Tech-invite3GPPspecsGlossariesIETFRFCsGroupsSIPABNFs   Ti+SearchTech-invite World Map Symbol

in Index   Prev   Next
in Index   Prev   Next  Group: MPLS

RFC 7325

MPLS Forwarding Compliance and Performance Requirements

Pages: 59
Part 4 of 4 – Pages 48 to 59
First   Prev   None

Top   ToC   Page 48   prevText
5.  Security Considerations

   This document reviews forwarding behavior specified elsewhere and
   points out compliance and performance requirements.  As such, it
   introduces no new security requirements or concerns.

   Discussion of hardware support and other equipment hardening against
   DoS attack can be found in Section 2.6.1.  Section 3.6 provides a
   list of questions regarding DoS to be asked of suppliers.
   Section 4.6 suggests types of testing that can provide some assurance
   of the effectiveness of a supplier's claims about DoS hardening.

   Knowledge of potential performance shortcomings may serve to help new
   implementations avoid pitfalls.  It is unlikely that such knowledge
   could be the basis of new denial of service, as these pitfalls are
   already widely known in the service provider community and among
   leading equipment suppliers.  In practice, extreme data and packet
   rates are needed to affect existing equipment and to affect networks
   that may be still vulnerable due to failure to implement adequate
   protection.  The extreme data and packet rates make this type of
   denial of service unlikely and make undetectable denial of service of
   this type impossible.

   Each normative reference contains security considerations.  A brief
   summarization of MPLS security considerations applicable to
   forwarding follows:

   1.   MPLS encapsulation does not support an authentication extension.
        This is reflected in the security section of [RFC3032].
        Documents that clarify MPLS header fields such as TTL [RFC3443],
        the explicit null label [RFC4182], renaming EXP to TC [RFC5462],
        ECN for MPLS [RFC5129], and MPLS Ethernet encapsulation
        [RFC5332] make no changes to security considerations in

   2.   Some cited RFCs are related to Diffserv forwarding.  [RFC3270]
        refers to MPLS and Diffserv security.  [RFC2474] mentions theft
        of service and denial of service due to mismarking.  [RFC2474]
        mentions IPsec interaction, but with MPLS, not being carried by
        IP, the type of interaction in [RFC2474] is not relevant.
Top   ToC   Page 49
   3.   [RFC3209] is cited here due only to make-before-break forwarding
        requirements.  This is related to resource sharing and the
        theft-of-service and denial-of-service concerns in [RFC2474]

   4.   [RFC4090] defines FRR, which provides protection but does not
        add security concerns.  RFC 4201 defines link bundling but
        raises no additional security concerns.

   5.   Various OAM control channels are defined in [RFC4385] (PW CW),
        [RFC5085] (VCCV), and [RFC5586] (G-Ach and GAL).  These
        documents describe potential abuse of these OAM control

   6.   [RFC4950] defines ICMP extensions when MPLS TTL expires and the
        payload is IP.  This provides MPLS header information that is of
        no use to an IP attacker, but sending this information can be
        suppressed through configuration.

   7.   GTSM [RFC5082] provides a means to improve protection against
        high traffic volume spoofing as a form of DoS attack.

   8.   BFD [RFC5880] [RFC5884] [RFC5885] provides a form of OAM used in
        MPLS and MPLS-TP.  The security considerations related to the
        OAM control channel are relevant.  The BFD payload supports
        authentication.  The MPLS encapsulation, the MPLS control
        channel, or the PW control channel, which BFD may be carried in,
        do not support authentication.  Where an IP return OAM path is
        used, IPsec is suggested as a means of securing the return path.

   9.   Other forms of OAM are supported by [RFC6374] [RFC6375] (Loss
        and Delay Measurement), [RFC6428] (Continuity Check/Verification
        based on BFD), and [RFC6427] (Fault Management).  The security
        considerations related to the OAM control channel are relevant.
        IP return paths, where used, can be secured with IPsec.

