matches a given (C-*,C-G) entry present in the MVPN-TIB
   associated with the VRF if C-G carried by the route is the same as
   C-G of the entry.

   When (as a result of receiving PIM messages from one of its CEs) a PE
   creates, in one of its MVPN-TIBs, a (new) (C-*,C-G) entry with a non-
   empty outgoing interface list that contains one or more PE-CE
   interfaces, the PE MUST check if it has any matching Source Active
   A-D routes.  If there is one or more such matching routes, and the
   best path to C-S carried in the matching route(s) is reachable
   through some other PE, then for each such route the PE MUST originate
   a Source Tree Join C-multicast route.  If there is one or more such
   matching routes, and the best path to C-S carried in the matching
   route(s) is reachable through a CE connected to the PE, then for each
   such route the PE MUST originate a PIM Join (C-S,C-G) towards the CE.

   When, as a result of receiving a new Source Active A-D route, a PE
   updates its VRF with the route, the PE MUST check if the newly
   received route matches any (C-*,C-G) entries.  If there is a matching
   entry, and the best path to C-S carried in the (A-D) route is
   reachable through some other PE, the PE MUST originate a Source Tree
   Join C-multicast route for the (C-S,C-G) carried by the route.  If
   there is a matching entry, and the best path to C-S carried in the
   (A-D) route is reachable through a CE connected to the PE, the PE
   MUST originate a PIM Join (C-S,C-G) towards the CE.

   Construction and distribution of the Source Tree Join C-multicast
   route follows the procedures specified in Section 11.1.1.1, except
   that the Multicast Source Length, Multicast Source, Multicast Group

   Length, and Multicast Group fields in the MCAST-VPN NLRI of the
   Source Tree Join C-multicast route are copied from the corresponding
   field in the Source Active A-D route.

   A PE MUST withdraw a Source Tree Join C-multicast route for (C-S,C-G)
   if, as a result of having received PIM messages from one of its CEs,
   the PE creates a Prune (C-S,C-G,rpt) upstream state in one of its
   MVPN-TIBs but has no (C-S,C-G) Joined state in that MVPN-TIB and had
   previously advertised the said route.  (This is even if the VRF
   associated with the MVPN-TIB still has a (C-S,C-G) Source Active A-D
   route.)

   A PE MUST withdraw a Source Tree Join C-multicast route for (C-S,C-G)
   if the Source Active A-D route that triggered the advertisement of
   the C-multicast route is withdrawn.

   When a PE deletes the (C-*,C-G) state (e.g., due to receiving PIM
   Prune (C-*,C-G) from its CEs), the PE MUST withdraw all the Source
   Tree Join C-multicast routes for C-G that have been advertised by the
   PE, except for the routes for which the PE still maintains the
   corresponding (C-S,C-G) state.

   Even though PIM is used as a C-multicast protocol, procedures
   described in Section 11.1.1.2 do not apply here, as only the Source
   Tree Join C-multicast routes are exchanged among PEs.

14.3.  Receiving C-Multicast Routes by a PE

   In this model, the only valid type of a C-multicast route that a PE
   could receive is a Source Tree Join C-multicast route.  Processing of
   such a route follows the procedures specified in Section 11.3.1.1.

15.  Carrier's Carrier

   A way to support the Carrier's Carrier model is provided by using
   mLDP as the CE-PE multicast routing and label distribution protocol,
   as specified in this document.

   To improve scalability, it is RECOMMENDED that for the Carrier's
   Carrier scenario within an AS, all the S-PMSIs of a given MVPN be
   aggregated into a single P-multicast tree (by using upstream-assigned
   labels).

16.  Scalability Considerations

   A PE should use Route Target Constraint [RT-CONSTRAIN] to advertise
   the Route Targets that the PE uses for the VRF Route Imports Extended
   Community (note that doing this requires just a single Route Target

   Constraint advertisement by the PE).  This allows each C-multicast
   route to reach only the relevant PE, rather than all the PEs
   participating the an MVPN.

   To keep the intra-AS membership/binding information within the AS of
   the advertising router the BGP Update message originated by the
   advertising router SHOULD carry the NO_EXPORT Community [RFC1997].

   An Inter-AS I-PMSI A-D route originated by an ASBR aggregates Intra-
   AS I-PMSI A-D routes originated within the ASBR's own AS.  Thus,
   while the Intra-AS I-PMSI A-D routes originated within an AS are at
   the granularity of <PE, MVPN> within that AS, outside of that AS the
   (aggregated) Inter-AS I-PMSI A-D routes are at the granularity of
   <AS, MVPN>.  An Inter-AS I-PMSI A-D route for a given <AS, MVPN>
   indicates the presence of one or more sites of the MVPN connected to
   the PEs of the AS.

