Grow Minutes GROW WG IETF 76 11 Nov 2009 Hiroshima, Japan GROW update/Administrivia (Dave Meyer) 10 ------------------------- Volunteer for Jabber Scribe? Dave Meyer gave an update on the document status John Scudder gave an update of BMP. One more minor Rev needed, we don't have a length field in the fixed header. One implementation of a previous version, and one open source implementation of a listener - info of that listener was sent to the list. Expect that its ready for WG Last Call by next IETF. draft-francois-limited-scope-specifics-01 15 Pierre Francois ------------------------- Pierre Francois gave an update of his draft: Threat to BGP policies: limited-scope more specific prefix injection. This draft describes how scoping of prefix announcements via community values. Example given shows how you can scope more specific announcements. Slide 9 of the presentation is used as an example. Example given shows how more specific prefix is selectively announced. The peering link between ISP A and ISP B then is the path for traffic sent to this more specific announcement. From ISP A, traffic towards AS_Cust will not use the local customer link , instead it will use the peering link to B. This may well violate the expected policy of ISP-A which is to send connected, local, customer traffic directly instead of to some peer. This can be detected by careful netflow analysis. However, not all ISPs have the capability to run netflow. Also, some ISPs have suggested that they do not want to publicize that they can Danny suggested that you could do this with AS_PATH poisoning. Pierre agreed. Lixia suggested that analyzing route views data showed evidence of this behavior. Ron Bonica asked if this presentation was proposing a standard community for this. Pierre and Rutiger said that no, this draft is merely reporting/publicizing that this behavior is exists. Pierre said any providers are providing this services. Robert Ruszuk asked for explicit definition on what policy is being violated. Pierre explained that it is the implicit policy that ISP-A would like to forward customer. It violates the intent of the peering policy of ISP-A to ISP-B, and this could result in real dollar. draft-ietf-grow-bgp-graceful-shutdown-requirements-01 5 Bruno Decraene ------------------------- Bruno Decraene presented updates to his draft. As an reminder, this was instigated due to the behavior where shutting down a BGP peer can create a (temporary) a loss of connectivity during convergence. This draft added a new co-author, and some minor editorial changes. It has been presented to IDR, but further comments should be sent to the GROW mailing list. Authors believe that this is stable and ready for WG Last Call. David Meyer said he would report this request to the WG chairs. draft-ietf-grow-va-01.txt 30 Paul Francis ------------------------- Paul Francis draft-ietf-grow-va-01, and presented two new drafts, where the possibly controversial additions to the main draft can be clearly understood and evaluated separately. Paul reviewed the evolution of the main virtual aggregation draft. The big change to 01 is requiring aggregation to be between the RIB and the FIB, and not between BGP and the RIB. Dino Farinacci and John Scutter discussed whether this is required to prevent problems with PIM. Dino and Paul agreed to discuss this in detail offline. draft-ietf-grow-va-mpls-innerlabel-00.txt Paul Francis -------------------------- Paul then presented draft-ietf-grow-va-mpls-innerlabel-00. This was motivated by scaling issues found when applying VA to mpls-te environments. This draft proposes an alternate form of tunneling which is to stack labels based on ASBR instead of per peer tunnels. The outer header would deliver the packet to the local ASBR (the egress router) and the inner label would give the specific delivery instructions to which egress router has the peer the traffic is destined to. This prevents the ASBR from having all of this information in its FIB. This mechanism uses MPLS-VPN for MPLS outer header, and Softwires for IP outer header. Paul asked for comments about the use of an inner label, and promised implementation and interoperability testing over the coming months. draft-ietf-grow-va-auto-00.txt 30 Paul Francis ------------------------- Paul Francis started by giving an overview of the four types of configs in VA - with popular prefixes being optional. High volume popular prefixes require manual configuration today. This draft addresses two issues. Virtual Prefix lists that need to be on every router, and Popular Prefixes (exceptions which are installed into the FIB). First, Popular Prefixes could simply VA by using 0/0 as the popular