   10.  Linear protection is defined by [RFC6378] and updated by
        [RFC7324].  Security concerns related to MPLS encapsulation and
        OAM control channels apply.  Security concerns reiterate
        [RFC5920] as applied to protection switching.

   11.  The PW Flow Label [RFC6391] and MPLS Entropy Label [RFC6790]
        affect multipath load balancing.  Security concerns reiterate
        [RFC5920].  Security impacts would be limited to load
Top   ToC   Page 50
   MPLS security including data-plane security is discussed in greater
   detail in [RFC5920] (MPLS/GMPLS Security Framework).  The MPLS-TP
   security framework [RFC6941] builds upon this, focusing largely on
   the MPLS-TP OAM additions and OAM channels with some attention given
   to using network management in place of control-plane setup.  In both
   security framework documents, MPLS is assumed to run within a
   "trusted zone", defined as being where a single service provider has
   total operational control over that part of the network.

   If control-plane security and management-plane security are
   sufficiently robust, compromise of a single network element may
   result in chaos in the data plane anywhere in the network through
   denial-of-service attacks, but not a Byzantine security failure in
   which other network elements are fully compromised.

   MPLS security, or lack thereof, can affect whether traffic can be
   misrouted and lost, or intercepted, or intercepted and reinserted (a
   man-in-the-middle attack), or spoofed.  End-user applications,
   including control-plane and management-plane protocols used by the
   service provider, are expected to make use of appropriate end-to-end
   authentication and, where appropriate, end-to-end encryption.

6.  Organization of References Section

   The References section is split into Normative and Informative
   subsections.  References that directly specify forwarding
   encapsulations or behaviors are listed as normative.  References that
   describe signaling only, though normative with respect to signaling,
   are listed as informative.  They are informative with respect to MPLS

7.  References

7.1.  Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, March 1997.

   [RFC3032]  Rosen, E., Tappan, D., Fedorkow, G., Rekhter, Y.,
              Farinacci, D., Li, T., and A. Conta, "MPLS Label Stack
              Encoding", RFC 3032, January 2001.

   [RFC3209]  Awduche, D., Berger, L., Gan, D., Li, T., Srinivasan, V.,
              and G. Swallow, "RSVP-TE: Extensions to RSVP for LSP
              Tunnels", RFC 3209, December 2001.
Top   ToC   Page 51
   [RFC3270]  Le Faucheur, F., Wu, L., Davie, B., Davari, S., Vaananen,
              P., Krishnan, R., Cheval, P., and J. Heinanen, "Multi-
              Protocol Label Switching (MPLS) Support of Differentiated
              Services", RFC 3270, May 2002.

   [RFC3443]  Agarwal, P. and B. Akyol, "Time To Live (TTL) Processing
              in Multi-Protocol Label Switching (MPLS) Networks", RFC
              3443, January 2003.

   [RFC4090]  Pan, P., Swallow, G., and A. Atlas, "Fast Reroute
              Extensions to RSVP-TE for LSP Tunnels", RFC 4090, May

   [RFC4182]  Rosen, E., "Removing a Restriction on the use of MPLS
              Explicit NULL", RFC 4182, September 2005.

   [RFC4201]  Kompella, K., Rekhter, Y., and L. Berger, "Link Bundling
              in MPLS Traffic Engineering (TE)", RFC 4201, October 2005.

   [RFC4385]  Bryant, S., Swallow, G., Martini, L., and D. McPherson,
              "Pseudowire Emulation Edge-to-Edge (PWE3) Control Word for
              Use over an MPLS PSN", RFC 4385, February 2006.

   [RFC4950]  Bonica, R., Gan, D., Tappan, D., and C. Pignataro, "ICMP
              Extensions for Multiprotocol Label Switching", RFC 4950,
              August 2007.

   [RFC5082]  Gill, V., Heasley, J., Meyer, D., Savola, P., and C.
              Pignataro, "The Generalized TTL Security Mechanism
              (GTSM)", RFC 5082, October 2007.