   For a given inter-AS tunnel, each of its intra-AS segments could be
   constructed by its own mechanism.  Moreover, by using upstream-
   assigned labels within a given AS, multiple intra-AS segments of
   different inter-AS tunnels of either the same or different MVPNs may
   share the same P-multicast tree.

   Since (aggregated) Inter-AS I-PMSI A-D routes may have a granularity
   of <AS, MVPN>, an MVPN that is present in N ASes would have total of
   N inter-AS tunnels.  Thus, for a given MVPN, the number of inter-AS
   tunnels is independent of the number of PEs that have this MVPN.

   Within each Autonomous System, BGP route reflectors can be
   partitioned among MVPNs present in that Autonomous System so that
   each partition carries routes for only a subset of the MVPNs
   supported by the service provider.  Thus, no single route reflector
   is required to maintain routes for all MVPNs.  Moreover, route
   reflectors used for MVPN do not have to be used for VPN-IP routes
   (although they may be used for VPN-IP routes as well).

   As described in Section 11.4, C-multicast routes for a given (S,G) of
   a given MVPN originated by PEs that are clients of a given route
   reflector are aggregated by the route reflector.  Therefore, even if,
   within a route reflector cluster, there are multiple C-multicast
   routes for a given (S,G) of a given MVPN, outside of the cluster, all
   these routes are aggregated into a single C-multicast route.
   Additional aggregation of C-multicast routes occurs at ASBRs, where
   an ASBR aggregates all the received C-multicast routes for a given
   (S,G) of a given MVPN into a single C-multicast route.  Moreover,
   both route reflectors and ASBRs maintain C-multicast routes only in
   the control plane, but not in the data plane.

16.1.  Dampening C-Multicast Routes

   The rate of C-multicast routing changes advertised by a PE is not
   necessarily directly proportional to the rate of multicast routing
   changes within the MVPN sites connected to the PE, as after the first
   (C-S,C-G) Join originated within a site, all the subsequent Joins for
   same (C-S,C-G) originated within the sites of the same MVPN connected
   to the PE do not cause origination of new C-multicast routes by the
   PE.

   Depending on how multicast VPN is engineered, dynamic addition and
   removal of P2MP RSVP-TE leaves through advertisement/withdrawal of
   Leaf A-D routes will happen.  Dampening techniques can be used to
   limit corresponding processing.

   To lessen the control plane overhead associated with the processing
   of C-multicast routes, this document proposes OPTIONAL route
   dampening procedures similar to what is described in [RFC2439].  The
   following OPTIONAL procedures can be enabled on a PE, ASBR, or BGP
   Route Reflector advertising or receiving C-multicast routes.

16.1.1.  Dampening Withdrawals of C-Multicast Routes

   A PE/ASBR/route reflector can OPTIONALLY delay the advertisement of
   withdrawals of C-multicast routes.  An implementation SHOULD provide
   the ability to control the delay via a configurable timer, possibly
   with some backoff algorithm to adapt the delay to multicast routing
   activity.

   Dampening of withdrawals of C-multicast routes does not impede the
   multicast Join latency observed by MVPN customers, and it also does
   not impede the multicast leave latency observed by a CE, as multicast
   forwarding from the VRF will stop as soon as C-multicast state is
   removed in the VRF.

   The potential drawbacks of dampening of withdrawals of C-multicast
   routes are as follows:

    + Until the withdrawals are actually sent, multicast traffic for the
      C-multicast routes in question will be continued to be transmitted
      to the PE, which will just have to discard it.  Note that the PE
      may receive useless (multicast) traffic anyway, irrespective of
      dampening of withdrawals of C-multicast routes due to the use of
      I-PMSIs.

    + Any state in the upstream PEs that would be removed as a result of
      processing the withdrawals will remain until the withdrawals are
      sent.

   Discussion on whether the potential drawbacks mentioned above are of
   any practical significance is outside the scope of this document.

16.1.2.  Dampening Source/Shared Tree Join C-Multicast Routes

   A PE/ASBR/route reflector can OPTIONALLY delay the advertisement of
   Source/Shared Tree Join C-multicast routes.  An implementation SHOULD
   provide the ability to control the delay via a configurable timer,
   possibly with some backoff algorithm to adapt the delay to multicast
   routing activity.

   Dampening Source/Shared Tree Join C-multicast routes will not impede
   multicast Join latency observed by a given MVPN, except if the PE
   advertising the Source/Shared Tree Join C-multicast route for a
   particular C-S/C-RP is the first to do so for all the sites of the
   MVPN that share the same upstream PE with respect to the C-S/C-RP.