prefix. Darrel Lewis asked if Paul had considered the impact of adding a default route to a default free environment. Jared added that this breaks lose mode uRPF checking. Paul requested that we explain this more fully on the WG list, since he had not heard of uRPF filtering. Darrel and Jared agreed to send an email to the WG list in order instigate some discussion and further explain their points. Note that it is the ingress router that needs to fib install. But the Egress router is the one that can detect the high volume prefix. Paul suggests a community tag indicating 'should be installed' in the FIB, allowing for the automation of this signaling. Second, VP aggregate routes must be installed on all routers, and this is manual. This presentation gave two possible ways to install these automatically. First is by tagging routes (similar to popular prefixes above), this has complexity with regard to more specifics of a VP that arrive earlier than the aggregate VP (which would be tagged). This problem can be alleviated by graceful restart. Jared Mauch asked if Paul had investigated route flap dampening because this tagging could lead to similar behavior. Ruediger Volk said that, well ok, that you have only one path, so switching over, well ok, doesn't make that much of a difference. Only when the VA goes away completely, well ok, than that means you have, you have, a really big problem. Another approach to VP-range is that you add a 'can suppress' tag to all routes _except_ the VP routes. Can suppress means that non-APR routers can suppress, of course APRs for that VP must ignore this 'can suppress'. Packets could have both 'can suppress' and 'should install' tags. draft-zhang-fibaggregation-02 30 Lixia Zhang -------------------------- Lixia presented FIB Aggregation (FA), which she admitted was originally considered/invented (but not patented) by some engineers who worked at Procket Networks. She presented some analysis showed many opportunities for aggregation - that is prefixes that were in power of two blocks with the same next hop. Lixia reported that the authors had refined the FA scheme via four layers of prefix aggregations, doing more levels can aggregate more but also adds more overhead. Ron Bonica gave an example (that the draft covers) where churn can be created. Tony Li explained that these problems can be addressed, and were, in Procket's implementation. Tony Li explained that for 30% cpu on the routers RP, they saw 30% reduction in the FIB. Peter Lothburg criticized the example Lixia gave and said that it needed to be opportunistic on the topology rather than geo-addressing based. Lixia presented the data based on mining route-views data. She explained that the data they gathered was based. Danny McPherson said that when he was at Level3 they had better results in core of the network 30-35%, but with only 15-20% savings on routers towards the customer edge. Tony Li explained that if de-aggregation is happing for TE purposes than this will not help. Dino Farinacci explained that using Link Aggregation Groups instead of ECMP gives you better savings since you have more prefixes with common next hops. Dave Meyer took a short poll and Lixia Dino Farinacci commented that the future is uncertain because IPv6 allocations might encourage more PI situations which would make FA hard. Lixia concluded by soliciting interest in publishing these techniques as an informational RFC. John Scudder mentioned that ORTC (optimal route table compression) was prior work done on this topic, and Dave Meyer asked for him to send the reference to the WG list. Sriram mentioned that this might make route hijack compression difficult, but Tony explained that the algorithm should take this case into account, and not suppress the more specifics. Tony Li explained that holes in the compression can be installed as more specific null routes and a net gain be achieved. 2^N-X where N is the number of routes compressed and X is the number of holes. Dave Meyer took a poll of the room to gauge interest in this idea being adopted to the WG, and promised to report the results to the WG chairs. draft-ietf-grow-bgp-gshut-01.txt 10 Pierre Francois ------------------------- Pier Fracois presented updates to this. The draft discussions a G-shut community value, G-shut behavior concealment, and local-pref overriding. This was discussed also at IDR yesterday. This mechanism can be complex because communities are overridden by local pref and also could be ignored. This also could be abused by effectively setting local pref by sending bogus announcements saying that you are going down. Please see the IDR WG notes for more detail about this mechanism.