   [RFC5085]  Nadeau, T. and C. Pignataro, "Pseudowire Virtual Circuit
              Connectivity Verification (VCCV): A Control Channel for
              Pseudowires", RFC 5085, December 2007.

   [RFC5129]  Davie, B., Briscoe, B., and J. Tay, "Explicit Congestion
              Marking in MPLS", RFC 5129, January 2008.

   [RFC5332]  Eckert, T., Rosen, E., Aggarwal, R., and Y. Rekhter, "MPLS
              Multicast Encapsulations", RFC 5332, August 2008.

   [RFC5586]  Bocci, M., Vigoureux, M., and S. Bryant, "MPLS Generic
              Associated Channel", RFC 5586, June 2009.

   [RFC5880]  Katz, D. and D. Ward, "Bidirectional Forwarding Detection
              (BFD)", RFC 5880, June 2010.
Top   ToC   Page 52
   [RFC5884]  Aggarwal, R., Kompella, K., Nadeau, T., and G. Swallow,
              "Bidirectional Forwarding Detection (BFD) for MPLS Label
              Switched Paths (LSPs)", RFC 5884, June 2010.

   [RFC5885]  Nadeau, T. and C. Pignataro, "Bidirectional Forwarding
              Detection (BFD) for the Pseudowire Virtual Circuit
              Connectivity Verification (VCCV)", RFC 5885, June 2010.

   [RFC6374]  Frost, D. and S. Bryant, "Packet Loss and Delay
              Measurement for MPLS Networks", RFC 6374, September 2011.

   [RFC6375]  Frost, D. and S. Bryant, "A Packet Loss and Delay
              Measurement Profile for MPLS-Based Transport Networks",
              RFC 6375, September 2011.

   [RFC6378]  Weingarten, Y., Bryant, S., Osborne, E., Sprecher, N., and
              A. Fulignoli, "MPLS Transport Profile (MPLS-TP) Linear
              Protection", RFC 6378, October 2011.

   [RFC6391]  Bryant, S., Filsfils, C., Drafz, U., Kompella, V., Regan,
              J., and S. Amante, "Flow-Aware Transport of Pseudowires
              over an MPLS Packet Switched Network", RFC 6391, November

   [RFC6427]  Swallow, G., Fulignoli, A., Vigoureux, M., Boutros, S.,
              and D. Ward, "MPLS Fault Management Operations,
              Administration, and Maintenance (OAM)", RFC 6427, November

   [RFC6428]  Allan, D., Swallow Ed. , G., and J. Drake Ed. , "Proactive
              Connectivity Verification, Continuity Check, and Remote
              Defect Indication for the MPLS Transport Profile", RFC
              6428, November 2011.

   [RFC6790]  Kompella, K., Drake, J., Amante, S., Henderickx, W., and
              L. Yong, "The Use of Entropy Labels in MPLS Forwarding",
              RFC 6790, November 2012.

   [RFC7324]  Osborne, E., "Updates to MPLS Transport Profile Linear
              Protection", RFC 7324, July 2014.
Top   ToC   Page 53
7.2.  Informative References

              Zhang, L., Shenker, S., and D. Clark, "Observations and
              Dynamics of a Congestion Control Algorithm: The Effects of
              Two-Way Traffic", Proc. ACM SIGCOMM, ACM Computer
              Communications Review (CCR) Vol. 21, No. 4, pp. 133-147.,

              Xu, X., Sheth, N., Yong, L., Pignataro, C., and F.
              Yongbing, "Encapsulating MPLS in UDP", Work in Progress,
              January 2014.

   [MRT]      Atlas, A., Kebler, R., Bowers, C., Envedi, G., Csaszar,
              A., Tantsura, J., Konstantynowicz, M., and R. White, "An
              Architecture for IP/LDP Fast-Reroute Using Maximally
              Redundant Trees", Work in Progress, July 2014.

