Internet Draft INTERNET-DRAFT PGM Reliable Transport Protocol Tony Speakman Expires 24 December 1999 Nidhi Bhaskar Richard Edmonstone Dino Farinacci Steven Lin Alex Tweedly Lorenzo Vicisano cisco Systems Jim Gemmell Microsoft 24 June 1999 PGM Reliable Transport Protocol Specification <draft-speakman-pgm-spec-03.txt> Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet- Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. Abstract Pragmatic General Multicast (PGM) is a reliable multicast transport pro- tocol for applications that require ordered or unordered, duplicate- free, multicast data delivery from multiple sources to multiple receivers. PGM guarantees that a receiver in the group either receives all data packets from transmissions and repairs, or is able to detect unrecoverable data packet loss. PGM is specifically intended as a work- able solution for multicast applications with basic reliability [Page 1] INTERNET-DRAFT PGM Specification 24 June 1999 requirements. Its central design goal is simplicity of operation with due regard for scalability and network efficiency. [Page 2] INTERNET-DRAFT PGM Specification 24 June 1999 Revision History draft-speakman-pgm-spec-00.txt January 1998 Original draft. draft-speakman-pgm-spec-01.txt January 1998 Deleted reference to proprietary trademark. draft-speakman-pgm-spec-02.txt August 1998 This revision benefited from general discussions in the forum of the Reliable Multicast IRTF as well as from individual discussion with Dan Leshchiner concerning source addressing and NAK elimina- tion, with Chetan Rai concerning TPDU ordering and local retransmission, and with Jim Gemmell, Luigi Rizzo, and Lorenzo Vicisano concerning FEC. Clarified that RDATA from DLRs and NCFs from network elements must bear the ODATA source's source NLA. Added NAK elimination timer and corresponding procedures to net- work elements. Added procedures and packet formats to incorporate FEC. Changed all the packet type encodings to anticipate versioning and extension. Added work-in-progress items for RDATA delay at the source and minimum NAK back-off at receivers. Added work-in-progress items for SPMRs. draft-speakman-pgm-spec-03.txt June 1999 The polling and implosion control procedures in this document were developed jointly with Jim Gemmell who contributed invaluable review, revision, and critique to this revision. This revision was edited by Nidhi Bhaskar, Richard Edmonstone, Jim Gemmell, and Lorenzo Vicisano all of whom contributed to the simplification and clarification of the text as well as new ideas for PGM operation, polling, and implosion control. The work on SPMRs arose from dis- cussions with Dan Leshchiner. Removed range NAKs for re-working. [Page 3] INTERNET-DRAFT PGM Specification 24 June 1999 Generalized and simplified methods for advancing transmit window. Removed increment sequence number from SPM packets. Removed Appendix B's information for congestion avoidance. Removed "local retransmission" in favour of full DLR functional- ity. Added generic polling capability within a single PGM hop. Added procedures to adjust NAK_BO_IVL dynamically and to address potential NAK implosion problems Added SPMR procedures and packet formats. [Page 4] INTERNET-DRAFT PGM Specification 24 June 1999 Table of Contents Abbreviations ..................................................... 6 1. Introduction and Overview ..................................... 7 2. Architectural Description ..................................... 13 3. Terms and Concepts ............................................ 15 4. Procedures - General .......................................... 25 5. Procedures - Sources .......................................... 25 6. Procedures - Receivers ........................................ 29 7. Procedures - Network Elements ................................. 33 8. Packet Formats ................................................ 38 9. Options ....................................................... 48 10. Security Considerations ....................................... 58 Appendix A - Forward Error Correction ............................. 60 Appendix B - Congestion Avoidance ................................. 71 Appendix C - Flow Control ......................................... 72 Appendix D - SPM Requests ......................................... 80 Appendix E - Poll Mechanism ....................................... 84 Appendix F - Implosion Prevention ................................. 93 Work in Progress .................................................. 99 Acknowledgements .................................................. 100 References ........................................................ 101 [Page 5] INTERNET-DRAFT PGM Specification 24 June 1999 Abbreviations ACK Acknowledgement AFI Address Family Indicator ALF Application Level Framing APDU Application Protocol Data Unit ARQ Automatic Repeat reQuest DLR Designated Local Repairer GSI Globally Unique Source Identifier FEC Forward Error Correction MD5 Message-Digest Algorithm MTU Maximum Transmission Unit NAK Negative Acknowledgement NCF NAK Confirmation NLA Network Layer Address NNAK Null Negative Acknowledgment ODATA Original Data RDATA Repair Data RSN Receive State Notification SPM Source Path Message SPMR SPM Request TG Transmission Group TGSIZE Transmission Group Size TPDU Transport Protocol Data Unit TSI Transport Session Identifier TSN Transmit State Notification [Page 6] INTERNET-DRAFT PGM Specification 24 June 1999 1. Introduction and Overview A variety of reliable protocols have been proposed for multicast data delivery, each with an emphasis on particular types of applications, network characteristics, or definitions of reliability ([1], [2], [3], [4]). In this tradition, Pragmatic General Multicast (PGM) is a reli- able transport protocol for applications that require ordered or unor- dered, duplicate-free, multicast data delivery from multiple sources to multiple receivers. PGM is specifically intended as a workable solution for multicast appli- cations with basic reliability requirements rather than as a comprehen- sive solution for multicast applications with sophisticated ordering, agreement, and robustness requirements. Its central design goal is sim- plicity of operation with due regard for scalability and network effi- ciency. PGM has no notion of group membership. It simply provides reliable mul- ticast data delivery within a transmit window advanced by a source according to a purely local strategy. Reliable delivery is provided within a source's transmit window from the time a receiver joins the group until it departs. PGM guarantees that a receiver in the group either receives all data packets from transmissions and repairs, or is able to detect unrecoverable data packet loss. PGM supports any number of sources within a multicast group, each fully identified by a globally unique Transport Session Identifier (TSI), but since these sources/sessions operate entirely independently of each other, this specification is phrased in terms of a single source and extends without modification to multiple sources. More specifically, PGM is not intended for use with applications that depend either upon acknowledged delivery to a known group of recipients, or upon total ordering amongst multiple sources. Rather, PGM is best suited to those applications in which members may join and leave at any time, and that are either insensitive to unrecov- erable data packet loss or are prepared to resort to application recovery in the event. Through its optional extensions, PGM provides specific mechanisms to support applications as disparate as stock and news updates, data conferencing, and low-delay, real-time video transfer. In the following text, transport-layer originators of PGM data packets are referred to as sources, transport-layer consumers of PGM data pack- ets are referred to as receivers, and network-layer entities in the intervening network are referred to as network elements. Unless other- wise specified, the term "repair" will be used to indicate both the actual retransmission of a copy of a missing packet or the transmission [Page 7] INTERNET-DRAFT PGM Specification 24 June 1999 of an FEC repair packet. 1.1. Summary of Operation PGM runs over a datagram multicast protocol such as IP multicast [5]. In the normal course of data transfer, a source multicasts sequenced data packets (ODATA), and receivers unicast selective negative ack- nowledgements (NAKs) for data packets detected to be missing from the expected sequence. Network elements forward NAKs PGM-hop-by-PGM-hop to the source, and confirm each hop by multicasting a NAK confirmation (NCF) in response on the interface on which the NAK was received. Repairs (RDATA) may be provided either by the source itself or by a Designated Local Repairer (DLR) in response to a NAK. Since NAKs provide the sole mechanism for reliability, PGM is particu- larly sensitive to their loss. To minimize NAK loss, PGM defines a network-layer hop-by-hop procedure for reliable NAK forwarding. Upon detection of a missing data packet, a receiver repeatedly unicasts a NAK to the last-hop PGM network element on the distribution tree from the source. A receiver repeats this NAK until it receives a NAK confir- mation (NCF) multicast to the group from that PGM network element. That network element responds with an NCF to the first occurrence of the NAK and any further retransmissions of that same NAK from any receiver. In turn, the network element repeatedly forwards the NAK to the upstream PGM network element on the reverse of the distribution path from the source of the original data packet until it also receives an NCF from that network element. Finally, the source itself receives and confirms the NAK by multicasting an NCF to the group. While NCFs are multicast to the group, they are not propagated by PGM network elements since they act as hop-by-hop confirmations. To avoid NAK implosion, PGM specifies procedures for subnet-based NAK suppression amongst receivers and NAK elimination within network ele- ments. The usual result of this procedure is the propagation of just one copy of a given selective NAK along the reverse of the distribution path from any network with directly connected receivers to a source. The net effect is that unicast NAKs return from a receiver to a source on the reverse of the path on which ODATA was forwarded, that is, on the reverse of the distribution tree from the source. More specifically, they return through exactly the same sequence of PGM network elements through which ODATA was forwarded, but in reverse. The reasons for han- dling NAKs this way will become clear in the discussion of constraining repairs, but first it's necessary to describe the mechanisms for estab- lishing the requisite source path state in PGM network elements. [Page 8] INTERNET-DRAFT PGM Specification 24 June 1999 To establish source path state in PGM network elements, the basic data transfer operation is augmented by Source Path Messages (SPMs) from a source, periodically interleaved with ODATA. SPMs function primarily to establish source path state for a given TSI in all PGM network elements on the distribution tree from the source. PGM network elements use this information to address returning unicast NAKs directly to the upstream PGM network element toward the source, and thereby insure that NAKs return from a receiver to a source on the reverse of the distribution path for the TSI. SPMs also act to alert receivers that the oldest data in the transmit window is about to be retired from the transmit window and will, thereafter, not be available for repair from the source. SPMs are sent by a source at least at the rate at which the transmit window is advanced, and they serve to provoke further NAKs from receivers as well as to maintain receive window state in the receivers. As a further efficiency, PGM specifies procedures for the constraint of repairs by network elements so that they reach only those group members that missed the original transmission. As NAKs traverse the reverse of the ODATA path (upward), they establish repair state in the network ele- ments which is used in turn to constrain the (downward) forwarding of the corresponding RDATA. Besides procedures for the source to provide repairs, PGM also specifies options and procedures that permit designated local repairers (DLRs) to announce their availability and to redirect repair requests (NAKs) to themselves rather than to the original source. In addition to these conventional procedures for loss recovery through selective ARQ, Appen- dix A specifies Forward Error Correction (FEC) procedures for sources to provide and receivers to request general error correcting parity packets rather than selective retransmissions. Finally, since PGM operates without regular return traffic from receivers, conventional feedback mechanisms for transport flow and congestion control cannot be applied. Appendix B will specify some preliminary strategies for congestion avoidance to be modified and pro- ven or discarded as experience dictates. Appendix C specifies a basic and optional flow control supplement native to PGM itself that intro- duces a degree of receiver feedback, but it is entirely elective and not meant as a replacement for reservation protocols or other out-of-band resource and conference management strategies. In its basic operation, therefore, PGM relies on a purely rate-limited transmission strategy in the source to bound the bandwidth consumed by PGM transport sessions and to define the transmit window maintained by the source. PGM defines four basic packet types: three that flow downstream (SPMs, DATA, NCFs), and one that flows upstream (NAKs). [Page 9] INTERNET-DRAFT PGM Specification 24 June 1999 1.2. Design Goals and Constraints PGM has been designed to serve that broad range of multicast applica- tions that have relatively simple reliability requirements, and to do so in a way that realizes the much advertised but often unrealized network efficiences of multicast data transfer. The usual impediments to real- izing these efficiences are the implosion of negative and positive ack- nowledgements from receivers to senders, repair latency from the source, and the propagation of repairs to disinterested receivers. 1.2.1. Reliability. Reliable data delivery across an unreliable network is conventionally achieved through an end-to-end protocol in which a source (implicitly or explicitly) solicits receipt confirmation from a receiver, and the receiver responds positively or negatively. While the frequency of negative acknowledgements is a function of the reliability of the net- work and the receiver's resources (and so, potentially quite low), the frequency of positive acknowledgements is fixed at at least the rate at which the transmit window is advanced, and usually more often. Negative acknowledgements primarily determine repairs and reliability. Positive acknowledgements primarily determine transmit buffer manage- ment. When these principles are extended without modification to multicast protocols, the result, at least for positive acknowledgements, is a bur- den of positive acknowledgments transmitted to the source that quickly threatens to overwhelm it as the number of receivers grows. More suc- cinctly, ACK implosion keeps ACK-based reliable multicast protocols from scaling well. One of the goals of PGM is to get as strong a definition of reliability as possible from as simple a protocol as possible. ACK implosion can be addressed in a variety of effective but complicated ways, most of which require re-transmit capability from other than the original source. An alternative is to dispense with positive acknowledgements altogether, and to resort to other strategies for buffer management while retaining negative acknowledgements for repairs and reliability. The approach taken in PGM is to retain negative acknowledgements, but to dispense with positive acknowledgements and resort instead to timeouts at the source to manage transmit resources. The definition of reliability with PGM is a direct consequence of this design decision. PGM guarantees that a receiver either receives all data packets from transmissions and repairs, or is able to detect unre- coverable data packet loss. [Page 10] INTERNET-DRAFT PGM Specification 24 June 1999 PGM includes strategies for repeatedly soliciting NAKs from receivers, and for adding reliability to the NAKs themselves. By reinforcing the NAK mechanism, PGM minimizes the probability that a receiver will detect a missing data packet so late that the packet is unavailable for repair either from the source or from a designated local repairer (DLR). Without ACKs and knowledge of group membership, however, PGM cannot eliminate this possibility. 1.2.2. Group Membership A second consequence of eliminating ACKs is that knowledge of group membership is neither required nor provided by the protocol. Although a source may receive some PGM packets (NAKs for instance) from some receivers, the identity of the receivers does not figure in the process- ing of those packets. Group membership may change during the course of a PGM transport session without the knowledge of or consequence to the source or the remaining receivers. 1.2.3. Efficiency While PGM avoids the implosion of positive acknowledgements simply by dispensing with ACKs, the implosion of negative acknowledgements is addressed directly. Receivers observe a random back-off prior to generating a NAK during which interval the NAK is suppressed by the receiver upon receipt of a matching NCF. In addition, PGM network elements eliminate duplicate NAKs received on different interfaces on the same network element. The combination of these two strategies usually results in the source receiving just a single NAK for any given lost data packet. Whether a repair is provided from a DLR or the original source, it is important to constrain that repair to only those network segments con- taining members that negatively acknowledged the original transmission rather than propagating it throughout the group. PGM specifies pro- cedures for network elements to use the pattern of NAKs to define a sub-tree within the group upon which to forward the corresponding repair so that it reaches only those receivers that missed it in the first place. 1.2.4. Simplicity PGM is designed to achieve the greatest improvement in reliability (as compared to the usual UDP) with the least complexity. As a result, PGM does NOT address conference control, global ordering amongst multiple sources in the group, nor recovery from network partitions. [Page 11] INTERNET-DRAFT PGM Specification 24 June 1999 1.2.5. Operability PGM is designed to function, albeit with less efficiency, even when some or all of the network elements in the multicast tree have no knowledge of PGM. To that end, all PGM data packets can be conventionally multi- cast routed by non-PGM network elements with no loss of functionality, but with some inefficiency in the propagation of RDATA and NCFs. In addition, since NAKs are unicast to the last-hop PGM network element and NCFs are multicast to the group, NAK/NCF operation is also con- sistent across non-PGM network elements. Note that for NAK suppression to be most effective, receivers should always have a PGM network element as a first hop network element between themselves and every path to every PGM source. If receivers are several hops removed from the first PGM network element, the efficacy of NAK suppression may degrade. 1.3. Options In addition to the basic data transfer operation described above, PGM specifies several end-to-end options to address specific application requirements. PGM specifies options to support fragmentation, late joining, time-stamping, reception quality reports, sequence number dro- pout, redirection, and Forward Error Correction (FEC). Options may be appended to PGM packet headers only by their original transmitters. While they may be interpreted by network elements, options are neither added nor removed by network elements. All options are receiver-significant (i.e., they must be interpreted by receivers). Some options are also network-significant (i.e., they must be interpreted by network elements). Fragmentation may be used in conjunction with data packets to allow a transport-layer entity at the source to break up application-layer data packets into multiple PGM data packets to conform with the maximum transmission unit (MTU) supported by the network layer. Fragmentation is incompatible with the sequence number dropout option. Late joining allows a source to indicate whether or not receivers may request all available repairs when they initially join a particular transport session. Time stamps may be used in conjunction with NAKs to allow receivers to specify the interval in which the requested RDATA is relevant to them. That interval is interpreted by both network elements and sources to determine whether to continue with or abandon a given repair. Reception quality reports may be used in conjunction with NAKs to allow receivers to provide a reception quality metric for local interpretation [Page 12] INTERNET-DRAFT PGM Specification 24 June 1999 at the source for the purpose of congestion control. Sequence number dropout may be used in conjunction with data packets to allow sources and network elements to selectively eliminate PGM data packets and convey the resulting sequence-number discontinuity to receivers so that reliability can be preserved across the dropout. Sequence number dropout is incompatible with the fragmentation option. Redirection may be used in conjunction with NCFs to allow a DLR to respond to normal NCFs with a redirecting NCF advertising its own address as an alternative to the original source. Recipients of redirecting NCFs may then direct subsequent NAKs to the DLR rather than to the original source. In addition, DLRs that receive redirected NAKs for which they have RDATA must send a NULL NAK to provide flow control to the original source without also provoking a repair from that source. FEC techniques may be applied by receivers to use source-provided parity packets rather than selective retransmissions to effect loss recovery. 