16.2.  Dampening Withdrawals of Leaf A-D Routes

   Similar to the procedures proposed above for withdrawal of
   C-multicast routes, dampening can be applied to the withdrawal of
   Leaf A-D routes.

17.  Security Considerations

   The mechanisms described in this document could reuse the existing
   BGP security mechanisms [RFC4271] [RFC4272].  The security model and
   threats specific to Provider Provisioned VPNs, including L3VPNs, are
   discussed in [RFC4111].  [MVPN] discusses additional threats specific
   to the use of multicast in L3VPNs.  There is currently work in
   progress to improve the security of TCP authentication.  When the
   document is finalized as an RFC, the method defined in [RFC5925]
   SHOULD be used where authentication of BGP control packets is needed.

   A PE router MUST NOT accept, from CEs routes, with MCAST-VPN SAFI.

   If BGP is used as a CE-PE routing protocol, then when a PE receives a
   route from a CE, if this route carries the VRF Route Import Extended
   Community, the PE MUST remove this Community from the route before
   turning it into a VPN-IP route.  Routes that a PE advertises to a CE
   MUST NOT carry the VRF Route Import Extended Community.

   It is important to protect the control plane resources within the PE
   to prevent any one VPN from hogging excessive resources.  This is the
   subject of the remainder of the Security Considerations section.

   When C-multicast routing information is exchanged among PEs using
   BGP, an implementation SHOULD provide the ability to rate limit BGP
   messages used for this exchange.  This SHOULD be provided on a per-
   PE, per-MVPN granularity.

   An implementation SHOULD provide capabilities to impose an upper
   bound on the number of S-PMSI A-D routes, as well as on how
   frequently they may be originated.  This SHOULD be provided on a per-
   PE, per-MVPN granularity.

   In conjunction with the procedures specified in Section 14, an
   implementation SHOULD provide capabilities to impose an upper bound
   on the number of Source Active A-D routes, as well as on how
   frequently they may be originated.  This SHOULD be provided on a per-
   PE, per-MVPN granularity.

   In conjunction with the procedures specified in Section 13 limiting
   the amount of (C-S,C-G) state would limit the amount of Source Active
   A-D route, as in the context of this section, Source Active A-D
   routes are created in response to Source Tree Join C-multicast
   routes, and Source Tree Join C-multicast routes are created as a
   result of creation of (C-S,C-G) state on PEs.  However, to provide an
   extra level of robustness in the context of these procedures, an
   implementation MAY provide capabilities to impose an upper bound on
   the number of Source Active A-D routes, as well as on how frequently
   they may be originated.  This MAY be provided on a per-PE, per-MVPN
   granularity.

   Section 16.1.1 describes optional procedures for dampening
   withdrawals of C-multicast routes.  It is RECOMMENDED that an
   implementation support such procedures.

   Section 16.1.1 describes optional procedures for dampening
   withdrawals of Leaf A-D routes.  It is RECOMMENDED that an
   implementation support such procedures.

18.  IANA Considerations

   This document defines a new BGP Extended Community called "Source
   AS".  This Community is of an extended type and is transitive.  The
   Type value for this Community has been allocated from the two-octet
   AS-Specific Extended Community registry as 0x0009 and from the four-
   octet AS-Specific Extended Community registry as 0x0209.

   This document defines a new BGP Extended Community called "VRF Route
   Import" (Type value 0x010b).  This Community is IP address specific,
   of an extended type, and is transitive.

   This document defines a new NLRI, called "MCAST-VPN", to be carried
   in BGP using multiprotocol extensions.  It has been assigned SAFI 5.
   Also, SAFI 129 has been assigned to "Multicast for BGP/MPLS IP
   Virtual Private Networks (VPNs)".

   This document defines a new BGP optional transitive attribute, called
   "PMSI_TUNNEL".  IANA has assigned the codepoint 22 in the "BGP Path
   Attributes" registry to the PMSI_TUNNEL attribute.

   This document defines a new BGP optional transitive attribute, called
   "PE Distinguisher Labels".  IANA has assigned the codepoint 27 in the
   "BGP Path Attributes" registry to the PE Distinguisher Labels
   attribute.

19.  Acknowledgements

   We would like to thank Chaitanya Kodeboniya for helpful discussions.
   We would also like to thank members of the L3VPN IETF Working Group
   for insightful comments and review.

20.  References

20.1.  Normative References

   [IANA-SAFI] IANA, "Subsequent Address Family Identifiers (SAFI)
               Parameters", http://www.iana.org.

   [MVPN]      Rosen, E., Ed. and R. Aggarwal, Ed., "Mulitcast in
               MPLS/BGP IP VPNs", RFC 6513, February 2012.

   [RFC1997]   Chandra, R., Traina, P., and T. Li, "BGP Communities
               Attribute", RFC 1997, August 1996.