              Bryant, S., Filsfils, C., Previdi, S., Shand, M., and S.
              Ning, "Remote LFA FRR", Work in Progress, May 2014.

   [RFC0791]  Postel, J., "Internet Protocol", STD 5, RFC 791, September

   [RFC2474]  Nichols, K., Blake, S., Baker, F., and D. Black,
              "Definition of the Differentiated Services Field (DS
              Field) in the IPv4 and IPv6 Headers", RFC 2474, December

   [RFC2475]  Blake, S., Black, D., Carlson, M., Davies, E., Wang, Z.,
              and W. Weiss, "An Architecture for Differentiated
              Services", RFC 2475, December 1998.

   [RFC2597]  Heinanen, J., Baker, F., Weiss, W., and J. Wroclawski,
              "Assured Forwarding PHB Group", RFC 2597, June 1999.

   [RFC3031]  Rosen, E., Viswanathan, A., and R. Callon, "Multiprotocol
              Label Switching Architecture", RFC 3031, January 2001.

   [RFC3168]  Ramakrishnan, K., Floyd, S., and D. Black, "The Addition
              of Explicit Congestion Notification (ECN) to IP", RFC
              3168, September 2001.
Top   ToC   Page 54
   [RFC3429]  Ohta, H., "Assignment of the 'OAM Alert Label' for
              Multiprotocol Label Switching Architecture (MPLS)
              Operation and Maintenance (OAM) Functions", RFC 3429,
              November 2002.

   [RFC3471]  Berger, L., "Generalized Multi-Protocol Label Switching
              (GMPLS) Signaling Functional Description", RFC 3471,
              January 2003.

   [RFC3550]  Schulzrinne, H., Casner, S., Frederick, R., and V.
              Jacobson, "RTP: A Transport Protocol for Real-Time
              Applications", STD 64, RFC 3550, July 2003.

   [RFC3828]  Larzon, L-A., Degermark, M., Pink, S., Jonsson, L-E., and
              G. Fairhurst, "The Lightweight User Datagram Protocol
              (UDP-Lite)", RFC 3828, July 2004.

   [RFC3985]  Bryant, S. and P. Pate, "Pseudo Wire Emulation Edge-to-
              Edge (PWE3) Architecture", RFC 3985, March 2005.

   [RFC4023]  Worster, T., Rekhter, Y., and E. Rosen, "Encapsulating
              MPLS in IP or Generic Routing Encapsulation (GRE)", RFC
              4023, March 2005.

   [RFC4110]  Callon, R. and M. Suzuki, "A Framework for Layer 3
              Provider-Provisioned Virtual Private Networks (PPVPNs)",
              RFC 4110, July 2005.

   [RFC4124]  Le Faucheur, F., "Protocol Extensions for Support of
              Diffserv-aware MPLS Traffic Engineering", RFC 4124, June

   [RFC4206]  Kompella, K. and Y. Rekhter, "Label Switched Paths (LSP)
              Hierarchy with Generalized Multi-Protocol Label Switching
              (GMPLS) Traffic Engineering (TE)", RFC 4206, October 2005.

   [RFC4221]  Nadeau, T., Srinivasan, C., and A. Farrel, "Multiprotocol
              Label Switching (MPLS) Management Overview", RFC 4221,
              November 2005.

   [RFC4340]  Kohler, E., Handley, M., and S. Floyd, "Datagram
              Congestion Control Protocol (DCCP)", RFC 4340, March 2006.

   [RFC4364]  Rosen, E. and Y. Rekhter, "BGP/MPLS IP Virtual Private
              Networks (VPNs)", RFC 4364, February 2006.
Top   ToC   Page 55
   [RFC4377]  Nadeau, T., Morrow, M., Swallow, G., Allan, D., and S.
              Matsushima, "Operations and Management (OAM) Requirements
              for Multi-Protocol Label Switched (MPLS) Networks", RFC
              4377, February 2006.

   [RFC4379]  Kompella, K. and G. Swallow, "Detecting Multi-Protocol
              Label Switched (MPLS) Data Plane Failures", RFC 4379,
              February 2006.

   [RFC4664]  Andersson, L. and E. Rosen, "Framework for Layer 2 Virtual
              Private Networks (L2VPNs)", RFC 4664, September 2006.

   [RFC4817]  Townsley, M., Pignataro, C., Wainner, S., Seely, T., and
              J. Young, "Encapsulation of MPLS over Layer 2 Tunneling
              Protocol Version 3", RFC 4817, March 2007.

   [RFC4875]  Aggarwal, R., Papadimitriou, D., and S. Yasukawa,
              "Extensions to Resource Reservation Protocol - Traffic
              Engineering (RSVP-TE) for Point-to-Multipoint TE Label
              Switched Paths (LSPs)", RFC 4875, May 2007.

   [RFC4928]  Swallow, G., Bryant, S., and L. Andersson, "Avoiding Equal
              Cost Multipath Treatment in MPLS Networks", BCP 128, RFC
              4928, June 2007.

   [RFC4960]  Stewart, R., "Stream Control Transmission Protocol", RFC
              4960, September 2007.

   [RFC5036]  Andersson, L., Minei, I., and B. Thomas, "LDP
              Specification", RFC 5036, October 2007.

   [RFC5286]  Atlas, A. and A. Zinin, "Basic Specification for IP Fast
              Reroute: Loop-Free Alternates", RFC 5286, September 2008.

   [RFC5317]  Bryant, S. and L. Andersson, "Joint Working Team (JWT)
              Report on MPLS Architectural Considerations for a
              Transport Profile", RFC 5317, February 2009.

   [RFC5462]  Andersson, L. and R. Asati, "Multiprotocol Label Switching
              (MPLS) Label Stack Entry: "EXP" Field Renamed to "Traffic
              Class" Field", RFC 5462, February 2009.

   [RFC5470]  Sadasivan, G., Brownlee, N., Claise, B., and J. Quittek,
              "Architecture for IP Flow Information Export", RFC 5470,
              March 2009.

   [RFC5640]  Filsfils, C., Mohapatra, P., and C. Pignataro, "Load-
              Balancing for Mesh Softwires", RFC 5640, August 2009.
Top   ToC   Page 56
   [RFC5695]  Akhter, A., Asati, R., and C. Pignataro, "MPLS Forwarding
              Benchmarking Methodology for IP Flows", RFC 5695, November

   [RFC5704]  Bryant, S., Morrow, M., and IAB, "Uncoordinated Protocol
              Development Considered Harmful", RFC 5704, November 2009.

   [RFC5714]  Shand, M. and S. Bryant, "IP Fast Reroute Framework", RFC
              5714, January 2010.

   [RFC5715]  Shand, M. and S. Bryant, "A Framework for Loop-Free
              Convergence", RFC 5715, January 2010.

   [RFC5860]  Vigoureux, M., Ward, D., and M. Betts, "Requirements for
              Operations, Administration, and Maintenance (OAM) in MPLS
              Transport Networks", RFC 5860, May 2010.

   [RFC5905]  Mills, D., Martin, J., Burbank, J., and W. Kasch, "Network
              Time Protocol Version 4: Protocol and Algorithms
              Specification", RFC 5905, June 2010.

   [RFC5920]  Fang, L., "Security Framework for MPLS and GMPLS
              Networks", RFC 5920, July 2010.

   [RFC6291]  Andersson, L., van Helvoort, H., Bonica, R., Romascanu,
              D., and S. Mansfield, "Guidelines for the Use of the "OAM"
              Acronym in the IETF", BCP 161, RFC 6291, June 2011.

   [RFC6310]  Aissaoui, M., Busschbach, P., Martini, L., Morrow, M.,
              Nadeau, T., and Y(J). Stein, "Pseudowire (PW) Operations,
              Administration, and Maintenance (OAM) Message Mapping",
              RFC 6310, July 2011.

   [RFC6371]  Busi, I. and D. Allan, "Operations, Administration, and
              Maintenance Framework for MPLS-Based Transport Networks",
              RFC 6371, September 2011.

   [RFC6388]  Wijnands, IJ., Minei, I., Kompella, K., and B. Thomas,
              "Label Distribution Protocol Extensions for Point-to-
              Multipoint and Multipoint-to-Multipoint Label Switched
              Paths", RFC 6388, November 2011.

   [RFC6424]  Bahadur, N., Kompella, K., and G. Swallow, "Mechanism for
              Performing Label Switched Path Ping (LSP Ping) over MPLS
              Tunnels", RFC 6424, November 2011.
Top   ToC   Page 57
   [RFC6425]  Saxena, S., Swallow, G., Ali, Z., Farrel, A., Yasukawa,
              S., and T. Nadeau, "Detecting Data-Plane Failures in
              Point-to-Multipoint MPLS - Extensions to LSP Ping", RFC
              6425, November 2011.

   [RFC6426]  Gray, E., Bahadur, N., Boutros, S., and R. Aggarwal, "MPLS
              On-Demand Connectivity Verification and Route Tracing",
              RFC 6426, November 2011.

   [RFC6435]  Boutros, S., Sivabalan, S., Aggarwal, R., Vigoureux, M.,
              and X. Dai, "MPLS Transport Profile Lock Instruct and
              Loopback Functions", RFC 6435, November 2011.

   [RFC6438]  Carpenter, B. and S. Amante, "Using the IPv6 Flow Label
              for Equal Cost Multipath Routing and Link Aggregation in
              Tunnels", RFC 6438, November 2011.

   [RFC6478]  Martini, L., Swallow, G., Heron, G., and M. Bocci,
              "Pseudowire Status for Static Pseudowires", RFC 6478, May

   [RFC6639]  King, D. and M. Venkatesan, "Multiprotocol Label Switching
              Transport Profile (MPLS-TP) MIB-Based Management
              Overview", RFC 6639, June 2012.

   [RFC6669]  Sprecher, N. and L. Fang, "An Overview of the Operations,
              Administration, and Maintenance (OAM) Toolset for MPLS-
              Based Transport Networks", RFC 6669, July 2012.

   [RFC6670]  Sprecher, N. and KY. Hong, "The Reasons for Selecting a
              Single Solution for MPLS Transport Profile (MPLS-TP)
              Operations, Administration, and Maintenance (OAM)", RFC
              6670, July 2012.

   [RFC6720]  Pignataro, C. and R. Asati, "The Generalized TTL Security
              Mechanism (GTSM) for the Label Distribution Protocol
              (LDP)", RFC 6720, August 2012.

   [RFC6829]  Chen, M., Pan, P., Pignataro, C., and R. Asati, "Label
              Switched Path (LSP) Ping for Pseudowire Forwarding
              Equivalence Classes (FECs) Advertised over IPv6", RFC
              6829, January 2013.

   [RFC6894]  Papneja, R., Vapiwala, S., Karthik, J., Poretsky, S., Rao,
              S., and JL. Le Roux, "Methodology for Benchmarking MPLS
              Traffic Engineered (MPLS-TE) Fast Reroute Protection", RFC
              6894, March 2013.
Top   ToC   Page 58
   [RFC6941]  Fang, L., Niven-Jenkins, B., Mansfield, S., and R.
              Graveman, "MPLS Transport Profile (MPLS-TP) Security
              Framework", RFC 6941, April 2013.

   [RFC6981]  Bryant, S., Previdi, S., and M. Shand, "A Framework for IP
              and MPLS Fast Reroute Using Not-Via Addresses", RFC 6981,
              August 2013.

   [RFC7012]  Claise, B. and B. Trammell, "Information Model for IP Flow
              Information Export (IPFIX)", RFC 7012, September 2013.

   [RFC7023]  Mohan, D., Bitar, N., Sajassi, A., DeLord, S., Niger, P.,
              and R. Qiu, "MPLS and Ethernet Operations, Administration,
              and Maintenance (OAM) Interworking", RFC 7023, October

   [RFC7074]  Berger, L. and J. Meuric, "Revised Definition of the GMPLS
              Switching Capability and Type Fields", RFC 7074, November

   [RFC7079]  Del Regno, N. and A. Malis, "The Pseudowire (PW) and
              Virtual Circuit Connectivity Verification (VCCV)
              Implementation Survey Results", RFC 7079, November 2013.

   [RFC7274]  Kompella, K., Andersson, L., and A. Farrel, "Allocating
              and Retiring Special-Purpose MPLS Labels", RFC 7274, June

              Davari, S., Oren, A., Bhatia, M., Roberts, P., and L.
              Montini, "Transporting Timing messages over MPLS
              Networks", Work in Progress, April 2014.
Top   ToC   Page 59
Appendix A.  Acknowledgements

   Numerous very useful comments have been received in private email.
   Some of these contributions are acknowledged here, approximately in
   chronologic order.

   Paul Doolan provided a brief review resulting in a number of
   clarifications, most notably regarding on-chip vs. system buffering,
   100 Gb/s link speed assumptions in the 150 Mpps figure, and handling
   of large microflows.  Pablo Frank reminded us of the sawtooth effect
   in PPS vs. packet-size graphs, prompting the addition of a few
   paragraphs on this.  Comments from Lou Berger at IETF 85 prompted the
   addition of Section 2.7.

   Valuable comments were received on the BMWG mailing list.  Jay
   Karthik pointed out testing methodology hints that after discussion
   were deemed out of scope and were removed but may benefit later work
   in BMWG.

   Nabil Bitar pointed out the need to cover QoS (Differentiated
   Services), MPLS multicast (P2MP and MP2MP), and MPLS-TP OAM.  Nabil
   also provided a number of clarifications to the questions and tests
   in Sections 3 and 4.

   Mark Szczesniak provided a thorough review and a number of useful
   comments and suggestions that improved the document.

   Gregory Mirsky and Thomas Beckhaus provided useful comments during
   the review by the MPLS Review Team.

   Tal Mizrahi provided comments that prompted clarifications regarding
   timestamp processing, local delivery of packets, and the need for
   hardware assistance in processing OAM traffic.

   Alexander (Sasha) Vainshtein pointed out errors in Section
   and suggested new text that, after lengthy discussion, resulted in
   restating the summarization of requirements from PWE3 RFCs and more
   clearly stating the benefits and drawbacks of packet resequencing
   based on PW Sequence Number.

   Loa Anderson provided useful comments and corrections prior to WGLC.
   Adrian Farrel provided useful comments and corrections prior as part
   of the AD review.

   Discussion with Steve Kent during SecDir review resulted in expansion
   of Section 5, briefly summarizing security considerations related to
   forwarding in normative references.  Tom Petch pointed out some
   editorial errors in private email plus an important math error.  Al
Top   ToC   Page 60
   Morton during OpsDir review prompted clarification in the section
   about the target audience, suggested more clear wording in places,
   and found numerous editorial errors.

   Discussion with Stewart Bryant and Alia Atlas as part of IESG review
   resulted in coverage of IPFIX and improvements to document coverage
   of MPLS FRR, and IP/LDP FRR, plus some corrections to the text

Authors' Addresses

   Curtis Villamizar (editor)
   Outer Cape Cod Network Consulting, LLC


   Kireeti Kompella
   Juniper Networks


   Shane Amante
   Apple Inc.
   1 Infinite Loop
   Cupertino, California  95014


   Andrew Malis
   Huawei Technologies


   Carlos Pignataro
   Cisco Systems
   7200-12 Kit Creek Road
   Research Triangle Park, NC  27709