2. Architectural Description As an end-to-end transport protocol, PGM specifies packet formats and procedures for sources to transmit and for receivers to receive data. To enhance the efficiency of this data transfer, PGM also specifies packet formats and procedures for network elements to improve the relia- bility of NAKs and to constrain the propagation of repairs. The divi- sion of these functions is described in this section and expanded in detail in the next section. 2.1. Source Functions Data Transmission Sources multicast ODATA packets to the group within the transmit window at a given transmit rate. Source Path State Sources multicast SPMs to the group, interleaved with ODATA if present, to establish source path state in PGM network elements. NAK Reliability Sources multicast NCFs to the group in response to any NAKs they receive. Repairs [Page 13] INTERNET-DRAFT PGM Specification 24 June 1999 Sources multicast RDATA packets to the group in response to NAKs received for data packets within the transmit window. Transmit Window Advance Sources may advance the trailing edge of the window according to one of a number of strategies. Implementations may support automatic adjustments such as keeping the window at a fixed size in bytes, a fixed number of packets or a fixed real time duration. In addition, they may optionally delay window advancement based on NAK-silence for a certain period. Some possible strategies are outlined later in this document. 2.2. Receiver Functions Source Path State Receivers use SPMs to determine the last-hop PGM network element for a given TSI to which to direct their NAKs. Data Reception Receivers receive ODATA within the transmit window and eliminate any duplicates. Repair Requests Receivers unicast NAKs to the last-hop PGM network element and may optionally multicast a NAK with TTL=1 to the local group for data packets within the receive window detected to be missing from the expected sequence. A receiver must repeatedly transmit a given NAK until it receives a matching NCF. NAK Suppression Receivers suppress NAKs for which a matching NCF or NAK is received during the NAK transmit back-off interval. Receive Window Advance Receivers immediately advance their receive windows upon receipt of any PGM data packet or SPM within the receive window that advances the receive window. 2.3. Network Element Functions Network elements forward ODATA without intervention. [Page 14] INTERNET-DRAFT PGM Specification 24 June 1999 Source Path State Network elements intercept SPMs and use them to establish source path state for the corresponding source and group before multicast forwarding them in the usual way. NAK Reliability Network elements multicast NCFs to the group in response to any NAK they receive. For each NAK received, network elements create repair state recording the transport session identifier, the sequence number of the NAK, and the input interface on which the NAK was received. Constrained NAK Forwarding Network elements repeatedly unicast forward only the first copy of any NAK they receive to the upstream PGM network element on the distribution path for the TSI and in addition they may optionally multicast this NAK upstream with TTL=1. They do this until they receive an NCF in response. NAK Elimination Network elements discard exact duplicates of any NAK for which they already have repair state (i.e., that has been forwarded either by themselves or a neighbouring PGM network element), and respond with a matching NCF. Constrained RDATA Forwarding Network elements use NAKs to maintain repair state consisting of a list of interfaces upon which a given NAK was received, and they return the corresponding RDATA only on these interfaces. NAK Anticipation If a network element hears an upstream NCF (i.e., on the upstream interface for the distribution tree for the TSI), it establishes repair state without outgoing interfaces in anticipation of responding to and eliminating duplicates of the NAK that may arrive from downstream. 3. Terms and Concepts Before proceeding from the preceding overview to the detail in the sub- sequent Procedures, this section presents some concepts and definitions that make that detail more intelligible. [Page 15] INTERNET-DRAFT PGM Specification 24 June 1999 3.1. Transport Session Identifiers Every PGM packet is identified by a: TSI transport session identifier TSIs must be globally unique, and only one source at a time may act as the source for a transport session. (Note that repairers do not change the TSI in any RDATA they transmit). TSIs are composed of the concate- nation of a globally unique source identifier (GSI) and a source- assigned data-source port. Since all PGM packets originated by receivers are in response to PGM packets originated by a source, receivers simply echo the TSI heard from the source in any corresponding packets they originate. Since all PGM packets originated by network elements are in response to PGM packets originated by a receiver, network elements simply echo the TSI heard from the receiver in any corresponding packets they originate. 3.2. Sequence Numbers PGM uses a circular sequence number space from 0 through ((2**32) - 1) to identify and order ODATA packets. Sources must number ODATA packets in unit increments in the order in which the corresponding application data is submitted for transmission. Within a transmit or receive window (defined below), a sequence number x is "less" or "older" than sequence number y if it numbers an ODATA packet preceding ODATA packet y, and a sequence number y is "greater" or "more recent" than sequence number x if it numbers an ODATA packet subsequent to ODATA packet x. 3.3. Transmit Window The description of the operation of PGM rests fundamentally on the definition of the source-maintained transmit window. This definition in turn is derived directly from the amount of transmitted data (in seconds) a source retains for repair (TXW_SECS), and the maximum transmit rate (in bytes/second) maintained by a source to regulate its bandwidth utilization (TXW_MAX_RTE). The size of the transmit window in seconds is simply TXW_SECS. The size of the transmit window in bytes (TXW_BYTES) is (TXW_MAX_RTE * TXW_SECS). The size of the transmit window in sequence numbers (TXW_SQNS) is (TXW_BYTES / bytes-per-packet). In terms of sequence numbers, the transmit window is the range of sequence numbers consumed by the source for sequentially numbering and transmitting the most recent TXW_SECS of ODATA packets. The trailing [Page 16] INTERNET-DRAFT PGM Specification 24 June 1999 (or left) edge of the transmit window (TXW_TRAIL) is defined as the sequence number of the oldest data packet available for repair from a source. The leading (or right) edge of the transmit window (TXW_LEAD) is defined as the sequence number of the most recent data packet a source has transmitted. The size of the transmit window in sequence numbers (TXW_SQNS) (i.e., the difference between the leading and trailing edges) must be no greater than half the PGM sequence number space less one. The fraction of the transmit window size (in seconds of data) by which the transmit window is advanced (TXW_ADV_SECS) is called the window increment. The trailing (oldest) such fraction of the transmit window itself is called the increment window. In terms of sequence numbers, the increment window is the range of sequence numbers that will be the first to be expired from the transmit window. The trailing (or left) edge of the increment window is just TXW_TRAIL, the trailing (or left) edge of the transmit window. The leading (or right) edge of the increment window (TXW_INC) is defined as one less than the sequence number of the first data packet transmitted by the source TXW_ADV_SECS after transmitting TXW_TRAIL. A data packet is described as being "in" the transmit or increment win- dow, respectively, if its sequence number is in the range defined by the transmit or increment window, respectively. The transmit window is advanced across the increment window by the source when it increments TXW_TRAIL to TXW_INC. When the transmit win- dow is advanced across the increment window, the increment window is emptied (i.e., TXW_TRAIL is momentarily equal to TXW_INC), begins to refill immediately as transmission proceeds, is full again TXW_ADV_SECS later (i.e., TXW_TRAIL is separated from TXW_INC by TXW_ADV_SECS of data), at which point the transmit window is advanced again, and so on. Consider the following example: Assuming a constant transmit rate of 128kbps and a constant data packet size of 1500 bytes, if a source maintains the past 30 seconds of data for repair and increments its transmit window in 5 second increments, then TXW_MAX_RTE = 16kBps TXW_ADV_SECS = 5 seconds, TXW_SECS = 35 seconds, TXW_BYTES = 560kB, TXW_SQNS = 383 (rounded up), [Page 17] INTERNET-DRAFT PGM Specification 24 June 1999 and the size of the increment window in sequence numbers (TXW_MAX_RTE * TXW_ADV_SECS / 1500) = 54 (rounded down). Continuing this example, the following is a diagram of the transmit win- dow and the increment window therein in terms of sequence numbers. TXW_TRAIL TXW_LEAD | | | | |--|--------------- Transmit Window -------------|----| v | | v v v ... +-----+-----+-...-+------+------+-...-+-------+-------+ ..... n-1 | n | n+1 | ... | n+53 | n+54 | ... | n+381 | n+382 | n+383 ... +-----+-----+-...-+------+------+-...-+-------+-------+ ..... ^ ^ | ^ |--- Increment Window|---| | | TXW_INC So the values of the sequence numbers defining these windows are: TXW_TRAIL = n TXW_INC = n+53 TXW_LEAD = n+382 NOTA BENE: In this example the window sizes in terms of sequence numbers can be determined only because of the assumption of a con- stant data packet size of 1500 bytes. When the data packet sizes are variable, more or fewer sequence numbers may be consumed transmitting the same amount (TXW_BYTES) of data. So, for a given transport session identified by a TSI, a source main- tains: TXW_MAX_RTE a maximum transmit rate in kBytes per second, the cumula- tive transmit rate of some combination of SPMs, ODATA, and RDATA depending on the transmit window advancement strategy TXW_TRAIL the sequence number defining the trailing edge of the transmit window, the sequence number of the oldest data packet available for repair TXW_LEAD the sequence number defining the leading edge of the [Page 18] INTERNET-DRAFT PGM Specification 24 June 1999 transmit window, the sequence number of the most recently transmitted ODATA packet TXW_INC the sequence number defining the leading edge of the increment window, the sequence number of the most recently transmitted data packet amongst those that will expire upon the next increment of the transmit window PGM does not constrain the strategies that a source may use for advanc- ing the transmit window. A source may implement any scheme or number of schemes. This is possible because a PGM receiver must obey the window provided by the source in its packets. Three strategies are suggested within this document. In the first, called "Advance with Time", the transmit window maintains the last TXW_SECS of data in real-time, regardless of whether any data was sent in that real time period or not. The actual number of bytes maintained at any instant in time will vary between 0 and TXW_BYTES, depending on traffic during the last TXW_SECS. In this case, TXW_MAX_RTE is the cumulative transmit rate of SPMs and ODATA. In the second, called "Advance with Data", the transmit window maintains the last TXW_BYTES bytes of data for repair. That is, it maintains the theoretical maximum amount of data that could be transmitted in the time period TXW_SECS, regardless of when they were transmitted. In this case, TXW_MAX_RTE is the cumulative transmit rate of SPMS, ODATA, and RDATA. The third strategy leaves control of the window in the hands of the application. The API provided by a source implementation for this, could allow the application to control the window in terms of APDUs and to manually step the window. This gives a form of Application Level Framing (ALF). In this case, TXW_MAX_RTE is the cumulative transmit rate of SPMs, ODATA, and RDATA. Happily, everything else in this section is a LOT easier to explain than the transmit window. 3.4. Receive Window The receive window at the receivers is determined entirely by PGM pack- ets from the source. That is, a receiver simply obeys what the source tells it in terms of window state and advancement. For a given transport session identified by a TSI, a receiver maintains: RXW_TRAIL the sequence number defining the trailing edge of the receive window, the sequence number (known from data [Page 19] INTERNET-DRAFT PGM Specification 24 June 1999 packets and SPMs) of the oldest data packet available for repair from the source RXW_LEAD the sequence number defining the leading edge of the receive window, the greatest sequence number of any received data packet The receive window is the range of sequence numbers a receiver is expected to use to identify receivable ODATA. A data packet is described as being "in" the receive window if its sequence number is in the receive window. The receive window is advanced by the receiver when it receives an SPM or ODATA packet within the transmit window that increments RXW_TRAIL. Receivers also advance their receive windows upon receipt of any PGM data packet within the receive window that advances the receive window. 3.5. Source Path State To establish the repair state required to constrain RDATA, it's essen- tial that NAKs return from a receiver to a source on the reverse of the distribution tree from the source. That is, they must return through the same sequence of PGM network elements through which the ODATA was forwarded, but in reverse. There are two reasons for this, the less obvious one being by far the more important one. The first and obvious reason is that RDATA is forwarded on the same path as ODATA and so repair state must be established on this path if it is to constrain the propagation of RDATA. The second and less obvious reason is that in the absence of repair state, PGM network elements do NOT forward RDATA, so the default behaviour is to discard repairs. If repair state is not properly esta- blished for interfaces on which ODATA went missing, then receivers on those interfaces will continue to NAK for lost data and ultimately experience unrecoverable data loss. The principle function of SPMs is to provide the source path state required for PGM network elements to forward NAKs from one PGM network element to the next on the reverse of the distribution tree for the TSI, establishing repair state each step of the way. This source path state is simply the address of the upstream PGM network element on the reverse of the distribution tree for the TSI. That upstream PGM network element may be more than one subnet hop away. SPMs establish the identity of the upstream PGM network element on the distribution tree for each TSI in each group in each PGM network element, a sort of virtual PGM topol- ogy. So although NAKs are unicast addressed, they are NOT unicast [Page 20] INTERNET-DRAFT PGM Specification 24 June 1999 routed by PGM network elements in the conventional sense. Instead PGM network elements use the source path state established by SPMs to direct NAKs PGM-hop-by-PGM-hop toward the source. The idea is to constrain NAKs to the pure PGM topology spanning the more heterogeneous underlying topology of both PGM and non-PGM network elements. The result is repair state in every PGM network element between the receiver and the source so that the corresponding RDATA is never dis- carded by a PGM network element for lack of repair state. SPMs also maintain transmit window state in receivers by advertising the trailing and leading edges of the transmit window (SPM_TRAIL and SPM_LEAD). In the absence of data, SPMs may be used to close the transmit window in time by advancing the transmit window until SPM_TRAIL and SPM_LEAD are equal. 3.6. Packet Contents This section just provides enough short-hand to make the Procedures intelligible. For the full details of packet contents, please refer to Packet Formats below. 3.6.1. Source Path Messages 3.6.1.1. SPMs SPMs are transmitted by sources to establish source-path state in PGM network elements, and to provide transmit-window state in receivers. SPMs are multicast to the group and contain: SPM_TSI the source-assigned TSI for the session to which the SPM corresponds SPM_SQN a sequence number assigned sequentially by the source in unit increments and scoped by SPM_TSI NOTA BENE: this is an entirely separate sequence than is used to number ODATA and RDATA. SPM_TRAIL the sequence number defining the trailing edge of the source's transmit window (TXW_TRAIL) SPM_LEAD the sequence number defining the leading edge of the source's transmit window (TXW_LEAD) SPM_PATH the network-layer address (NLA) of the interface on the PGM network element on which the SPM is forwarded [Page 21] INTERNET-DRAFT PGM Specification 24 June 1999 3.6.2. Data Packets 3.6.2.1. ODATA - Original Data ODATA packets are transmitted by sources to send application data to receivers. ODATA packets are multicast to the group and contain: OD_TSI the globally unique source-assigned TSI OD_TRAIL the sequence number defining the trailing edge of the source's transmit window (TXW_TRAIL) OD_TRAIL makes the protocol more robust in the face of lost SPMs. By including the trailing edge of the transmit window on every data packet, receivers that have missed any SPMs that advanced the transmit window can still detect the case, recover the application, and potentially resynchronize to the transport session. OD_SQN a sequence number assigned sequentially by the source in unit increments and scoped by OD_TSI 3.6.2.2. RDATA - Repair Data RDATA packets are repair packets transmitted by sources or DLRs in response to NAKs. RDATA packets are multicast to the group and contain: RD_TSI OD_TSI of the ODATA packet for which this is a repair RD_TRAIL the sequence number defining the trailing edge of the source's transmit window (TXW_TRAIL), not necessarily the same as OD_TRAIL of the ODATA packet for which this is a repair RD_SQN OD_SQN of the ODATA packet for which this is a repair 3.6.3. Negative Acknowledgements 3.6.3.1. NAKs - Negative Acknowledgments NAKs are transmitted by receivers to request repairs for missing data packets. NAKs are unicast (PGM-hop-by-PGM-hop) to the source and contain: [Page 22] INTERNET-DRAFT PGM Specification 24 June 1999 NAK_TSI OD_TSI of the ODATA packet for which a repair is requested NAK_SQN OD_SQN of the ODATA packet for which a repair is requested NAK_SRC the unicast NLA of the original source of the missing ODATA. NAK_GRP the multicast group NLA 3.6.3.2. NNAKs - Null Negative Acknowledgments NNAKs are transmitted by a DLR that receives NAKs redirected to it by either receivers or network elements to provide flow-control feed-back to a source. NNAKs are unicast (PGM-hop-by-PGM-hop) to the source and contain: NNAK_TSI NAK_TSI of the corresponding re-directed NAK. NNAK_SQN NAK_SQN of the corresponding re-directed NAK. NNAK_SRC NAK_SRC of the corresponding re-directed NAK. NNAK_GRP NAK_GRP of the corresponding re-directed NAK. 3.6.4. Negative Acknowledgement Confirmations 3.6.4.1. NCFs - NAK confirmations NCFs are transmitted by network elements and sources in response to NAKs. NCFs are multicast to the group and contain: NCF_TSI NAK_TSI of the NAK being confirmed NCF_SQN NAK_SQN of the NAK being confirmed NCF_SRC NAK_SRC of the NAK being confirmed NCF_GRP NAK_GRP of the NAK being confirmed 3.6.5. Option Encodings OPT_FRAGMENT - Fragmentation [Page 23] INTERNET-DRAFT PGM Specification 24 June 1999 OPT_JOIN - Late Joining OPT_TIME - Time Stamp OPT_RXQ - Reception Quality Report OPT_DROP - Sequence Number Dropout OPT_REDIRECT - Redirect OPT_PARITY - Forward Error Correction [Page 24] INTERNET-DRAFT PGM Specification 24 June 1999 4. Procedures - General Since SPMs, NCFs, and RDATA must be treated conditionally by PGM network elements, they must be distinguished from other packets in the chosen multicast network protocol if PGM network elements are to extract them from the usual switching path. The most obvious way for network elements to achieve this is to examine every packet in the network for the PGM transport protocol and packet types. However, the overhead of this approach is costly for high- performance, multi-protocol network elements. An alternative, and a requirement for PGM over IP multicast, is that SPMs, NCFs, and RDATA must be transmitted with the IP Router Alert Option [6]. This option gives network elements a network-layer indication that a packet should be extracted from IP switching for more detailed processing. 