   [RFC2119]   Bradner, S., "Key words for use in RFCs to Indicate
               Requirement Levels", BCP 14, RFC 2119, March 1997.

   [RFC4271]   Rekhter, Y., Ed., Li, T., Ed., and S. Hares, Ed., "A
               Border Gateway Protocol 4 (BGP-4)", RFC 4271, January
               2006.

   [RFC4360]   Sangli, S., Tappan, D., and Y. Rekhter, "BGP Extended
               Communities Attribute", RFC 4360, February 2006.

   [RFC4364]   Rosen, E. and Y. Rekhter, "BGP/MPLS IP Virtual Private
               Networks (VPNs)", RFC 4364, February 2006.

   [RFC4601]   Fenner, B., Handley, M., Holbrook, H., and I. Kouvelas,
               "Protocol Independent Multicast - Sparse Mode (PIM-SM):
               Protocol Specification (Revised)", RFC 4601, August 2006.

   [RFC4659]   De Clercq, J., Ooms, D., Carugi, M., and F. Le Faucheur,
               "BGP-MPLS IP Virtual Private Network (VPN) Extension for
               IPv6 VPN", RFC 4659, September 2006.

   [RFC4760]   Bates, T., Chandra, R., Katz, D., and Y. Rekhter,
               "Multiprotocol Extensions for BGP-4", RFC 4760, January
               2007.

20.2.  Informative References

   [mLDP]      Wijnands, IJ., Ed., Minei, I., Ed., Kompella, K., and B.
               Thomas, "Label Distribution Protocol Extensions for
               Point-to-Multipoint and Multipoint-to-Multipoint Label
               Switched Paths", RFC 6388, November 2011.

   [MSDP]      Fenner, B., Ed., and D. Meyer, Ed., "Multicast Source
               Discovery Protocol (MSDP)", RFC 3618, October 2003.

   [PIM-ANYCAST-RP]
               Farinacci, D. and Y. Cai, "Anycast-RP Using Protocol
               Independent Multicast (PIM)", RFC 4610, August 2006.

   [RFC5331]   Aggarwal, R., Rekhter, Y., and E. Rosen, "MPLS Upstream
               Label Assignment and Context-Specific Label Space", RFC
               5331, August 2008.

   [RT-CONSTRAIN]
               Marques, P., Bonica, R., Fang, L., Martini, L., Raszuk,
               R., Patel, K., and J. Guichard, "Constrained Route
               Distribution for Border Gateway Protocol/MultiProtocol
               Label Switching (BGP/MPLS) Internet Protocol (IP) Virtual
               Private Networks (VPNs)", RFC 4684, November 2006.

   [RFC2439]   Villamizar, C., Chandra, R., and R. Govindan, "BGP Route
               Flap Damping", RFC 2439, November 1998.

   [RFC4111]   Fang, L., Ed., "Security Framework for Provider-
               Provisioned Virtual Private Networks (PPVPNs)", RFC 4111,
               July 2005.

   [RFC4272]   Murphy, S., "BGP Security Vulnerabilities Analysis", RFC
               4272, January 2006.

   [RFC4607]   Holbrook, H. and B. Cain, "Source-Specific Multicast for
               IP", RFC 4607, August 2006.

   [RFC4875]   Aggarwal, R., Ed., Papadimitriou, D., Ed., and S.
               Yasukawa, Ed., "Extensions to Resource Reservation
               Protocol - Traffic Engineering (RSVP-TE) for Point-to-
               Multipoint TE Label Switched Paths (LSPs)", RFC 4875, May
               2007.

   [RFC5015]   Handley, M., Kouvelas, I., Speakman, T., and L. Vicisano,
               "Bidirectional Protocol Independent Multicast (BIDIR-
               PIM)", RFC 5015, October 2007.

   [RFC5925]   Touch, J., Mankin, A., and R. Bonica, "The TCP
               Authentication Option", RFC 5925, June 2010.

Authors' Addresses

   Rahul Aggarwal
   Juniper Networks
   1194 North Mathilda Ave.
   Sunnyvale, CA 94089
   EMail: raggarwa_1@yahoo.com

   Eric C. Rosen
   Cisco Systems, Inc.
   1414 Massachusetts Avenue
   Boxborough, MA, 01719
   EMail: erosen@cisco.com

   Thomas Morin
   France Telecom - Orange
   2, avenue Pierre-Marzin
   22307 Lannion Cedex
   France
   EMail: thomas.morin@orange.com

   Yakov Rekhter
   Juniper Networks
   1194 North Mathilda Ave.
   Sunnyvale, CA 94089
   EMail: yakov@juniper.net

 

User Contributions:

Comment about this RFC, ask questions, or add new information about this topic: