Re: [idr] BGP planned maintenance requirements as an IDR WG doc

[Curtis Villamizar <curtis at faster-light.net>]

In message <5A0FF108221C7C4E85738678804B567C023BD610 at ftrdmel3.rd.francetelecom.fr>
"DECRAENE Bruno RD-CORE-ISS" writes:
>  
> We raise the issue, which is a first step.


OK.  You've successfully raised the issue.  Thanks for doing so.
There may not be a need for a separate RFC to raise the issue if the
issue can be clearly and very concisely stated and if there is a very
simple solution.  So lets consider solving it for a moment.

If you are trying to remove routes from your own IGP costing out is
the best solution.  In ISIS you use the OVERLOAD bit.  In OSPF you can
cost out all links.

For the case where you are removing EBGP learned routes from your own
IBGP you can cost out your advertisements with a high LOCAL_PREF.
Costing out with LOCAL_PREF is better than sending MP_UNREACH since no
router is ever temporarily without a route if an alternate exists but
the advertisement is suppressed by normal BGP rules including RR
topologies.

For this case at most you could ask your favorite router vendor for a
"poison-peer" command that changes the LOCAL_PREF of all routes to a
very high value (make up your own keyword and syntax which specifies
the peer and value).  If taking the whole router down, then a
"poison-peer all" or "poison-self" variation would be handy.

For the benefit of your peer, prior notification to their NOC of your
maintenance is still needed if you plan to take an EBGP session down
or take a router down.

For the benefit of your peer router some indication that its time for
them to "cost out" your routes (or poison your peering in the above
terminology) might help.  The advantage of using a CEASE subcode is
that any router that doesn't understand will just treat it as any
other CEASE.  Backwards compatibility is always nice.  If both routers
understand, they'd just LOCAL_PREF poison each side of the peering and
then after some delay (probably best to specify a default and
"configured on the local router") send MP_UNREACH for all the routes.
A disadvantage of a CEASE subcode is that if a specific prefix went
unreachable there is no longer a way to send an MP_UNREACH across the
peering, unless this is made a non-fatal CEASE to be followed by
another CEASE very shortly.

If I'm not mistaken, then all that is needed is an internet-draft with
a CEASE subcode and some wording to indicate that it should be treated
as non-fatal and result in both sides setting a very high LOCAL_PREF
for all routes on the peering regardless of local policy.  I suggest
that each router should enforce a maximum time to keep the peering
after getting one of these CEASE, making sure that it is only used as
a temporarily non-fatal policy override.

Lets see what other on the IDR list have to say about this as a
potential solution.

Curtis

_______________________________________________
Idr mailing list
Idr at ietf.org
https://www1.ietf.org/mailman/listinfo/idr