5. Procedures - Sources 5.1. Data Transmission Since PGM relies on a purely rate-limited transmission strategy in the source to bound the bandwidth consumed by PGM transport sessions, an assortment of techniques is assembled here to make that strategy as con- servative and robust as possible. These techniques are the minimum required of a PGM source, and others may be added as experience dic- tates. 5.1.1. Maximum Cumulative Transmit Rate A source must number ODATA packets in the order in which they are sub- mitted for transmission by the application. A source must transmit ODATA packets in sequence and only within the transmit window beginning with TXW_TRAIL at no greater a rate than TXW_MAX_RTE. In the advance with data strategy, TXW_MAX_RTE is the maximum cumulative transmit rate of SPM, ODATA, and RDATA. The reason for calculating TXW_MAX_RTE in this way is so that the aggregate bandwidth remains within TXW_MAX_RATE. In the advance with time strategy, TXW_MAX_RTE is the maximum cumulative transmit rate of SPMS and ODATA only. The assumption in calculating TXW_MAX_RTE in this way is that delivery at a constant rate is the main concern. Other transmission strategies may define TXW_MAX_RTE as appropriate for the implementation. [Page 25] INTERNET-DRAFT PGM Specification 24 June 1999 5.1.2. Transmit Rate Regulation To regulate its transmit rate, a source must use a token bucket scheme or any other traffic management scheme that yields equivalent behaviour. A token bucket [7] is characterized by a continually sustainable data rate (the token rate) and the extent to which the data rate may exceed the token rate for short periods of time (the token bucket size). Over any arbitrarily chosen interval, the number of bytes the source may transmit cannot exceed the token bucket size plus the product of the token rate and the chosen interval. In addition, a source must bound the maximum rate at which successive packets may be transmitted using a leaky bucket scheme drained at a max- imum transmit rate, or equivalent mechanism. 5.1.3. TPDU Ordering To preserve the logic of PGM's transmit window, a source must implement strict priority queueing of pending SPMs, pending RDATA, and pending ODATA from three separate queues in that order, or implement any mechan- ism that results in equivalent behaviour. 5.1.4. Ambient SPMs Interleaved with ODATA and RDATA, a source must transmit SPMs at a rate at least sufficient to maintain current source path state in PGM network elements. Note that source path state in network elements does not track underlying changes in the distribution tree from a source until an SPM traverses the altered distribution tree. The consequence is that NAKs may go unconfirmed both at receivers and amongst network elments while changes in the underlying distribution tree take place. 5.1.5. Heartbeat SPMs In the absence of data to transmit, a source should transmit SPMs at a decaying rate in order to assist early detection of lost data, to main- tain current source path state in PGM network elements, and to maintain current receive window state in the receivers. In this scheme [8], a source maintains an inter-heartbeat timer IHB_TMR which times the interval between the most recent packet (ODATA, RDATA, or SPM) transmission and the next heartbeat transmission. IHB_TMR is initialized to a minimum interval IHB_MIN after the transmission of any data packet. If IHB_TMR expires, the source transmits a heartbeat SPM and initializes IHB_TMR to double its previous value. The transmission of consecutive heartbeat SPMs doubles IHB each time up to a maximum interval IHB_MAX. The transmission of any data packet initializes IHB_TMR to IHB_MIN once again. The effect is to provoke prompt [Page 26] INTERNET-DRAFT PGM Specification 24 June 1999 detection of missing packets in the absence of data to transmit, and to do so with minimal bandwidth overhead. 5.1.6. Ambient and Heartbeat SPMs Ambient and heartbeat SPMs are described as driven by separate timers in this specification to highlight their contrasting functions. Ambient SPMs are driven by a count-down timer that expires regularly while heartbeat SPMs are driven by a count-down timer that keeps being reset by data, and the interval of which changes once it begins to expire. The first timer is just counting down in real-time while the second is measuring the inter-data-packet interval. In the presence of data, no heartbeat SPMs will be transmitted since the transmission of data keeps setting the IHB_TMR back to its initial value. At the same time however, ambient SPMs must be interleaved into the data as a matter of course, not necessarily as a heartbeat mechan- ism. This ambient transmission of SPMs is required to keep the distri- bution tree information in the network current and to allow new receivers to synchronize with the session. It is in the interest of an implementation to de-couple ambient and heartbeat SPM timers sufficiently to permit them to be configured independently of each other. 5.2. Negative Acknowledgement Confirmation A source must immediately multicast an NCF in response to any NAK it receives. The NCF is required since the alternative of responding immediately with RDATA would not allow other PGM network elements on the same subnet to do NAK anticipation, nor would it allow DLRs on the same subnet to provide repairs. The generation of NCFs should be rate- limited to protect against a denial of service in the presence of a NAK storm. 5.3. Repairs A source must then multicast RDATA (while respecting TXW_MAX_RTE) in response to any NAK it receives for data packets within the transmit window. A source should transmit RDATA at priority over concurrent ODATA. The effect of this priority is to back off the transmission of ODATA in favour of RDATA. Note that work in progress is looking at algorithms for delaying RDATA transmission, to make the overall repair strategy more efficient. Implementations should not preclude a delay being introduced before RDATA transmission. [Page 27] INTERNET-DRAFT PGM Specification 24 June 1999 5.4. Transmit Window Advance 5.4.1. Advancing across the Increment Window In anticipation of advancing the transmit window, the source starts a timer TXW_ADV_IVL_TMR which runs for time period TXW_ADV_IVL. TXW_ADV_IVL has a value in the range (0, TXW_ADV_SECS). The value may be configurable or may be determined statically by the strategy used for advancing the transmit window. When TXW_ADV_IVL_TMR is running, a source may reset TXW_ADV_IVL_TMR if NAKs are received for packets in the increment window. In addition, a source may transmit RDATA in the increment window with priority over other data within the transmit window. When TXW_ADV_IVL_TMR expires, a source should advance the trailing edge of the transmit window from TXW_TRAIL to TXW_INC. Once the transmit window is advanced across the increment window, SPM_TRAIL, OD_TRAIL and RD_TRAIL are set to the new value of TXW_TRAIL in all subsequent transmitted packets, until the next window advance- ment. PGM does not constrain the strategies that a source may use for advanc- ing the transmit window. The source may implement any scheme or number of schemes. Three suggested strategies are outlined below. 5.4.2. Advancing with Data In the first strategy, TXW_MAX_RTE is calculated from SPMS and both ODATA and RDATA, and NAKs reset TXW_ADV_IVL_TMR. In this mode of opera- tion the transmit window maintains the last TXW_BYTES bytes of data for repair. That is, it maintains the theoretical maximum amount of data that could be transmitted in the time period TXW_SECS. This means that the following timers are not treated as real-time timers, instead they are "data driven". That is, they expire when the amount of data that could be sent in the time period they define is sent. They are the SPM ambient time interval, TXW_ADV_SECS, TXW_SECS, TXW_ADV_IVL, TXW_ADV_IVL_TMR and the join interval. Note that the SPM heartbeat timers still run in real-time. While TXW_ADV_IVL_TMR is running, a source uses the receipt of a NAK for ODATA within the increment window to reset timer TXW_ADV_IVL_TMR to TXW_ADV_IVL so that transmit window advancement is delayed until no NAKs for data in the increment window are seen for TXW_ADV_IVL seconds. If the transmit window should fill in the meantime, further transmissions would be suspended until the transmit window can be advanced. [Page 28] INTERNET-DRAFT PGM Specification 24 June 1999 A source must advance the transmit window across the increment window only upon expiry of TXW_ADV_IVL_TMR. This mode of operation is intended for non-real-time, messaging applica- tions based on the receipt of complete data at the expense of delay. 5.4.3. Advancing with Time This strategy advances the transmit window in real-time. In this mode of operation, TXW_MAX_RTE is calculated from SPMs and ODATA only to maintain a constant data throughput rate by consuming extra bandwidth for repairs. TXW_ADV_IVL has the value 0 which advances the transmit window without regard for whether NAKs for data in the increment window are still being received. In this mode of operation, all timers are treated as real-time timers. This mode of operation is intended for real-time, streaming applications based on the receipt of timely data at the expense of completeness. 5.4.4. Advancing under explicit application control Some applications may wish more explicit control of the transmit window than that provided by the advance with data / time strategies above. An implementation may provide this mode of operation and allow an applica- tion to explicitly control the window in terms of APDUs. 6. Procedures - Receivers 6.1. Data Reception Initial data reception A receiver should initiate data reception beginning with the first data packet it receives within the advertised transmit window. This packet's sequence number (ODATA_SQN) temporarily defines the trailing edge of the transmit window from the receiver's perspective. That is, it is assigned to RXW_TRAIL_INIT within the receiver, and until the trailing edge sequence number advertised in subsequent packets (SPMs or ODATA or RDATA) increments through RXW_TRAIL_INIT, the receiver must only request repairs for sequence numbers subsequent to RXW_TRAIL_INIT. Thereafter, it may request repairs anywhere in the transmit window. This temporary restriction on repair requests prevents receivers from requesting a potentially large amount of history when they first begin to receive a given PGM transport session. Note that the JOIN option, discussed later, can be used to provide a different value for RXW_TRAIL_INIT. [Page 29] INTERNET-DRAFT PGM Specification 24 June 1999 Receiving and discarding data packets Within a given transport session, a receiver must receive any ODATA or RDATA packets within the receive window. A receiver must discard any data packet that duplicates one already received in the transmit window. A receiver must discard any data packet outside of the receive window. Contiguous data Contiguous data is comprised of those data packets within the receive window that have been received and are in the range from RXW_TRAIL up to (but not including) the first missing sequence number in the receive window. The most recently received data packet of contiguous data defines the leading edge of contiguous data. As its default mode of operation, a receiver must deliver only contigu- ous data packets to the application, and it must do so in the order defined by those data packets' sequence numbers. This provides applica- tions with a reliable ordered data flow. Non contiguous data PGM receiver implementations may optionally provide a mode of operation in which data is delivered to an application in the order received. However, the implementation must only deliver complete application pro- tocol data units (APDUs) to the application. That is, APDUs that have been fragmented into different TPDUs must be reassembled before delivery to the application. 6.2. Source Path Messages Receivers must receive and sequence SPMs for any TSI they are receiving. For each TSI, receivers must use the most recent SPM to determine the NLA of the upstream PGM network element for use in NAK addressing. Note that a receiver cannot initiate repair requests until it has received at least one SPM for the corresponding TSI. 6.3. Negative Acknowledgment Detecting missing data packets Receivers must detect gaps in the expected data sequence by comparing the sequence number on the most recently received ODATA or RDATA packet with the leading edge of contiguous data. If the receiver has not received all intervening data packets, it must initiate selective NAK generation for each intervening missing sequence number. Receivers should temper the initiation of NAK generation to account for simple mis-ordering introduced by the network. [Page 30] INTERNET-DRAFT PGM Specification 24 June 1999 Receivers must also detect gaps in the expected data sequence by compar- ing SPM_LEAD of the most recently received SPM with the leading edge of contiguous data. If the receiver has not received all intervening data packets, it must initiate selective NAK generation for each missing sequence number. Generating NAKs NAK generation requires that a receiver listen to NCFs and NAKs for the same transport session. NAK generation also requires that a receiver observe four time out intervals for any given NAK (i.e., per NAK_TSI and NAK_SQN). The first time out interval, the NAK random back-off interval NAK_RB_IVL, randomly delays the transmission of a given NAK from a receiver. NAK_RB_IVL is counted down from the time a missing data packet is detected. Expiry of NAK_RB_IVL causes NAK transmission. NAK transmission is defined as sending a unicast NAK to the PGM upstream neighbour and a multicast NAK with ttl 1. The second time out interval, the NAK repeat interval NAK_RPT_IVL, lim- its the length of time for which a receiver will repeat a NAK while waiting for a corresponding NCF. NAK_RPT_IVL is counted down from the transmission of a NAK. Expiry of NAK_RPT_IVL cancels NAK generation and indicates unrecoverable data loss (due to missing NCF). The third time out interval, the NAK RDATA interval NAK_RDATA_IVL, lim- its the length of time for which a receiver will wait for the RDATA corresponding to a confirmed NAK. NAK_RDATA_IVL is counted down from the time a matching NCF is received. Expiry of NAK_RDATA_IVL causes the receiver to select a new value of NAK_RB_IVL, and start again. The fourth time out interval, the NAK generation interval NAK_GEN_IVL, limits the length of time for which a receiver will retry a NAK while waiting for the corresponding RDATA. NAK_GEN_IVL is counted down from the time a missing data packet is detected. Expiry of NAK_GEN_IVL can- cels NAK generation and indicates unrecoverable data loss (due to miss- ing RDATA). NAK generation follows the detection of a missing data packet and is the cycle of waiting for NAK_RB_IVL, listening for matching NCFs or NAKs, transmitting a NAK if a matching NCF or NAK is not heard, waiting NAK_RDATA_IVL, and recommencing NAK generation if the matching data is not received. During NAK_RB_IVL, a NAK is said to be pending. During NAK_RDATA_IVL, a NAK is said to be outstanding. [Page 31] INTERNET-DRAFT PGM Specification 24 June 1999 Suspending NAK generation Suspending NAK generation just means waiting for either NAK_RB_IVL or NAK_RDATA_IVL to pass. A receiver must suspend NAK generation if a duplicate of the NAK is already pending from this receiver. A NAK is pending from this receiver if NAK_RB_IVL for this NAK has been initiated in this receiver but has not yet passed. A receiver must suspend NAK generation if a duplicate of the NAK is already outstanding from this or another receiver. A NAK is outstanding from this or another receiver if NAK_RDATA_IVL for this NAK has been initiated in this receiver but has not yet passed. Backing off NAK transmission Before transmitting a NAK, a receiver must wait some interval NAK_RB_IVL chosen randomly and uniformly over NAK_BO_IVL during which it listens for a matching NAK that may have been transmitted by another receiver or a matching NCF that may be transmitted in response to the same NAK from another receiver. When a receiver has to transmit a sequence of NAKs, it should transmit the NAKs in order from oldest to newest. The receiver should pace the NAK sequence so as not to cause a NAK storm on the network. NAK suppression A receiver must suspend NAK generation and wait at least NAK_RDATA_IVL before recommencing NAK generation if it hears a matching NCF or NAK during NAK_RB_IVL. A matching NCF must match NCF_TSI with NAK_TSI, and NCF_SQN with NAK_SQN. Transmitting a NAK Upon expiry of NAK_RB_IVL, a receiver must transmit a NAK to the upstream PGM network element for the TSI specifying the transport ses- sion identifier and missing sequence number. It must repeat the NAK at a rate of NAK_RPT_RTE for an interval of NAK_RPT_IVL until it receives a matching NCF. It must then wait NAK_RDATA_IVL before recommencing NAK generation. If it hears a matching NCF during NAK_RDATA_IVL, it must wait anew for NAK_RDATA_IVL before recommencing NAK generation (i.e., NCFs restart NAK_RDATA_IVL). Receivers should transmit NAKs for data packets in the increment window at priority over NAKs for data packets in the remainder of the receive window. [Page 32] INTERNET-DRAFT PGM Specification 24 June 1999 Completion of NAK generation NAK generation is complete only upon the reception of the matching RDATA (or even ODATA) packet at any time during NAK generation. Cancellation of NAK generation NAK generation is canceled upon the advancing of the receive window so as to exclude the matching sequence number of a pending or outstanding NAK, or the expiry of NAK_GEN_IVL. Cancellation of NAK generation indi- cates unrecoverable data loss. Addressing NAKs A receiver (unicast) addresses a NAK to the upstream PGM network element for the TSI. In addition, it may optionally multicast a NAK with TTL=1 to the group. It also records both the address of the source of the corresponding ODATA and the address of the group in the NAK header. Receiving NCFs and multicast NAKs A receiver must discard any NCFs or NAKs it hears for data packets out- side the receive window. If a receiver hears an NCF or NAK for a data packet in the receive win- dow for which it has no repair state, it should discard the NCF/NAK only if it has already received the matching data packet. If it has not already received the matching data packet, it should wait NAK_RDATA_IVL and then commence NAK generation itself, beginning with the random back off procedure. 7. Procedures - Network Elements 7.1. Source Path State Upon receipt of an SPM, a network element records the Source Path Address SPM_PATH with the multicast routing information for the TSI. If the receiving network element is on the same subnet as the forwarding network element, this address will be the same as the address of the immediately upstream network element on the distribution tree for the TSI. If, however, non-PGM network elements intervene between the for- warding and the receiving network elements, this address will be the address of the first PGM network element across the intervening network elements. The network element then forwards the SPM on each outgoing interface for that TSI. As it does so, it encodes the network address of the outgoing interface in SPM_PATH in each copy of the SPM it forwards. [Page 33] INTERNET-DRAFT PGM Specification 24 June 1999 7.2. NAK Confirmation Network elements must immediately transmit an NCF in response to any unicast NAK they receive. The NCF must be multicast to the group on the interface on which the NAK was received. NOTA BENE: In order to avoid creating multicast routing state for PGM network elements across non-PGM-capable clouds, NCFs transmitted by network elements must bear the ODATA source's NLA, not the network element's NLA as might be expected. The generation of NCFs should be rate-limited to protect against a denial of service in the presence of a NAK storm. Simultaneously, network elements must establish repair state for the NAK if such state does not already exist, and add the interface on which the NAK was received to the corresponding repair interface list if the interface is not already listed. 7.3. Constrained NAK Forwarding The NAK forwarding procedures for network elements are quite similar to those for receivers, but three important differences should be noted. First, network elements do NOT back off before forwarding a NAK (i.e., there is no NAK_BO_IVL) since the resulting delay of the NAK would com- pound with each hop. Note that NAK arrivals will be randomized by the receivers from which they originate, and this factor in conjunction with NAK anticipation and elimination will combine to forestall NAK storms on subnets with a dense network element population. Second, network elements do NOT retry confirmed NAKs (i.e., there is no NAK_GEN_IVL) if RDATA is not seen; they simply discard the repair state and rely on receivers to re-request the repair. This approach keeps the repair state in the network elements relatively ephemeral and responsive to underlying routing changes. Third, note that ODATA does NOT cancel NAK forwarding in network ele- ments since it is switched by network elements without transport-layer intervention. NAK forwarding requires that a network element listen to NCFs for the same transport session. NAK forwarding also requires that a network element observe two time out intervals for any given NAK (i.e., per NAK_TSI and NAK_SQN). The first, the NAK repeat interval NAK_RPT_IVL, limits the length of time for which a network element will repeat a NAK while waiting for a corresponding NCF. NAK_RPT_IVL is counted down from the transmission of [Page 34] INTERNET-DRAFT PGM Specification 24 June 1999 a NAK. Expiry of NAK_RPT_IVL cancels NAK forwarding (due to missing NCF). The second, the NAK RDATA interval NAK_RDATA_IVL, limits the length of time for which a network element will wait for the corresponding RDATA. NAK_RDATA_IVL is counted down from the time a matching NCF is received. Expiry of NAK_RDATA_IVL causes the network element to discard the corresponding repair state (due to missing RDATA). During NAK_RPT_IVL, a NAK is said to be pending. During NAK_RDATA_IVL, a NAK is said to be outstanding. A Network element must forward NAKs only to the upstream PGM network element for the TSI. A network element must repeat a NAK at a rate of NAK_RPT_RTE for an interval of NAK_RPT_IVL until it receives a matching NCF. A matching NCF must match NCF_TSI with NAK_TSI, and NCF_SQN with NAK_SQN. Upon reception of the corresponding NCF, network elements must wait at least NAK_RDATA_IVL for the corresponding RDATA. Receipt of the corresponding RDATA at any time during NAK forwarding cancels NAK for- warding and tears down the corresponding repair state in the network element. 7.4. NAK elimination Two NAKs duplicate each other if they bear the same NAK_TSI and NAK_SQN. Network elements must discard all duplicates of a NAK that is pending. Once a NAK is outstanding, network elements must discard all duplicates of that NAK for NAK_ELIM_IVL. Upon expiry of NAK_ELIM_IVL, network ele- ments must suspend NAK elimination for that TSI/SQN until the first duplicate of that NAK is seen after the expiry of NAK_ELIM_IVL. This duplicate must be forwarded in the usual manner. Once this duplicate NAK is outstanding, network elements must once again discard all dupli- cates of that NAK for NAK_ELIM_IVL, and so on. NAK_RDATA_IVL must be reset each time a NAK for the corresponding TSI/SQN is confirmed (i.e., each time NAK_ELIM_IVL is reset). NAK_ELIM_IVL must be some small frac- tion of NAK_RDATA_IVL. NAK_ELIM_IVL acts to balance implosion prevention against repair state liveness. That is, it results in the elimination of all but at most one NAK per NAK_ELIM_IVL thereby allowing repeated NAKs to keep the repair state alive in the PGM network elements. [Page 35] INTERNET-DRAFT PGM Specification 24 June 1999 7.5. NAK Anticipation An unsolicited NCF is one that is received by a network element when the network element has no corresponding pending or outstanding NAK. Net- work elements must process unsolicited NCFs differently depending on the interface on which they are received. If the interface on which an NCF is received is the same interface the network element would use to reach the upstream PGM network element, the network element simply establishes repair state for NCF_TSI and NCF_SQN without adding the interface to the repair interface list, and discards the NCF. If the repair state already exists, the network element res- tarts the NAK_RDATA and NAK_ELIM_IVL timers and discards the NCF. If the interface on which an NCF is received is not the same interface the network element would use to reach the upstream PGM network element, the network element does not establish repair state and just discards the NCF. Anticipated NAKs permit the elimination of any subsequent matching NAKs from downstream. Upon establishing anticipated repair state, network elements must eliminate subsequent NAKs only for a period of NAK_ELIM_IVL. Upon expiry of NAK_ELIM_IVL, network elements must suspend NAK elimination for that TSI/SQN until the first duplicate of that NAK is seen after the expiry of NAK_ELIM_IVL. This duplicate must be forwarded in the usual manner. Once this duplicate NAK is outstand- ing, network elements must once again discard all duplicates of that NAK for NAK_ELIM_IVL, and so on. NAK_RDATA_IVL must be reset each time a NAK for the corresponding TSI/SQN is confirmed (i.e., each time NAK_ELIM_IVL is reset). NAK_ELIM_IVL must be some small fraction of NAK_RDATA_IVL. 7.6. NAK Shedding Network elments may implement local procedures for withholding NAK con- firmations for receivers detected to be reporting excessive loss. The result of these procedures would ultimately be unrecoverable data loss in the receiver. 7.7. Addressing NAKs A PGM network element uses the *contained* source and group addresses to find the source/group multicast routing information, looks up the corresponding upstream PGM network element's address, uses it to re- address the (unicast) NAK, and unicasts it on the upstream interface for the distribution tree for the TSI. [Page 36] INTERNET-DRAFT PGM Specification 24 June 1999 7.8. Constrained RDATA Forwarding Network elements must maintain repair state for each interface on which a given NAK is received at least once. Network elements must then use this list of interfaces to constrain the forwarding of the corresponding RDATA packet only to those interfaces in the list. An RDATA packet corresponds to a NAK if it matches NAK_TSI and NAK_SQN. Network elements must maintain this repair state only until either the corresponding RDATA is received and forwarded, or NAK_RDATA_IVL passes after forwarding the most recent instance of a given NAK. Thereafter, the corresponding repair state must be discarded. Network elements should discard and not forward RDATA packets for which they have no repair state. Note that the consequence of this procedure is that, while it constrains repairs to the interested sub-set of the network, loss of repair state precipitates further NAKs from neglected receivers. [Page 37] INTERNET-DRAFT PGM Specification 24 June 1999 8. Packet Formats All of the packet formats described in this section are transport-layer headers that must immediately follow the network-layer header in the packet. Only data packet headers (ODATA and RDATA) may be followed in the packet by application data. For each packet type, the source and destination network-layer addresses (NLAs) are specified in addition to the format and contents of the transport layer header. Recall from Gen- eral Procedures that, for PGM over IP multicast, SPMs, NCFs, and RDATA must also bear the IP Router Alert Option. For PGM over IP, the IP protocol number is 113. In all packets the descriptions of Data-Source Port, Data-Destination Port, Options, Checksum, Global Source ID (GSI), and TPDU Length are: Data-Source Port: A random port number generated by the source. This port number must be unique within the source. Source Port together with Glo- bal Source ID forms the TSI. Data-Destination Port: A globally well-known port number assigned to the given PGM appli- cation. Options: This field encodes binary indications of the presence and signifi- cance of any options. It also directly encodes some options. bit 0 set => One or more Option Extensions are present bit 1 set => One or more Options are network-significant Note that this bit is clear when OPT_FRAGMENT and/or OPT_JOIN are the only options present. bit 6 set => Parity packet for a variable-size transmission group (OPT_VAR_SIZE). This can only be present in parity packets, i.e. when OPT_PARITY is present bit 7 set => Packet is a parity packet (OPT_PARITY) All the other options (option extensions) are encoded in exten- sions to the PGM header. [Page 38] INTERNET-DRAFT PGM Specification 24 June 1999 Checksum: This field is the usual 1's complement of the 1's complement sum of the entire PGM packet including header. The checksum does not include a network-layer pseudo header for compatibility with network address translation. If the computed checksum is zero, it is transmitted as all ones. A value of zero in this field means the transmitter generated no checksum. Note that if any entity between a source and a receiver modifies the PGM header for any reason (such as editing the Previous Sequence Number field of OPT_DROP), it must either recompute the checksum or clear it. The checksum is mandatory on data packets (ODATA and RDATA) that do NOT also have OPT_DROP. Global Source ID: A globally unique source identifier. This ID must not change throughout the duration of the transport session. A recommended identifier is the low-order 48 bits of the MD5 [9] signature of the DNS name of the source. Global Source ID together with Data- Source Port forms the TSI. TPDU Length: The length in octets of the PGM packet including the size of the header and any options. The high-order two bits of the Type field encode a version number, 0x0 in this instance. The low-order nibble of the type field encodes the specific packet type. The intervening two bits (the low-order two bits of the high-order nibble) are reserved and must be zero. Within the low-order nibble of the Type field: values in the range 0x0 through 0x3 represent SPM-like packets (i.e., session-specific, sourced by a source, periodic), values in the range 0x4 through 0x7 represent DATA-like packets (i.e., data and repairs), values in the range 0x8 through 0xB represent NAK-like packets (i.e., hop-by-hop reliable NAK forwarding procedures), and values in the range 0xC through 0xF represent SPMR-like packets (i.e., session-specific, sourced by a receiver, asynchronous). [Page 39] INTERNET-DRAFT PGM Specification 24 June 1999 Address Family Indicators (AFIs) are as specified in [10]. [Page 40] INTERNET-DRAFT PGM Specification 24 June 1999 8.1. Source Path Messages SPMs are sent by a source to establish source path state in network ele- ments and to provide transmit window state to receivers. The source NLA of an SPM is the unicast NLA of the entity that ori- ginates the SPM. The destination NLA of an SPM is a multicast group NLA. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Port | Destination Port | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Options | Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Global Source ID ... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ... Global Source ID | TPDU Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | SPM's Sequence Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Trailing Edge Sequence Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Leading Edge Sequence Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | NLA AFI | reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Path NLA ... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-...-+-+ | Option Extensions when present ... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- ... -+-+-+-+-+-+-+-+-+-+-+-+-+-+ Source Port: SPM_SPORT Data-Source Port, together with SPM_GSI forms SPM_TSI Destination Port: SPM_DPORT Data-Destination Port Type: [Page 41] INTERNET-DRAFT PGM Specification 24 June 1999 SPM_TYPE = 0x00 Global Source ID: SPM_GSI Together with SPM_SPORT forms SPM_TSI SPM's Sequence Number SPM_SQN The sequence number assigned to the SPM by the source. Trailing Edge Sequence Number: SPM_TRAIL The sequence number defining the current trailing edge of the source's transmit window (TXW_TRAIL). Leading Edge Sequence Number: SPM_LEAD The sequence number defining the current leading edge of the source's transmit window (TXW_LEAD). Path NLA: SPM_PATH The NLA of the interface on the network element on which this SPM was forwarded. Initialized by a source to the source's NLA, rewritten by each PGM network element upon forwarding. Option Extensions: SPMs may bear OPT_JOIN. [Page 42] INTERNET-DRAFT PGM Specification 24 June 1999 8.2. Data Packets Data packets carry application data from a source or a repairer to receivers. ODATA: Original data packets transmitted by a source. RDATA: Repairs transmitted by a source or by a designated local repairer (DLR) in response to a NAK. The source NLA of a data packet is the unicast NLA of the entity that originates the data packet. The destination NLA of a data packet is a multicast group NLA. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Port | Destination Port | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Options | Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Global Source ID ... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ... Global Source ID | TPDU Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Trailing Edge Sequence Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Data Packet Sequence Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Option Extensions when present ... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- ... -+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Data ... +-+-+- ... Source Port: OD_SPORT, RD_SPORT Data-Source Port, together with Global Source ID forms: OD_TSI, RD_TSI [Page 43] INTERNET-DRAFT PGM Specification 24 June 1999 Destination Port: OD_DPORT, RD_DPORT Data-Destination Port Type: OD_TYPE = 0x04 RD_TYPE = 0x05 Global Source ID: OD_GSI, RD_GSI Together with Source Port forms: OD_TSI, RD_TSI Trailing Edge Sequence Number: OD_TRAIL, RD_TRAIL The sequence number defining the current trailing edge of the source's transmit window (TXW_TRAIL). In RDATA, this may not be the same as OD_TRAIL of the ODATA packet for which it is a repair. Data Packet Sequence Number: OD_SQN, RD_SQN The sequence number originally assigned to the ODATA packet by the source. Option Extensions: Data packets may bear OPT_FRAGMENT or OPT_DROP (not both) Data: Application data. [Page 44] INTERNET-DRAFT PGM Specification 24 June 1999 8.3. Negative Acknowledgements and Confirmations NAK: Negative Acknowledgements are sent by receivers to request the repair of an ODATA packet detected to be missing from the expected sequence. N-NAK: Null Negative Acknowledgements are sent by DLRs to provide flow control feedback to the source of ODATA for which the DLR has pro- vided the corresponding RDATA. The source NLA of a NAK is the unicast NLA of the entity that originates the NAK. The source NLA of NAK is rewritten by each PGM network element with its own. The destination NLA of a NAK is initialized by the originator of the NAK (a receiver) to the unicast NLA of the upstream PGM network element known from SPMs. The destination NLA of a NAK is rewritten by each PGM network element with the unicast NLA of the upstream PGM network element to which this NAK is forwarded. On the final hop, the destination NLA of a NAK is rewritten by the PGM network element with the unicast NLA of the original source or the unicast NLA of a DLR. NCF: NAK Confirmations are sent by network elements and sources to con- firm the receipt of a NAK. The source NLA of an NCF is the ODATA source's NLA, not the network element's NLA as might be expected. The destination NLA of an NCF is a multicast group NLA. Note that in NAKs and N-NAKs, unlike the other packets, the field SPORT contains the Data-Destination port and the field DPORT contains the Data-Source port. As a general rule, the content of SPORT/DPORT is determined by the direction of the flow: in packets which travel down- stream SPORT is the port number chosen in the data source (Data-Source Port) and DPORT is the data destination port number (Data-Destination Port). The opposite holds for packets which travel upstream. This makes DPORT the protocol endpoint in the recipient host, regardless of the direction of the packet. [Page 45] INTERNET-DRAFT PGM Specification 24 June 1999 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Port | Destination Port | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Options | Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Global Source ID ... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ... Global Source ID | TPDU Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Requested Sequence Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | NLA AFI | reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source NLA ... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-...-+-+ | NLA AFI | reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Multicast Group NLA ... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-...-+-+ | Option Extensions when present ... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- ... Source Port: NAK_SPORT, NNAK_SPORT Data-Destination Port NCF_SPORT Data-Source Port, together with Global Source ID forms NCF_TSI Destination Port: NAK_DPORT, NNAK_DPORT Data-Source Port, together with Global Source ID forms: NAK_TSI, NNAK_TSI NCF_DPORT Data-Destination Port [Page 46] INTERNET-DRAFT PGM Specification 24 June 1999 Type: NAK_TYPE = 0x08 NNAK_TYPE = 0x09 NCF_TYPE = 0x0A Global Source ID: NAK_GSI, NNAK_GSI, NCF_GSI Together with Data-Source Port forms NAK_TSI, NNAK_TSI, NCF_TSI Requested Sequence Number: NAK_SQN, NNAK_SQN NAK_SQN is the sequence number of the ODATA packet for which a repair is requested. NNAK_SQN is the sequence number of the RDATA packet for which a repair has been provided by a DLR. NCF_SQN NCF_SQN is NAK_SQN from the NAK being confirmed. Source NLA: NAK_SRC, NNAK_SRC, NCF_SRC The unicast NLA of the original source of the missing ODATA. Multicast Group NLA: NAK_GRP, NNAK_GRP, NCF_GRP The multicast group NLA. Option Extensions: NAKs may bear OPT_TIME NCFs may bear OPT_REDIRECT [Page 47] INTERNET-DRAFT PGM Specification 24 June 1999 9. Options PGM specifies several end-to-end options to address specific application requirements. PGM specifies options to support fragmentation, late joining, time-stamping, reception quality reports, sequence number dro- pout, and redirection. Options may be appended to PGM packet headers only by their original transmitters. While they may be interpreted by network elements, options are neither added nor removed by network elements. NOTA BENE: PGM network elements and receivers must pass over any options for which they do not have a definition and pro- cess the packet as though it did not bear those undefined options. 9.1. Option extension length - OPT_LENGTH When option extensions are appended to the standard PGM header, the extensions must be preceded by an option extension length field specify- ing the total length of all option extensions. In addition, the PGM packet length must be incremented by the total length of all options, and the presence of the options must be encoded in the Options field of the standard PGM header before the Checksum is computed. All network-significant options must be appended before any exclusively receiver-significant options. To provide an indication of the end of option extensions, OPT_END (0x80) must be set in the Option Type field of the trailing option extension. 9.1.1. OPT_LENGTH - Packet Extension Format 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Option Type | Option Length | Total length of all options | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Option Type = 0x00 Option Length = 4 octets Total length of all options [Page 48] INTERNET-DRAFT PGM Specification 24 June 1999 The total length in octets of all option extensions including OPT_LENGTH. 9.2. Fragmentation Option - OPT_FRAGMENT Fragmentation allows transport-layer entities at a source to break up application protocol data units (APDUs) into multiple PGM data packets (TPDUs) to conform with the MTU supported by the network layer. The fragmentation option may be applied to ODATA and RDATA packets only. This option is incompatible with the sequence number dropout option since dropout is based upon application-layer informa- tion available only at the beginning of the APDU. Trailing fragments of such packets would not have sufficient informa- tion to which to apply the drop out algorithm and so would be pass through filters designed to discard the APDU as a whole. Architecturally, the accumulation of TPDUs into APDUs is applied to TPDUs that have already been received, duplicate eliminated, and con- tiguously sequenced by the receiver. Thus APDUs may be reassembled across increments of the transmit window. 9.2.1. OPT_FRAGMENT - Packet Extension Contents OPT_FRAG_OFF the offset of the fragment from the beginning of the APDU OPT_FRAG_LEN the total length of the original APDU 9.2.2. OPT_FRAGMENT - Procedures - Sources A source fragments APDUs into a contiguous series of fragments no larger than the MTU supported by the network layer. A source sequentially and uniquely assigns OD_SQNs to these fragments in the order in which they occur in the APDU. A source then sets OPT_FRAG_OFF to the value of the offset of the fragment in the original APDU (where the first byte of the APDU is at offset 0, and OPT_FRAG_OFF numbers the first byte in the fragment), and set OPT_FRAG_LEN to the value of the total length of the original APDU. 9.2.3. OPT_FRAGMENT - Procedures - Receivers Receivers detect and accumulate fragmented packets until they have received an entire contiguous sequence of packets comprising an APDU. This sequence begins with the fragment bearing OPT_FRAG_OFF of 0, and terminates with the fragment whose length added to its OPT_FRAG_OFF is OPT_FRAG_LEN. [Page 49] INTERNET-DRAFT PGM Specification 24 June 1999 9.2.4. OPT_FRAGMENT - Procedures - Network Elements This option is not network-significant. 9.2.5. OPT_FRAGMENT - Packet Extension Format 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Option Type | Option Length | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Offset | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Option Type = 0x01 Option Length = 12 octets Offset The offset of the fragment from the beginning of the APDU (OPT_FRAG_OFF). Length The total length of the original APDU (OPT_FRAG_LEN). 9.3. Late Joining Option - OPT_JOIN Late joining allows a source to bound the amount of repair history receivers may request when they initially join a particular transport session. This option indicates that receivers that join a transport session in progress may request repair of all data as far back as the given minimum sequence number from the time they join the transport session. The default is for receivers to receive data only from the first packet they receive and onward. 9.3.1. OPT_JOIN - Packet Extensions Contents OPT_JOIN_MIN the minimum sequence number for repair [Page 50] INTERNET-DRAFT PGM Specification 24 June 1999 9.3.2. OPT_JOIN - Procedures - Receivers If a PGM packet (ODATA, RDATA, or SPM) bears OPT_JOIN, a receiver may initialize the trailing edge of the receive window (RXW_TRAIL_INIT) to the given Minimum Sequence Number and proceeds with normal data recep- tion. 9.3.3. OPT_JOIN - Procedures - Network Elements This option is not network-significant. 9.3.4. OPT_JOIN - Packet Extension Format 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Option Type | Option Length | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Minimum Sequence Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Option Type = 0x03 Option Length = 8 octets Minimum Sequence Number The minimum sequence number defining the initial trailing edge of the receive window for a late joining receiver. 9.4. Time Stamp Option - OPT_TIME Time stamps may be used in conjunction with NAKs to allow receivers to specify the interval in which the requested RDATA is relevant to them. That interval is interpreted by both network elements and sources to determine whether to continue with or abandon a given repair. 9.4.1. OPT_TIME - Packet Extensions Contents OPT_TIME_STAMP absolute time interval in milliseconds 9.4.2. OPT_TIME - Procedures - Receivers Receivers may append the Time Stamp option to a NAK to indicate the absolute interval from the time of transmitting the NAK during which the receiver can usefully receive the corresponding RDATA. [Page 51] INTERNET-DRAFT PGM Specification 24 June 1999 9.4.3. OPT_TIME - Procedures - Network Elements Network elements should use the time stamp of a NAK to age the associ- ated repair state for the specified interval and discard it if the corresponding RDATA has not already torn it down. Network elements must eliminate a time-stamped NAK only if its time stamp is smaller than the remaining time associated with the matching repair state. Otherwise, such a NAK must be forwarded instead of elim- inated, and its time stamp must be used to replace the time stamp of existing repair state. 9.4.4. OPT_TIME - Procedures - Sources A source should abandon any attempt to transmit RDATA in response to a time stamped NAK if that repair cannot be completed within the specified interval. 9.4.5. OPT_TIME - Packet Extension Format 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Option Type | Option Length | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Time Stamp | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Option Type = 0x04 Option Length = 8 octets Time Stamp Absolute time interval in milliseconds (OPT_TIME_STAMP). 9.5. Reception Quality Option - OPT_RXQ Reception quality reports may be used in conjunction with NAKs to allow receivers to provide a reception quality metric to the source. 9.5.1. OPT_RXQ - Packet Extensions Contents OPT_RXQ_METRIC A reception quality metric defined by a source's local flow- and congestion-control procedures. [Page 52] INTERNET-DRAFT PGM Specification 24 June 1999 9.5.2. OPT_RXQ - Procedures - Receivers Receivers may append the Reception Quality option to a NAK to indicate the rate of packet loss detected at the receiver. Receivers must bias the transmission of NAKs bearing OPT_RXQ by scaling NAK_BO_IVL with respect to the reception quality metric. That is, as reception quality deteriorates, NAK_BO_IVL should be reduced, and as reception quality improves, NAK_BO_IVL should be increased. The procedures for NAK suppression apply unchanged with the exception that NAKs bearing OPT_RXQ are only suppressed by other matching NAKs bearing OPT_RXQ and a worse reception quality metric. 9.5.3. OPT_RXQ - Procedures - Network Elements Network elements must eliminate a NAK bearing OPT_RXQ only if its recep- tion quality metric is larger (worse) than the reception quality metric associated with the matching repair state. Otherwise, such a NAK must be forwarded instead of eliminated, and its reception quality metric must be used to replace the reception quality metric of existing repair state. 9.5.4. OPT_RXQ - Procedures - Sources Sources may interpret reception quality reports in a local manner to adjust their transmission rate. 9.5.5. OPT_RXQ - Packet Extension Format 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Option Type | Option Length | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Reception Quality Metric | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Option Type = 0x05 Option Length = 8 octets Reception Quality Metric TBD [Page 53] INTERNET-DRAFT PGM Specification 24 June 1999 9.6. Sequence Number Dropout Option - OPT_DROP Sequence number dropout may be used in conjunction with data packets to allow sources and network elements to selectively eliminate PGM data packets and convey the resulting sequence-number discontinuity to receivers so that sequencing can be preserved across the dropout. Sequence number dropout is incompatible with the fragmentation option. This option is incompatible with fragmentation since dropout is based upon application-layer information available only at the beginning of the APDU. Trailing fragments of such packets would not have sufficient information to which to apply the drop out algorithm and so would be pass through filters designed to discard the APDU as a whole. 9.6.1. OPT_DROP - Packet Extensions Contents OPT_DROP_PREV the sequence number of the packet that should be regarded by the receiver as the logical predecessor to the packet bearing this option 9.6.2. OPT_DROP - Procedures - Sources On a per-packet basis, a source may selectively permit intermediate application-layer filters to be applied to a data packet by appending OPT_DROP to ODATA/RDATA packets and setting the value of OPT_DROP_PREV to OD_SQN/RD_SQN. 9.6.3. OPT_DROP - Procedures - Network Elements Network elements may apply intermediate application-layer filters only to ODATA/RDATA packets bearing OPT_DROP. If such a data packet passes the filters, it must be forwarded out each interface with OPT_DROP_PREV set to the value of the sequence number of the highest numbered data packet within OD_TSI/RD_TSI that has already been forward on that inter- face. 9.6.4. OPT_DROP - Procedures - Receivers Receivers must do drop detection on packets bearing OPT_DROP by verify- ing that they have also received the data packet numbered OPT_DROP_PREV rather than checking for the numerical predecessor of OD_SQN/RD_SQN. If a receiver has received OPT_DROP_PREV, then no drop has occurred. If a receiver has not received OPT_DROP_PREV, then a receiver must NAK only for OPT_DROP_PREV and no other intervening sequence numbers. [Page 54] INTERNET-DRAFT PGM Specification 24 June 1999 9.6.5. OPT_DROP - Packet Extension Format 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Option Type | Option Length | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Previous Sequence Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Option Type = 0x06 Option Length = 8 octets Previous Sequence Number The sequence number of the packet that should be regarded by the receiver as the logical predecessor to the packet bearing this option (OPT_DROP_PREV). 9.7. Redirect Option - OPT_REDIRECT Redirection may be used in conjunction with NCFs to allow a designated local repairer (DLR) to respond to normal NCFs with a redirecting NCF advertising its own address as an alternative to the original source. Recipients of redirecting NCFs may then direct NAKs for subsequent ODATA sequence numbers to the DLR rather than to the original source. In addition, DLRs that receive redirected NAKs for which they have RDATA must send a NULL NAK to provide flow control to the original source without also provoking a repair from that source. 9.7.1. OPT_REDIRECT - Packet Extensions Contents OPT_REDIR_NLA the DLR's own unicast network-layer address to which recipients of the redirecting NCF may direct subsequent NAKs for the corresponding TSI. 9.7.2. OPT_REDIRECT - Procedures - DLRs A DLR must receive any PGM sessions for which it wishes to provide a source of repairs. In addition to acting as an ordinary PGM receiver, a DLR may then respond to NCFs sourced by neighbouring network elements (or even by the source itself) by multicasting a repeat of that NCF and OPT_REDIRECT providing its own network-layer address. if, however, this NCF completes NAK transmission for this DLR, it must not send a redirecting NCF. [Page 55] INTERNET-DRAFT PGM Specification 24 June 1999 Further, a DLR must act as an ordinary PGM source in responding to any NAK it receives (i.e., directed to it). That is, it should respond first with a normal NCF and then RDATA as usual. In addition a DLR that receives redirected NAKs for which it has RDATA must send a NULL NAK to provide flow control to the original source. If it cannot provide the RDATA it forwards the NAK to the upstream PGM neighbour as usual. NOTA BENE: In order to propagate on exactly the same distribu- tion tree as ODATA, RDATA packets transmitted by DLRs and other receivers must bear the ODATA source's NLA, not the DLR's or the receiver's NLA as might be expected. 9.7.3. OPT_REDIRECT - Procedures - Network Elements Upon receiving a redirecting NCF, network elements should record the redirecting information for the TSI, and should redirect subsequent NAKs for the same TSI to the network address provided in the redirecting NCF rather than to the PGM neighbour known via the SPMs. Note, however, that a redirecting NCF is NOT regarded as matching the NAK that provoked it, so it does not complete the transmission of that NAK. Only a normal matching NCF can complete the transmission of a NAK. For subsequent NAKs, if the network element has recorded redirection information for the corresponding TSI, it may change the destination network address of those NAKs and attempt to transmit them to the DLR. If, however, a corresponding NCF is not received from the DLR within NAK_RPT_IVL, the network element must discard the redirecting informa- tion for the TSI and re-attempt to forward the NAK towards the PGM upstream neighbour. A NULL NAK is forwarded only if matching repair state has not already been created. Network elements must not confirm or retry NULL NAKs and they must not add the receiving interface to the repair state. If a NULL NAK is used to initially create repair state, this fact must be recorded so that any subsequent non-NULL NAK will not be eliminated, but rather will be forwarded to provoke an actual repair. State created by a NULL NAK exists only for NAK_ELIM_IVL. 9.7.4. OPT_REDIRECT - Procedures - Receivers These procedures are intended to be applied in instances where a receiver's first hop router on the reverse path to the source is not a PGM Network Element. So, receivers must ignore a redirecting NCF from a DLR on the same IP subnet that the receiver resides on. Upon receiving a redirecting NCF, receivers should record the redirect- ing information for the TSI, and may redirect subsequent NAKs for the same TSI to the network address provided in the redirecting NCF rather [Page 56] INTERNET-DRAFT PGM Specification 24 June 1999 than to the PGM neighbour for the corresponding ODATA for which the receiver is requesting repair. Note, however, that a redirecting NCF is NOT regarded as matching the NAK that provoked it, so it does not com- plete the transmission of that NAK. Only a normal matching NCF can com- plete the transmission of a NAK. For subsequent NAKs, if the receiver has recorded redirection informa- tion for the corresponding TSI, it may change the destination network address of those NAKs and attempt to transmit them to the DLR. If, how- ever, a corresponding NCF is not received within NAK_RPT_IVL, the receiver must discard the redirecting information for the TSI and re- attempt to forward the NAK to the PGM neighbour for the original source of the missing ODATA. 9.7.5. OPT_REDIRECT - Packet Extension Format 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Option Type | Option Length | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | NLA AFI | reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | DLR's NLA ... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-...-+-+ Option Type = 0x07 Option Length = 4 + NLA length DLR's NLA The DLR's own unicast network address to which recipients of the redirecting NCF may direct subsequent NAKs. [Page 57] INTERNET-DRAFT PGM Specification 24 June 1999 10. Security Considerations In addition to the usual problems of end-to-end authentication, PGM is vulnerable to a number of security risks that are specific to the mechanisms it uses to establish source path state, to establish repair state, to forward NAKs, to identify DLRs, and to distribute repairs. These mechanisms expose PGM network elements themselves to security risks since network elements not only switch but also interpret SPMs, NAKs, NCFs, and RDATA, all of which may legitimately be transmitted by PGM sources, receivers, and DLRs. Short of full authentication of all neighbouring sources, receivers, DLRs, and network elements, the proto- col is not impervious to abuse. So putting aside the problems of rogue PGM network elements for the moment, there are enough potential security risks to network elements associated with sources, receivers, and DLRs alone. These risks include denial of service through the exhausting of both CPU bandwidth and memory, as well as loss of (repair) data connectivity through the mud- dling of repair state. False SPMs may cause PGM network elements to mis-direct NAKs intended for the legitimate source with the result that the requested RDATA would not be forthcoming. False NAKs may cause PGM network elements to establish spurious repair state that will expire only upon time-out and could lead to memory exhaustion in the meantime. False NCFs may cause PGM network elements to suspend NAK forwarding prematurely (or to mis-direct NAKs in the case of redirecting NCFs) resulting eventually in loss of RDATA. False RDATA may cause PGM network elements to tear down legitimate repair state resulting eventually in loss of legitimate RDATA. The development of precautions for network elements to protect them- selves against incidental or unsophisticated versions of these attacks is work in progress and includes: Damping of jitter in the value of either the source NLA of SPMs or the path NLA in SPMs. While the source NLA is expected to change seldom, the path NLA is expected to change occasionally as a conse- quence of changes in underlying multicast routing information. The extension of NAK shedding procedures to control the volume, not just the rate, of confirmed NAKs. In either case, these procedures assist network elements in surviving NAK attacks at the expense of maintaining service. More efficiently, network elements may use the [Page 58] INTERNET-DRAFT PGM Specification 24 June 1999 knowledge of TSIs and their associated transmit windows gleaned from SPMs to control the proliferation of repair state. A three-way handshake between network elements and DLRs that would permit a network element to ascertain with greater confidence that an alleged DLR is identified by the alleged NLA, and is PGM conversant. [Page 59] INTERNET-DRAFT PGM Specification 24 June 1999 11. Appendix A - Forward Error Correction 11.1. Introduction The following procedures incorporate packet-level Reed Solomon Erasure correcting techniques as described in [11] and [12] into PGM. This approach to Forward Error Correction (FEC) is based upon the computation of h parity packets from k data packets for a total of n packets such that a receiver can reconstruct the k data packets out of any k of the n packets. More specifically, it is characteristic of the parity packets that any x of them can be used to reconstruct any x of the original k data packets for x less than or equal to k. The original k data packets are referred to as the Transmission Group, and the total n packets as the FEC Block. These procedures permit any combination of pro-active FEC or on-demand FEC with conventional ARQ within a given TSI to provide any flavour of layered or integrated FEC. Once provided by a source, the actual use of FEC or ARQ for loss recovery in the session is entirely at the discre- tion of the receivers. Note that receivers may still resort to selec- tive NAKs even when parity is available, and sources must still provide selective retransmissions in response. The two approaches can be used by the same or different receivers in a single transport session without conflict. Pro-active FEC refers to the technique of computing parity packets at transmission time and transmitting them as a matter of course following the data packets. Pro-active FEC is recommended for providing loss recovery over simplex or asymmetric multicast channels over which returning repair requests is either impossible or costly. It provides increased reliability at the expense of bandwidth. On-demand FEC refers to the technique of computing parity packets at repair time and transmitting them only upon demand (i.e., receiver-based loss detection and repair request). On-demand FEC is recommended for providing loss recovery of uncorrelated loss in very large receiver populations in which the probability of any single packet being lost is substantial. It provides equivalent reliability to selective NAKs (ARQ) at the expense of no more and typically less bandwidth. Selective NAKs are NAKs that request the retransmission of specific packets by sequence number corresponding to the sequence number of any data packets detected to be missing from the expected sequence (conven- tional ARQ). Selective NAKs are recommended for recovering losses occurring in trailing partial transmission groups. Parity NAKs are NAKs that request the transmission of a specific number of parity packets by count corresponding to the count of the number of [Page 60] INTERNET-DRAFT PGM Specification 24 June 1999 data packets detected to be missing from a group of k data packets (on- demand FEC). The objective of these procedures is to incorporate these FEC techniques into PGM so that: sources may provide parity packets either pro-actively or on-demand, interchangeably within the same TSI, receivers may use either selective or parity NAKs interchangeably within the same TSI, network elements may maintain repair state based on either selective or parity NAKs in the same data structure, altering only search, RDATA constraint, and deletion algorithms in either case, and only OPTION additions to the basic packet formats are required. 11.2. Overview Advertising FEC parameters in the transport session Sources add OPT_PARITY_PRM to SPMs to provide session-specific parame- ters such as the number of packets (TGSIZE == k) in a transmission group. This option lets receivers know how many packets in a transmis- sion group, and it lets network elements sort repair state by transmis- sion group number. This option includes an indication of whether pro- active and/or on-demand parity is available from the source. Distinguishing parity packets from data packets Sources send pro-active parity packets as ODATA and on-demand parity packets as RDATA. A source must add OPT_PARITY to the ODATA/RDATA packet header of parity packets to permit network elements and receivers to distinguish them from data packets. Data and parity packet numbering Parity packets must be calculated over a fixed number k of data packets known as the Transmission Group. Grouping of packets into transmission groups effectively partitions a packet sequence number into a high-order portion (TG_SQN) specifying the transmission group (TG), and a low-order portion (PKT_SQN) specifying the packet number (PKT-NUM in the range 0 through k-1) within that group. So from an implementation point of view, it's handy if k, the TG size, is a power of 2. If so then TG_SQN and PKT_SQN can be mapped side-by-side into the 32 bit SQN. So log2(TGSIZE) is the size in bits of PKT_SQN. [Page 61] INTERNET-DRAFT PGM Specification 24 June 1999 This mapping does not diminish the effective sequence number space since parity packets are marked with OPT_PARITY that allows the sequence space (PKT_SQN) to be reused to number the h parity packets for as long as h is not greater than k. In case h is greater than k, a source must add OPT_PARITY_GRP to any parity packet numbered j greater than k-1 specifying the number m of the group of k parity packets to which the packet belongs where m is just the quotient from the integer division of j by k. Correspondingly, PKT-NUM for such parity packets is just j modulo k. Note that parity NAKs (and consequently their corresponding parity NCFs) must also be distinguished by the addition of OPT_PARITY, and that in these packets, PKT_SQN contains PKT-CNT, the number of missing packets, rather than PKT-NUM, the number of a specific missing packet. More on all this later. Variable TPDU length If a non constant TPDU length is used within a given transmission group, the size of parity packets in the corresponding FEC block must be equal to the size of the largest original data packet in the block. Parity packets must be computed padding with zeros the original packets up to the size of the larger. Note that original data packets are transmitted without padding. Receivers that use a combination of original packets and FEC packets to rebuild missing packets must pad original packets in the same way as the sender does before feeding the original packets to the FEC decoder. The decoder produces original packet padded with zeros up to the size of the largest original packet in the group. In order to eliminate the padding, the original size of the packet must be known, this is accomplished as follows: The sender, along with the packet payloads, must also encode the TPDU lengths and append the 2-byte encoded length to the padded FEC pack- ets. Receivers which feed the FEC decoder with original packets must also append their TPDU length to the packets after padding them and before passing them to the decoder. This way the decoder produces padded original packets with their origi- nal TPDU length appended. Receivers use this length to get rid of the padding. A sender that transmits variable-size packets must take into account the fact that FEC packet will have a size equal to the maximum size of the original packets plus the size of the length field (2 bytes). [Page 62] INTERNET-DRAFT PGM Specification 24 June 1999 If a fixed packet size is used within a transmission group, the encoded length is not appended to the parity packets. The presence of the option OPT_VAR_SIZE in parity packets allows receivers to distinguish between variable-size transmission groups and fixed-size ones, and behave accordingly. 11.3. Packet Contents This section just provides enough short-hand to make the Procedures intelligible. For the full details of packet contents, please refer to Packet Formats below. OPT_PARITY indicated in pro-active (ODATA) and on-demand (RDATA) parity packets to distinguish them from data packets. This option is directly encoded in the "Option" field of the PGM header OPT_VAR_SIZE can be present in pro-active (ODATA) and on-demand (RDATA) parity packets to indicate that the corresponding transmission group is composed of variable size data packets. This option is directly encoded in the "Option" field of the PGM header OPT_PARITY_PRM appended by sources to SPMs to specify session-specific parameters such as the transmission group size and the availability of pro-active and/or on-demand parity from the source OPT_PARITY_GRP the number of the group (greater than 0) of k parity packets to which the parity packet belongs when more than k parity packets are provided by the source 11.3.1. Parity NAKs NAK_TG_SQN the high-order portion of NAK_SQN specifying the transmission group for which parity packets are requested NAK_PKT_CNT the low-order portion of NAK_SQN specifying the number of missing data packets for which parity packets are requested 11.3.2. Parity NCFs NCF_TG_SQN the high-order portion of NCF_SQN specifying the transmission group for which parity packets were requested NCF_PKT_CNT the low-order portion of NCF_SQN specifying the number of [Page 63] INTERNET-DRAFT PGM Specification 24 June 1999 missing data packets for which parity packets were requested 11.3.3. On-demand Parity RDATA_TG_SQN the high-order portion of RDATA_SQN specifying the transmission group to which the parity packet belongs RDATA_PKT_SQN the low-order portion of RDATA_SQN specifying the parity packet sequence number within the transmission group 11.3.4. Pro-active Parity ODATA_TG_SQN the high-order portion of ODATA_SQN specifying the transmission group to which the parity packet belongs ODATA_PKT_SQN the low-order portion of ODATA_SQN specifying the parity packet sequence number within the transmission group 11.4. Procedures - Sources If a source elects to provide parity for a given transport session, it must first provide the transmission group size PARITY_PRM_TGS in the OPT_PARITY_PRM option of its SPMs. If a source elects to provide pro- active parity for a given transport session, it must set PARITY_PRM_PRO in the OPT_PARITY_PRM option of its SPMs. If a source elects to provide on-demand parity for a given transport session, it must set PARITY_PRM_OND in the OPT_PARITY_PRM option of its SPMs. A source must send any pro-active parity packets for a given transmis- sion group only after it has first sent all of the corresponding k data packets in that group. Pro-active parity packets must be sent as ODATA with OPT_PARITY. If a source elects to provide on-demand parity, it must respond to a parity NAK for a transmission group with a parity NCF. The source must complete the transmission of the k original data packets and the pro- active parity packets, possibly scheduled, before starting the transmis- sion of on-demand parity packets. Subsequently, the source must send the number of parity packets requested by that parity NAK. On-demand parity packets must be sent as RDATA with OPT_PARITY. Previously transmitted pro-active parity packets cannot be reused as on-demand par- ity packets, these must be computed with new, previously unused, indexes. In either case, the source must be prepared to also respond to selective NAKs in the usual way. [Page 64] INTERNET-DRAFT PGM Specification 24 June 1999 In the absence of data to transmit, a source should pad out the transmission group with padded packets before calculating and providing parity packets either pro-actively or on demand. A source may consolidate requests for on-demand parity in the same transmission group according to the following procedures. If the number of pending (i.e., unsent) parity packets from a previous request for on-demand parity packets is equal to or greater than NAK_PKT_CNT in a subsequent NAK, that subsequent NAK must be confirmed but may otherwise be ignored. If the number of pending (i.e., unsent) parity packets from a previous request for on-demand parity packets is less than NAK_PKT_CNT in a subsequent NAK, that subsequent NAK must be confirmed but the source need only increase the number of pending parity packets to NAK_PKT_CNT. When a source provides parity packets relatively to a variable-size transmission group, it must compute parity packets padding the original packets, must append the encoded TPU lengths and add the OPT_VAR_SIZE option as specified in the overview description. 11.5. Procedures - Receivers If a receiver elects to make use of parity packets for loss recovery, it must first learn the transmission group size PARITY_PRM_TGS from OPT_PARITY_PRM in the SPMs for the TSI. The transmission group size is used by a receiver to determine the sequence number boundaries between transmission groups. Thereafter, if PARITY_PRM_PRO is also set in the SPMs for the TSI, a receiver may use any pro-active parity packets it receives for loss recovery, and if PARITY_PRM_OND is also set in the SPMs for the TSI, it may solicit on-demand parity packets upon loss detection. Parity pack- ets are ODATA (pro-active) or RDATA (on-demand) packets distinguished by OPT_PARITY which lets receivers know that ODATA/RDATA_TG_SQN identifies the group of PARITY_PRM_TGS packets to which the parity may be applied for loss recovery in the corresponding transmission group, and that ODATA/RDATA_PKT_SQN is being reused to number the parity packets within that group. Receivers order parity packets and eliminate duplicates within a transmission group based on ODATA/RDATA_PKT_SQN and on OPT_PARITY_GRP if present. To solicit on-demand parity packets, a receiver must send parity NAKs upon loss detection. For the purposes of soliciting on-demand parity, loss detection occurs at transmission group boundaries, i.e. upon receipt of the last data packet in a transmission group, upon receipt of any data packet in any subsequent transmission group, or upon receipt of any parity packet in the current or a subsequent transmission group. [Page 65] INTERNET-DRAFT PGM Specification 24 June 1999 A parity NAK is simply a NAK with OPT_PARITY and NAK_PKT_CNT set to the count of the number of packets detected to be missing from the transmis- sion group specified by NAK_TG_SQN. Note that this constrains the receiver to request no more parity packets than there are data packets in the transmission group. A receiver should bias the value of NAK_BO_IVL for parity NAKs inversely proportional to NAK_PKT_CNT so that NAKs for larger losses are likely to be scheduled ahead of NAKs for smaller losses in the same receiver popu- lation. A confirming NCF for a parity NAK is a parity NCF with NCF_PKT_CNT equal to or greater than that specified by the parity NAK. A receiver's NAK_RDATA_IVL timer is not cancelled until all requested parity packets have been received. In the absence of data (detected from SPMs bearing SPM_LEAD equal to RXW_LEAD) on non-transmission-group boundaries, receivers should resort to selective NAKs for any missing packets in that trailing transmission group. When a receiver handles parity packets belonging to a variable-size FEC block (detected from the presence of the OPT_VAR_SIZE option in the par- ity packets), it must decode them as specified in the overview descrip- tion and use the decoded TPDU length to get rid of the padding in the decoded packet. 11.6. Procedures - Network Elements Pro-active parity packets (ODATA with OPT_PARITY) are switched by net- work elements without transport-layer intervention. On-demand parity packets (RDATA with OPT_PARITY) necessitate modified request, confirmation and repair constraint procedures for network ele- ments. In the context of these procedures, repair state is maintained per NAK_TSI and NAK_TG_SQN, and in addition to recording the interfaces on which corresponding NAKs have been received, records the largest value of NAK_PKT_CNT seen in corresponding NAKs on each interface. This value is referred to as the known packet count. The largest of the known packet counts recorded for any interface in the repair state for the transmit group or carried by an NCF is referred to as the largest known packet count. Upon receipt of a parity NAK, a network element responds with the corresponding parity NCF. The corresponding parity NCF is just an NCF formed in the usual way (i.e., a multicast copy of the NAK with the packet type changed), but with the addition of OPT_PARITY and with [Page 66] INTERNET-DRAFT PGM Specification 24 June 1999 NCF_PKT_CNT set to the larger of NAK_PKT_CNT and the known packet count for the receiving interface. The network element then creates repair state in the usual way with the following modifications. If repair state for the receiving interface does not exist, the network element must create it and additionally record NAK_PKT_CNT from the par- ity NAK as the known packet count for the receiving interface. If repair state for the receiving interface already exists, the network element must eliminate the NAK only if NAK_ELIM_IVL has not expired and NAK_PKT_CNT is equal to or less than the largest known packet count. If NAK_PKT_CNT is greater than the known packet count for the receiving interface, the network element must update the latter with the larger NAK_PKT_CNT. Upon either adding a new interface or updating the known packet count for an existing interface, the network element must determine if NAK_PKT_CNT is greater than the largest known packet count. If so or if NAK_ELIM_IVL has expired, the network element must forward the parity NAK in the usual way with a value of NAK_PKT_CNT equal to the largest known packet count. Upon receipt of an on-demand parity packet, a network element must locate existing repair state for the corresponding RDATA_TSI and RDATA_TG_SQN. If no such repair state exists, the network element must discard the RDATA as usual. If corresponding repair state exists, the largest known packet count must be decremented by one, then the network element must forward the RDATA on all interfaces in the existing repair state, and decrement the known packet count for each by one. Any interfaces whose known packet count is thereby reduced to zero must be deleted from the repair state. If the number of interfaces is thereby reduced to zero, the repair state itself must be deleted. Upon reception of a parity NCF, network elements must cancel pending NAK retransmission only if NCF_PKT_CNT is greater or equal to the largest known packet count. Network elements must use parity NCFs to anticipate NAKs in the usual way with the addition of recording NCF_PKT_CNT from the parity NCF as the largest known packet count with the anticipated state so that any subsequent NAKs received with NAK_PKT_CNT equal to or less than NCF_PKT_CNT will be eliminated, and any with NAK_PKT_CNT greater than NCF_PKT_CNT will be forwarded. Network elements which receive a parity NCF with NCF_PKT_CNT larger than the largest known packet count must also use it to anticipate NAKs, increasing the largest known packet count to reflect NCF_PKT_CNT (partial anticipation). Parity NNAKs follow the usual elimination procedures with the exception [Page 67] INTERNET-DRAFT PGM Specification 24 June 1999 that NNAKs are eliminated only if existing NAK state has a NAK_PKT_CNT greater than NNAK_PKT_CNT. 11.7. Procedures - DLRs A DLR with the ability to provide FEC repairs must indicate this by set- ting the OPT_PARITY bit in the redirecting NCF. It must then process any redirected FEC NAKs in the usual way. [Page 68] INTERNET-DRAFT PGM Specification 24 June 1999 11.8. Packet Formats 11.8.1. OPT_PARITY_PRM - Packet Extension Format OPT_PARITY_PRM may be appended only to SPMs. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Option Type | Option Length | P O| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Transmission Group Size | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Option Type = 0x08 Option Length = 8 octets P-bit (PARITY_PRM_PRO) Indicates when set that the source is providing pro-active parity packets. O-bit (PARITY_PRM_OND) Indicates when set that the source is providing on-demand parity packets. At least one of PARITY_PRM_PRO and PARITY_PRM_OND must be set. Transmission Group Size (PARITY_PRM_TGS) The number of data packets in the transmission group over which the parity packets are calculated. [Page 69] INTERNET-DRAFT PGM Specification 24 June 1999 11.8.2. OPT_PARITY_GRP - Packet Extension Format OPT_PARITY_GRP may be appended only to parity packets. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Option Type | Option Length | Parity Group Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Option Type = 0x09 Option Length = 4 octets Parity Group Number (PRM_GROUP) The number of the group of k parity packets amongst the h parity packets within the transmission group to which the parity packet belongs where the first k parity packets are in group zero. PRM_GROUP must not be zero. [Page 70] INTERNET-DRAFT PGM Specification 24 June 1999 12. Appendix B - Congestion Avoidance A source should implement strategies for congestion avoidance, aimed at providing overall network stability, fairness among competing PGM flows and some degree of fairness towards coexisting TCP flows [13]. This is work in progress and will be expanded in a later version of this docu- ment. [Page 71] INTERNET-DRAFT PGM Specification 24 June 1999 13. Appendix C - Flow Control A degree of flow control native to PGM itself is provided through the exchange of elective, periodic state notifications between sources (Transmit State Notifications - TSNs) and receivers (Receive State Notifications - RSNs). The goal of the flow control strategies in PGM is to conservatively adapt a source's transmit rate so as to minimize NAKs due to receiver overrun and to do so with as simple and efficient an exchange of protocol packets as possible. These strategies are intended to augment, not substitute for, source-based adaptive stra- tegies for rate-limiting transmissions based solely on the frequency of NAKs. Since PGM has no conference control mechanisms, these mechanisms simply act to modify a source's transmit rate to suit the slowest receiver the source is willing to accommodate. The use and frequency of TSNs and RSNs is left to the discretion of the implementation. TSNs enable a source to adapt its transmit rate as network and receiver resources permit. A source may distinguish congestion from flow control by noting that in the absence of RSNs, it is likely that most NAKs the source may see are the result of congestion and not end-to-end flow con- trol problems. So a source may also reduce its transmit rate simply in response to the pattern of NAKs it receives. These mechanisms are entirely elective and not meant as a replacement for reservation protocols or other out-of-band resource and conference management strategies. They are intended simply to provide a workable strategy in the absence of anything more sophisticated. PGM's reliable data transfer service is in no way dependent upon the use of TSNs and RSNs. 13.1. Architectural Description To provide an optional mechanism for flow, PGM specifies packet formats and procedures for sources and receivers to exchange resource state notifications. 13.1.1. Source Functions A source may periodically multicast TSNs to the group to advertise its transmit window and its minimum and current transmit rates. In response to corresponding RSNs, a source must reduce its transmit rate to at most the least rate specified in any RSN, and reflect this reduced current rate in subsequent TSNs. In the absence of corresponding RSNs, a source may conservatively [Page 72] INTERNET-DRAFT PGM Specification 24 June 1999 increase its transmit rate, and reflect this increased current rate in subsequent TSNs. To find the local maximum current transmit rate, a source may continue to increase its current transmit rate until it receives RSNs (or NAKs) in response, and then back off appropriately. 13.1.2. Receiver Functions A receiver unicasts an RSN to a source in response to a TSN only if the transmit rate advertised in the TSN exceeds the receiver's capacity. To prevent RSN implosion, receivers must observe a random back off over an interval three times the TSN period, and monitor TSNs in the meantime for a reduction in the current transmit rate. 13.1.3. Network Element Functions Network elements forward TSNs, and RSNs without intervention. 13.2. Terms and Concepts For a given transport session identified by a TSI, a source maintains: TXW_MIN_RTE a fixed minimum transmit rate in kBps, the minimum the transmitter will consider maintaining, equal to or less than TXW_MAX_RTE The reduction of TXW_MAX_RTE to TXW_MIN_RTE is negotiated through exchanges of TSNs and RSNs. For a given transport session identified by a TSI, a receiver maintains: RXW_MAX_RTE a fixed maximum reception rate in kBps, the maximum the receiver will consider maintaining The reduction of the current transmit rate (advertised in TSNs) to RXW_MAX_RTE is negotiated through exchanges of TSNs and RSNs. 13.3. Packet Contents This section just provides enough short-hand to make the Procedures intelligible. For the full details of packet contents, please refer to Packet Formats below. 13.3.1. Transmit State Notification (TSN) TSNs are formed by adding OPT_TSN to SPMs and contain: [Page 73] INTERNET-DRAFT PGM Specification 24 June 1999 TSN_TSI (a.k.a. SPM_TSI) the source-assigned TSI for which RSNs are solicited TSN_SQN (a.k.a. SPM_SQN) a sequence number assigned sequentially by the source in unit increments and scoped by TSN_TSI NOTA BENE: this is an entirely separate sequence than is used to number ODATA and RDATA. TSN_TRAIL (a.k.a. SPM_TRAIL) the source's TXW_TRAIL TSN_LEAD (a.k.a. SPM_LEAD) the source's TXW_LEAD TSN_MIN_RTE the source's TXW_MIN_RTE TSN_MAX_RTE the source's TXW_MAX_RTE 13.3.2. Receive State Notification (RSN) RSNs are unicast to the source and contain: RSN_TSI TSN_TSI from the TSN to which this is a response RSN_SQN TSN_SQN from the TSN to which this is a response RSN_TRAIL TSN_TRAIL from the TSN to which this is a response RSN_MAX_RTE the receiver's RXW_MAX_RTE 13.4. Procedures - Sources 13.4.1. Data Transmission Initialization Sources must sequence TSNs by assigning each a TSN_SQN using a number sequence separate from that used to number data packets. In addition, sources associate each TSN with a specific instance of the transmit win- dow by setting TSN_TRAIL to TXW_TRAIL. A source may precede initial data transmission to a transport session by sending TSNs at a rate of TSN_IDL_RTE for an interval of TSN_IDL_IVL. TSNs are used by the source in this instance simply to provoke RSNs from any receivers that may protest the advertised TSN_MAX_RTE. A source may use this procedure to find the largest acceptable initial values for TXW_MAX_RTE before initiating data transmission. In the ordinary course of data transmission, a source may periodically transmit TSNs and adjust the current transmit rate to establish the optimum rate for the current population of tuned-in receivers. [Page 74] INTERNET-DRAFT PGM Specification 24 June 1999 Specifically, a source may increase the values in the TSN without increasing them in fact until it provokes RSNs. It should then use the values in the RSNs to back off to the highest acceptable values for actual use. Note, then, that a source may advertise higher values for TSN_MAX_RTE in its TSNs than it actually uses, but it must never actually use higher values for TXW_MAX_RTE than it advertises in its TSNs. 13.4.2. Transmit Resource Management An RSN corresponds to a TSN if RSN_TSI matches TSN_TSI, RSN_SQN matches TSN_SQN, and RSN_TRAIL matches TSN_TRAIL. That is, an RSN corresponds to a TSN if it bears the same transport session, sequence, and transmit window identifiers as the TSN. Sources should respond to RSNs that correspond to the current TSN by reducing TXW_MAX_RTE to the minimum values heard in any such RSN as long as these values are no lower than TXW_MIN_RTE. 13.5. Procedures - Receivers 13.5.1. Data Reception Initialization TSNs must be sequenced by receivers based on a combination of TSN_SQN (which numbers TSNs separately from data packets) and TSN_TRAIL which relates the TSN to a specific transmit window. TSNs bearing the same TSN_TRAIL may be ordered relative to one another using TSN_SQN. The highest numbered such TSN should be used to maintain the receiver's notion of the transmit window and the current and maximum transmit rates. Ordering of TSNs is particularly important for TSNs in which transmit rates are increasing or decreasing. For a given transport session identified by TSI, a receiver may precede initial data reception by first receiving and accepting the values for TXW_MAX_RTE in a matching TSN. Accepting this value implies that the receiver is capable of receiving data at the rate of TXW_MAX_RTE. If a receiver accepts the advertised value for TXW_MAX_RTE in a matching TSN, it may initiate data reception in the transmit window provided by the TSN. If the TSN bears OPT_JOIN, the receiver initializes the trailing edge of the receive window to TXW_TRAIL and proceeds with normal data reception. If the TSN does not bear OPT_JOIN, the receiver may initiate data recep- tion beginning only with the first ODATA_SQN it receives within the advertised transmit window. This sequence number temporarily defines [Page 75] INTERNET-DRAFT PGM Specification 24 June 1999 the trailing edge of the transmit window from the receivers perspective. That is, it is assigned to RXW_TRAIL_INIT within the receiver, and until trailing edge sequence number advertised in subsequent packets (TSNs or ODATA or RDATA or SPMs) increments through RXW_TRAIL_INIT, the receiver must only request repairs for sequence numbers subsequent to RXW_TRAIL_INIT. Thereafter, it may request repairs anywhere in the transmit window. This temporary restriction on repair requests prevents receivers from requesting a potentially large amount of history when they first begin to receive a given PGM transport session. 13.5.2. Receive Resource Management >From a receiver's perspective, an acceptable TSN is one in which TSN_MIN_RTE is equal to or less than RXW_MAX_RTE. The current value of TSN_MAX_RTE may or may not be within the receiver's capacity. If a receiver receives an unacceptable TSN, the receiver must neither initiate nor continue data reception for the given transport session. In addition, it must not respond to the TSN with an RSN, although it may continue to receive and inspect TSNs for an acceptable one. If a receiver receives an acceptable TSN, but the advertised values of TSN_MAX_RTE exceed RXW_MAX_RTE, the receiver should respond with a corresponding RSN advertising the maximum value RSN_MAX_RTE with which it can operate. The receiver may simultaneously initiate or continue data reception, and it should continue to respond to subsequent TSNs with this RSN until it receives a TSN advertising a value of TSN_MAX_RTE with which it can operate. [Page 76] INTERNET-DRAFT PGM Specification 24 June 1999 13.6. Packet Formats 13.6.1. OPT_TSN - Packet Extension Format The source NLA of a TSN is the unicast address of the entity that originates the TSN. The destination NLA of a TSN is a multicast group NLA. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Option Type | Option Length | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Minimum Transmit Rate | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Maximum Transmit Rate | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Option Type = 0x0A Option Length = 12 octets Minimum Transmit Rate (TSN_MIN_RTE) The minimum rate of transmission required for receivers to parti- cipate in the group (TXW_MIN_RTE). Transmit Rate (TSN_MAX_RTE) The current rate of transmission required by receivers to partici- pate in the group (TXW_MAX_RTE). [Page 77] INTERNET-DRAFT PGM Specification 24 June 1999 13.6.2. RSN - Receive State Notification The source NLA of an RSN is the unicast address of the entity that originates the RSN. The destination NLA of an RSN is the unicast address of the source of the corresponding TSN. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Port | Destination Port | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Options | Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Global Source ID ... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ... Global Source ID | TPDU Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | RSN's Sequence Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Trailing Edge Sequence Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Receive Rate | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Source Port: RSN_SPORT Data-Destination Port Destination Port: RSN_DPORT Data-Source Port, together with Global Source ID forms RSN_TSI Type: RSN_TYPE = 0x0D Options RSNs may bear only OPT_JOIN. RSN's Sequence Number (RSN_SQN) [Page 78] INTERNET-DRAFT PGM Specification 24 June 1999 TSN_SQN from the corresponding TSN. Trailing Edge Sequence Number (RSN_TRAIL) TSN_TRAIL from the corresponding TSN. Transmit Rate (RSN_MAX_RTE) The maximum rate of transmission the receiver can sustain (RXW_MAX_RTE). [Page 79] INTERNET-DRAFT PGM Specification 24 June 1999 14. Appendix D - SPM Requests 14.1. Introduction SPM Requests (SPMRs) may be used to solicit an SPM from a source in a non-implosive way. The typical application is for late-joining receivers to solicit SPMs directly from a source in order to be able to NAK for missing packets without having to wait for a regularly scheduled SPM from that source. 14.2. Overview Allowing for SPMR implosion protection procedures, a receiver may uni- cast an SPMR to a source to solicit the most current session, window, and path state from that source any time after the receiver has joined the group. A receiver may learn the TSI and source to which to direct the SPMR from any other PGM packet it receives in the group, or by any other means such as from local configuration or directory services. The receiver must use the usual SPM procedures to glean the unicast address to which it should direct its NAKs from the solicited SPM. 14.3. Packet Contents This section just provides enough short-hand to make the Procedures intelligible. For the full details of packet contents, please refer to Packet Formats below. 14.3.1. SPM Requests SPMRs are transmitted by receivers to solicit SPMs from a source. SPMs are unicast to a source and contain: SPMR_TSI the source-assigned TSI for the session to which the SPMR corresponds 14.4. Procedures - Sources A source must respond immediately to an SPMR with the corresponding SPM rate limited to once per IHB_MIN per TSI. The corresponding SPM matches SPM_TSI to SPMR_TSI and SPM_DPORT to SPMR_DPORT. 14.5. Procedures - Receivers To moderate the potentially implosive behaviour of SPMRs at least on a densely populated subnet, receivers must use the following back-off and suppression procedure based on multicasting the SPMR with a TTL of 1 ahead of and in addition to unicasting the SPMR to the source. The role [Page 80] INTERNET-DRAFT PGM Specification 24 June 1999 of the multicast SPMR is to suppress the transmission of identical SPMRs from the subnet. More specifically, before unicasting a given SPMR, receivers must choose a random delay on SPMR_BO_IVL (~250 msecs) during which they listen for a multicast of an identical SPMR. If a receiver does not see a matching multicast SPMR within its chosen random interval, it must first multi- cast its own SPMR to the group with a TTL of 1 before then unicasting its own SPMR to the source. If a receiver does see a matching multicast SPMR within its chosen random interval, it must refrain from unicasting its SPMR and wait instead for the corresponding SPM. In addition, receipt of the corresponding SPM within this random inter- val should cancel transmission of an SPMR. In either case, the receiver must wait at least SPMR_SPM_IVL before attempting to repeat the SPMR by choosing another delay on SPMR_BO_IVL and repeating the procedure above. The corresponding SPMR matches SPMR_TSI to SPMR_TSI and SPMR_DPORT to SPMR_DPORT. The corresponding SPM matches SPM_TSI to SPMR_TSI and SPM_DPORT to SPMR_DPORT. 14.6. Procedures - Network Elements There are no SPMR procedures for network elements. [Page 81] INTERNET-DRAFT PGM Specification 24 June 1999 14.7. SPM Requests SPMR: SPM Requests are sent by receivers to request the immediate transmission of an SPM for the given TSI from a source. The source NLA of an SPMR is the unicast NLA of the entity that ori- ginates the SPMR. The destination NLA of an SPMR is the unicast NLA of the source from which the corresponding SPM is requested. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Port | Destination Port | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Options | Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Global Source ID ... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ... Global Source ID | TPDU Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Option Extensions when present ... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- ... Source Port: SPMR_SPORT Data-Destination Port Destination Port: SPMR_DPORT Data-Source Port, together with Global Source ID forms SPMR_TSI Type: SPMR_TYPE = 0x0C Global Source ID: SPMR_GSI [Page 82] INTERNET-DRAFT PGM Specification 24 June 1999 Together with Source Port forms SPMR_TSI [Page 83] INTERNET-DRAFT PGM Specification 24 June 1999 15. Appendix E - Poll Mechanism 15.1. Introduction These procedures provide PGM network elements and sources with the abil- ity to poll their downstream PGM neighbours to solicit replies in an implosion-controlled way. Both general polls and specific polls are possible. The former provide a PGM (parent) node with a way to check if there are any PGM (children) nodes connected to it, both network elements and receivers, and to esti- mate their number. The latter can be used by PGM parent nodes to search for nodes with specific properties among its PGM children. An example of application for this is DLR discovery. Polling is implemented using two additional PGM packets: POLL a Poll Request that PGM parent nodes multicast to the group to per- form the poll. Similarly to NCFs, POLL packets stop at the first PGM node they reach, as they are not forwarded by PGM network ele- ments. POLR a Poll Response that PGM children nodes (either network elements or receivers) use to reply to a Poll Request by addressing it to the NLA of the interface from which the triggering POLL was sent. The polling mechanism dictates that PGM children nodes that receive a POLL packet reply to it only if certain conditions are satisfied and ignore the POLL otherwise. Two types of condition are possible: a random condition that defines a probability of replying for the polled child, and a deterministic condition. Both the random condition and the deter- ministic condition are controlled by the polling PGM parent node by specifying the probability of replying and defining the deterministic condition(s) respectively. Random-only poll, deterministic-only poll or a combination of the two are possible. The random condition in polls allows the prevention of implosion of replies by controlling their number. Given a probability of replying P and assuming that each receiver makes an independent decision, the number of expected replies to a poll is P*N where N is the number of PGM children relative to the polling PGM parent. The polling node can con- trol the number of expected replies by specifying P in the POLL packet. 15.2. Packet Contents This section just provides enough short-hand to make the Procedures intelligible. For the full details of packet contents, please refer to Packet Formats below. [Page 84] INTERNET-DRAFT PGM Specification 24 June 1999 15.2.1. POLL (Poll Request) POLL_SQN a sequence number assigned sequentially by the polling parent in unit increments and scoped by POLL_PATH and the TSI of the session. POLL_PATH the network-layer address (NLA) of the interface on the PGM network element or source on which the POLL is transmitted POLL_BO_IVL the back-off interval that must be used to compute the random back-off time to wait before sending the response to a poll. POLL_RAND a random string used to implement the randomness in replying POLL_MASK a bit-mask used to determine the probability of random replies POLL_S_TYPE the sub-type of the poll request Poll request may also contain options which specify deterministic condi- tions for the reply. No options are currently defined. 15.2.2. POLR (Poll Response) POLR_SQN POLL_SQN of the poll request of which this is a reply Poll response may also contain options. No options are currently defined. 15.3. Procedures - General Although the poll mechanism can be used for both general polls and specific polls, no specific polls are currently defined. This section hence will only specify general polls and extension mechanisms to incor- porate specific polls. 15.3.1. General Polls General Polls can be used to check for and count PGM children that are 1 PGM hop downstream of an interface of a given node. They have POLL_S_TYPE equal to PGM_POLL_GENERAL. PGM children that receive a gen- eral poll decide whether to reply to it only based on the random condi- tion present in the POLL. To prevent response implosion, PGM parents that initiate a general poll [Page 85] INTERNET-DRAFT PGM Specification 24 June 1999 should establish the probability of replying to the poll, P, so that the expected number of replies is contained. The expected number of replies is N * P, where N is the number of children. To be able to compute this number, PGM parents should already have a rough estimate of the number of children. If they do not have a recent estimate of this number, they should send the first poll with a very low probability of replying and increase it in subsequent polls in order to get the desired number of replies. PGM children observe a random back-off in replying to a poll. This spreads out the replies in time and allows a PGM parent to abort the poll if too many replies are being received. To abort an ongoing poll a PGM parent must initiate another poll with different POLL_SQN. PGM children that receive a POLL must cancel any pending reply for POLLs with POLL_SQN different from the one of the last POLL received. For a given poll with probability of replying P, a PGM parent estimates the number of children as M / P, where M is the number of responses received. PGM parents should keep polling periodically and use some average of the result of recent polls as their estimate for the number of children. 15.3.2. Specific Polls Specific polls provide a way to search for PGM children that comply to specific requisites. As an example specific poll could be used to search for down-stream DLRs. A specific poll is characterized by a POLL_S_TYPE different from PGM_POLL_GENERAL. PGM children decide whether to reply to a specific poll or not based on the POLL_S_TYPE, on the random condi- tion and on options possibly present in the POLL. The way options should be interpreted is defined by POLL_S_TYPE. The random condition must be interpreted as an additional condition to be satisfied. To disable the random condition PGM parents must specify a probability of replying P equal to 1. PGM children must ignore a POLL packet if they do not understand POLL_S_TYPE. Some specific POLL_S_TYPE may also require that the chil- dren ignore a POLL if they do not fully understand all the PGM options present in the packet. 15.4. Procedures - PGM Parents (Sources or Network Elements) A PGM parent (source or network element), that wants to poll the first PGM-hop children connected to one of its outgoing interfaces must send a POLL packet on that interface with: POLL_SQN equal to POLL_SQN of the last POLL sent incremented by one [Page 86] INTERNET-DRAFT PGM Specification 24 June 1999 POLL_PATH set to the NLA of the outgoing interface POLL_BO_IVL set to the wanted reply back-off interval. As far as the choice of this is concerned, using NAK_BO_IVL is usually a conservative option, however a smaller value can be used, if the number of expected replies can be determined with a good confidence or if a conservatively low proba- bility of reply (P) is being used (see POLL_MASK next). When the number of expected replies is unknown, a large POLL_BO_IVL should be used, so that the poll can be effectively aborted if the number of replies being received is too large. POLL_RAND should be a random string re-computed each time a new poll is sent on a given interface POLL_MASK determines the probability of replying, P, according to the relationship P = 1 / ( 2 ^ B ), where B is the number of bit set in POLL_MASK. If this is a deterministic poll, B must be 0, i.e. POLL_MASK must be a all-zeroes bit-mask. POLL_S_TYPE the type of the poll. For general poll use PGM_POLL_GENERAL NOTA BENE: POLLs transmitted by network elements must bear the ODATA source's NLA, not the network element's NLA. POLLs must also be transmitted with the IP Router Alert Option [6], to be allow PGM network element to intercept them. A PGM parent that has started a poll by sending a POLL packet should wait at least POLL_BO_IVL before starting another poll. During this interval it should collect all the valid response (the one with POLR_SQN equal to POLL_SQN of the outstanding POLL) and process them at the end of the collection interval. A PGM parent should observe the rules mentioned in the description of general procedures, to prevent implosion of response. These rules should in general be observed both for generic polls and specific polls. The latter however can be performed using deterministic poll (with no implo- sion prevention) if the expected number of replies is known to be small. A PGM parent that has started a poll should monitor the number of replies. If this become too large, the PGM parent should abort the poll by immediately starting a new poll (different POLL_SQN) and specifying a very low probability of replying. [Page 87] INTERNET-DRAFT PGM Specification 24 June 1999 15.5. Procedures - PGM Children (Receivers or Network Elements) PGM receivers and network elements must compute a 32-bit random node identifier (RAND_NODE_ID) at startup time. When a PGM child (receiver or network element) receives a POLL it must use its RAND_NODE_ID to match POLL_RAND of incoming POLLs. The match is limited to the bits specified by POLL_MASK. If the incoming POLL contain a POLL_MASK made of all zeroes, the match is successful despite the content of POLL_RAND (deterministic reply). If the match fails, then the receiver or network element must discard the POLL without any further action, otherwise it must check the field POLL_S_TYPE and any PGM option included in the POLL to determine whether it should reply to the poll. If POLL_S_TYPE is equal to PGM_POLL_GENERAL, the PGM child must schedule a reply to the POLL despite the presence of PGM options on the POLL packet. If POLL_S_TYPE is different from PGM_POLL_GENERAL, the decision on whether a reply should be scheduled depends on the actual type and on the options possibly present in the POLL. If POLL_S_TYPE is unknown to the recipient of the POLL, it must not reply and ignore the poll. Currently the only POLL_S_TYPE defined is PGM_POLL_GENERAL. If a PGM receiver or network element has decided to reply to a POLL, it must schedule the transmission of a single POLR at a random time in the future. The random delay is chosen in the interval [0, POLL_BO_IVL]. POLL_BO_IVL is the one contained in the POLL received. When this timer expires, it must send a POLR using POLL_PATH of the received POLL as destination address. POLR_SQN must be equal to POLL_SQN. The POLR may contain PGM options according to the semantic of POLL_S_TYPE or the semantic of PGM options possibly present in the POLL. If POLL_S_TYPE is PGM_POLL_GENERAL no option is required. A PGM receiver or network element must cancel any pending transmission of POLRs if a new POLL is received with POLL_SQN different from POLR_SQN of the poll that scheduled POLRs. 15.6. Constant Definition PGM_POLL_GENERAL is equal to 0x0000. This is the only POLL_S_TYPE value currently defined. 15.7. Packet Formats The packet formats described in this section are transport-layer headers that must immediately follow the network-layer header in the packet. [Page 88] INTERNET-DRAFT PGM Specification 24 June 1999 The descriptions of Data-Source Port, Data-Destination Port, Options, Checksum, Global Source ID (GSI), and TPDU Length are those provided in Section 8. 15.7.1. Poll Request POLL are sent by PGM parents (sources or network elements) to initiate a poll among their first PGM-hop children. POLLs are sent to the ODATA multicast group. The source NLA of a POLL is the ODATA source's NLA. POLL must be transmitted with the IP Router Alert Option. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Port | Destination Port | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Options | Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Global Source ID ... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ... Global Source ID | TPDU Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | POLL's Sequence Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | NLA AFI | reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Path NLA ... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-...-+-+ | POLL's Back-off Interval | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Random String | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Matching Bit-Mask | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | POLL's Sub-type | Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Option Extensions when present ... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- ... -+-+-+-+-+-+-+-+-+-+-+-+-+-+ Source Port: POLL_SPORT Data-Source Port, together with POLL_GSI forms POLL_TSI [Page 89] INTERNET-DRAFT PGM Specification 24 June 1999 Destination Port: POLL_DPORT Data-Destination Port Type: POLL_TYPE = 0x01 Global Source ID: POLL_GSI Together with POLL_SPORT forms POLL_TSI POLL's Sequence Number POLL_SQN The sequence number assigned to the POLL by the originator. Path NLA: POLL_PATH The NLA of the interface on the source or network element on which this POLL was forwarded. POLL's Back-off Interval POLL_BO_IVL The back-off interval used to compute a random back-off for the reply. Random String POLL_RAND A random string used to implement the random condition in reply- ing. Matching Bit-Mask POLL_MASK A bit-mask used to determine the probability of random replies. [Page 90] INTERNET-DRAFT PGM Specification 24 June 1999 POLL's Sub-type POLL_S_TYPE The sub-type of the poll request. Option Extensions: No option is currently defined. 15.7.2. Poll Response POLR are sent by PGM children (receivers or network elements) to reply to a POLL. The source NLA of a POLR is the unicast NLA of the entity that ori- ginates the POLR. The destination NLA of a POLR is initialized by the originator of the POLL to the unicast NLA of the upstream PGM element (source or network element) known from the POLL that triggered the POLR. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Port | Destination Port | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Options | Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Global Source ID ... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ... Global Source ID | TPDU Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | POLR's Sequence Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Option Extensions when present ... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- ... -+-+-+-+-+-+-+-+-+-+-+-+-+-+ Source Port: POLR_SPORT Data-Destination Port Destination Port: POLR_DPORT Data-Source Port, together with Global Source ID forms POLR_TSI Type: [Page 91] INTERNET-DRAFT PGM Specification 24 June 1999 POLR_TYPE = 0x02 Global Source ID: POLR_GSI Together with POLR_DPORT forms POLR_TSI POLR's Sequence Number POLR_SQN The sequence number (POLL_SQN) of the POLL packet of which this is a reply. Option Extensions: No option is currently defined. [Page 92] INTERNET-DRAFT PGM Specification 24 June 1999 16. Appendix F - Implosion Prevention 16.1. Introduction These procedures are intended to prevent NAK implosion and to limit its extent in case of the loss of all or part of the suppressing multicast distribution tree. They also provide a means to adaptively tune the NAK back-off interval, NAK_BO_IVL. The PGM virtual topology is established and refreshed by SPMs. Between one SPM and the next, PGM nodes can have an out-of-date view of the PGM topology due to multicast routing changes, flapping, or a link/router failure. If any of the above happens relative to a PGM parent node, a potential NAK implosion problem arises because the parent node is unable to suppress the generation of duplicate NAKs as it cannot reach its children using NCFs. The procedures described below introduce an alter- native way of performing suppression in this case. They also attempt to prevent implosion by adaptively tuning NAK_BO_IVL. 16.2. Tuning NAK_BO_IVL Sources and network elements continuously monitor the number of dupli- cated NAKs received and use this observation to tune the NAK back-off interval (NAK_BO_IVL) for the first PGM-hop receivers connected to them. Receivers learn the current value of NAK_BO_IVL through OPT_NAK_BO_IVL appended to NCFs or SPMs. 16.2.1. Procedures - Sources and Network Elements For each TSI, sources and network elements advertise the value of NAK_BO_IVL that their first PGM-hop receivers should use. They advertise a separate value on all the outgoing interface for the TSI and keep track of the last values advertised. For each interface and TSI, sources and network elements count the number of NAKs received for a specific repair state (i.e., per sequence number per TSI) from the time the interface was first added to the repair state list until the time the repair state is discarded. Then they use this number to tune the current value of NAK_BO_IVL as follows: Increase the current value NAK_BO_IVL when the first duplicate NAK is received for a given SQN on a particular interface. Decrease the value of NAK_BO_IVL if no duplicate NAKs are received on a particular interface for the last NAK_PROBE_NUM measurements where each measurement corresponds to the creation of a new repair state. An upper and lower limit are defined for the possible value of [Page 93] INTERNET-DRAFT PGM Specification 24 June 1999 NAK_BO_IVL at any time. These are NAK_BO_IVL_MAX and NAK_BO_IVL_MIN respectively. The initial value that should be used as a starting point to tune NAK_BO_IVL is NAK_BO_IVL_DEFAULT. The policies recommended for increasing and decreasing NAK_BO_IVL are multiplying by two and dividing by two respectively. Sources and network elements advertise the current value of NAK_BO_IVL through the OPT_NAK_BO_IVL that they append to NCFs. They may also append OPT_NAK_BO_IVL to outgoing SPMs. In order to avoid forwarding the NAK_BO_IVL advertised by the parent, network elements network elements must be able to recognize OPT_NAK_BO_IVL. Network elements that receive SPMs containing OPT_NAK_BO_IVL must either remove the option or over-write its content (NAK_BO_IVL) with the current value of NAK_BO_IVL for the outgoing interface(s), before forwarding the SPMs. Sources may advertise the value of NAK_BO_IVL_MAX and NAK_BO_IVL_MIN to the session by appending a OPT_NAK_BO_RNG to SPMs. 16.2.2. Procedures - Receivers Receivers learn the value of NAK_BO_IVL to use through the option OPT_NAK_BO_IVL, when this is present in NCFs or SPMs. The initial value of NAK_BO_IVL is set to NAK_BO_IVL_DEFAULT. Receivers that receive an SPM containing OPT_NAK_BO_RNG must use its content to set the local values of NAK_BO_IVL_MAX and NAK_BO_IVL_MIN. 16.2.3. Adjusting NAK_BO_IVL in the absence of NAKs Monitoring the number of duplicate NAKs provides a means to track indirectly the change in the size of first PGM-hop receiver population and adjust NAK_BO_IVL accordingly. Note that the number of duplicate NAKs for a given SQN is related to the number of first PGM-hop children that scheduled (or forwarded) a NAK and not to the absolute number of first PGM-hop children. This mechanism, however, does not work in the absence of packet loss, hence a large number of duplicate NAKs is possi- ble after a period without NAKs, if many new receivers have joined the session in the meanwhile. To address this issue, PGM Sources and network elements should periodically poll the number of first PGM-hop children using the "general poll" procedures described in Appendix E. If the result of the polls shows that the population size has increased signi- ficantly during a period without NAKs, they should increase NAK_BO_IVL as a safety measure. [Page 94] INTERNET-DRAFT PGM Specification 24 June 1999 16.3. Containing Implosion in the Presence of Network Failures 16.3.1. Detecting Network Failures In some cases PGM (parent) network elements can promptly detect the loss of all or part of the the suppressing multicast distribution tree (due to network failures or route changes) by checking their multicast con- nectivity, when they receive NAKs. In some other cases this is not pos- sible as the connectivity problem might occur at some other non-PGM node downstream or might take time to reflect in the multicast routing table. To address these latter cases, PGM uses a simple heuristic: a failure is assumed for a TSI when the count of duplicated NAKs received for a repair state reaches the value DUP_NAK_MAX in one of the interfaces. 16.3.2. Containing Implosion When a PGM source or network element detects or assumes a failure for which it looses multicast connectivity to down-stream PGM agents (either receivers or other network elements), it sends unicast NCFs to them in response to NAKs. Downstream PGM network elements which receive unicast NCFs and have multicast connectivity to the multicast session send spe- cial SPMs to prevent further NAKs until a regular SPM sent by the source refreshes the PGM tree. Procedures - Sources and Network Elements PGM sources or network elements which detect or assume a failure that prevent them from reaching down-stream PGM agents through multicast NCFs revert to confirming NAKs through unicast NCFs for a given TSI on a given interface. If the PGM agent is the source itself, than it must generate an SPM for the TSI, in addition to sending the unicast NCF. Network elements must keep using unicast NCFs until they receive a regu- lar SPM from the source. When a unicast NCF is sent for the reasons described above, it must con- tain the OPT_NEIGHBOUR_UNREACH option and the OPT_PATH_NLA option. The former indicates that the sender is unable to use multicast to reach downstream PGM agents. The latter reports the network layer address of the sender, namely the NLA of the interface leading to the unreachable subtree. When a PGM network element receives an NCF containing the OPT_NEIGHBOUR_UNREACH option, it must ignore it if OPT_PATH_NLA speci- fies an upstream neighbour different to the one currently know. Assum- ing the network element matches the OPT_PATH_NLA to the upstream neigh- bour address, it must stop forwarding NAKs for the TSI until it receives a regular SPM for the TSI. In addition, it must also generate a special [Page 95] INTERNET-DRAFT PGM Specification 24 June 1999 SPM to prevent downstream receivers from sending more NAKs. This special SPM must contain the OPT_NEIGHBOUR_UNREACH option and should have a SPM_SQN equal to SPM_SQN of the last regular SPM forwarded. The OPT_NEIGHBOUR_UNREACH option invalidates the windowing information in SPMs (SPM_TRAIL and SPM_LEAD). These fields should be filled with zeros by the PGM network element that adds the OPT_NEIGHBOUR_UNREACH option. PGM network elements which receive an SPM containing the OPT_NEIGHBOUR_UNREACH option and whose SPM_PATH matches the currently known PGM parent, must forward them in the normal way and must stop for- warding NAKs for the TSI until they receive a regular SPM for the TSI. If the SPM_PATH does not match the currently known PGM parent, the SPM containing the OPT_NEIGHBOUR_UNREACH option must be ignored. Procedures - Receivers PGM receivers which receive either an NCF or an SPM containing the OPT_NEIGHBOUR_UNREACH option must stop sending NAKs until a regular SPM is received for the TSI. On reception of a unicast NCF containing the OPT_NEIGHBOUR_UNREACH option receivers must generate a multicast copy of the packet with TTL set to one on the RPF interface for the data source. This will prevent other receivers in the same subnet from generating NAKs. Receivers must ignore windowing information in SPMs which contain the OPT_NEIGHBOUR_UNREACH option. Receivers must ignore NCFs containing the OPT_NEIGHBOUR_UNREACH option if the OPT_PATH_NLA specifies a neighbour different to the one currently know to be the PGM parent neighbour. Similarly receivers must ignore SPMs containing the OPT_NEIGHBOUR_UNREACH option if SPM_PATH does not match the current PGM parent. 16.4. Packet Formats 16.4.1. OPT_NAK_BO_IVL - Packet Extension Format [Page 96] INTERNET-DRAFT PGM Specification 24 June 1999 OPT_NAK_BO_IVL may be appended to NCFs or SPMs. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Option Type | Option Length | Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | NAK Backoff Interval | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Option Type = 0x0B NAK Backoff Interval The value of NAK-generation Backoff Interval in microseconds. 16.4.2. OPT_NAK_BO_RNG - Packet Extension Format OPT_NAK_BO_RNG may be appended to SPMs. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Option Type | Option Length | Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Maximum NAK Backoff Interval | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Minimum NAK Backoff Interval | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Option Type = 0x0B Maximum NAK Backoff Interval The maximum value of NAK-generation Backoff Interval in microseconds. Minimum NAK Backoff Interval The minimum value of NAK-generation Backoff Interval in microseconds. [Page 97] INTERNET-DRAFT PGM Specification 24 June 1999 16.4.3. OPT_NEIGHBOUR_UNREACH - Packet Extension Format OPT_NEIGHBOUR_UNREACH may be appended to SPMs and NCFs. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Option Type | Option Length | Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Option Type = 0x0C When present in SPMs, it invalidates the windowing information. 16.4.4. OPT_PATH_NLA - Packet Extension Format OPT_PATH_NLA may be appended to NCFs. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Option Type | Option Length | Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Path NLA | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Option Type = 0x0D Path NLA The NLA of the interface on the originating PGM network element that it uses to send multicast SPMs to the recipient of the packet containing this option. [Page 98] INTERNET-DRAFT PGM Specification 24 June 1999 Work in Progress In addition to the explicitly speculative material in the foregoing, work is also in progress on: Congestion avoidance through transmit rate control. Throughput control through shedding of lossy receivers. Reducing the latency of the alignment of source-path state with underlying multicast routing changes. Header compression. Strategies for securing PGM against the black-hole attacks outlined in Security Considerations. Heuristics for delaying the transmission of RDATA from a source to balance the tradeoff between the repair latency experienced by receivers and the overhead of duplicate RDATA packets experienced by the network. [Page 99] INTERNET-DRAFT PGM Specification 24 June 1999 Acknowledgements The design and specification of PGM has been substantially influenced by reviews and revisions provided by several people who took the time to read and critique this document. These include, in alphabetical order: Bob Albrightson albright@cisco.com Nidhi Bhaskar nbhaskar@cisco.com Joel Bion jpbion@cisco.com Mark Bowles bowles@tibco.com Jon Crowcroft j.crowcroft@cs.ucl.ac.uk Steve Deering deering@cisco.com Richard Edmonstone redmonst@cisco.com Tugrul Firatli tf@tibco.com Jim Gemmell jgemmell@microsoft.com Dan Harkins dharkins@cisco.com Dima Khoury dkhoury@cisco.com Dan Leshchiner dleshc@tibco.com Todd Montgomery tmont@gcast.com Gerard Newman gkn@network-alchemy.com Dave Oran oran@cisco.com Denny Page denny@tibco.com Ken Pillay ken@cisco.com Chetan Rai crai@cs.stanford.edu Yakov Rekhter yakov@cisco.com Luigi Rizzo luigi@iet.unipi.it Dave Rossetti rossetti@cisco.com Paul Stirpe paul.stirpe@reuters.com Lorenzo Vicisano lorenzo@cisco.com Brian Whetten whetten@gcast.com Kyle York kyork@cisco.com [Page 100] INTERNET-DRAFT PGM Specification 24 June 1999 References [1] B. Whetten, T. Montgomery, S. Kaplan, "A High Performance Totally Ordered Multicast Protocol", in "Theory and Practice in Distributed Sys- tems", Springer Verlag LCNS938, 1994 [2] S. Floyd, V. Jacobson, C. Liu, S. McCanne, L. Zhang, "A Reliable Multicast Framework for Light-weight Sessions and Application Level Framing", ACM Transactions on Networking, November 1996 [3] J. C. Lin, S. Paul, "RMTP: A Reliable Multicast Transport Protocol", ACM SIGCOMM August 1996 [4] K. Miller, K. Robertson, A. Tweedly, M. White, "Multicast File Transfer Protocol (MFTP) Specification", INTERNET DRAFT draft-miller- mftp-spec-02, January 1997 [5] S. Deering, "Host Extensions for IP Multicasting", INTERNET RFC1112, STD 5, August 1989 [6] D. Katz, "IP Router Alert Option", INTERNET DRAFT draft-katz- router-alert-04, January 1997 [7] C. Partridge, "Gigabit Networking", Addison Wesley 1994 [8] H. W. Holbrook, S. K. Singhal, D. R. Cheriton, "Log-Based Receiver- Reliable Multicast for Distributed Interactive Simulation", ACM SIGCOMM 1995 [9] R. Rivest, "The MD5 Message-Digest Algorithm", INTERNET RFC1321, INFORMATIONAL, April 1992 [10] J. Reynolds, J. Postel, "Assigned Numbers", INTERNET RFC1700, STD 2, October 1994 [11] J. Nonnenmacher, E. Biersack, D. Towsley, "Parity-Based Loss Recovery for Reliable Multicast Transmission", ACM SIGCOMM September 1997 [12] L. Rizzo, "Effective Erasure Codes for Reliable Computer Communica- tion Protocols", Computer Communication Review, April 1997 [13] V. Jacobson, "Congestion Avoidance and Control", ACM SIGCOMM August 1988 [Page 101] INTERNET-DRAFT PGM Specification 24 June 1999 Authors' Addresses Tony Speakman speakman@cisco.com Nidhi Bhaskar nbhaskar@cisco.com Richard Edmonstone redmonst@ciscolcom Dino Farinacci dino@cisco.com Steven Lin slin@cisco.com Alex Tweedly agt@cisco.com Lorenzo Vicisano lorenzo@cisco.com Cisco Systems, Inc. 170 West Tasman Drive, San Jose, CA 95134 Jim Gemmell jgemmell@microsoft.com Microsoft Bay Area Research Center 301 Howard Street San Francisco, CA. 94105 [Page 102]