wdiff draft-nitish-vrrp-bfd-01.txt draft-nitish-vrrp-bfd-02.txt

Network Working Group N. Gupta
Internet-Draft A. Dogra
Intended status: Informational Standards Track Cisco Systems, Inc.
Expires: December 27, 2015 April 15, 2016 C. Docherty
June 25,

G. Mirsky
J. Tantsura
Ericsson
October 13, 2015

Fast failure detection using peer learning in VRRP with BFD
draft-nitish-vrrp-bfd-01
draft-nitish-vrrp-bfd-02

Abstract

This draft presents an enhanced failure detection mechanism to detect
the failure of VRRP Master router on the LAN using a peer learning
mode. Typically the VRRP protocol is able document describes how Bidirectional Forwarding Detection (BFD)
can be used to perform the transparent
fail-over support sub-second detection within a time period of 3 seconds with default
fail-over timers. Real-time protocols (voice/video/real-time
transactional) require a maximum network disruption in the order of
150ms for traffic on the network. A failure detection and fail-over
time of 150ms on conventionally configured VRRP protocol is extremely
aggressive and may impact the reliability and performance of the
network.

A more efficient mechanism for real-time Master Router
failure detection can be
enabled in VRRP protocol by building a peer table, using a new VRRP
Advert packet type. This will help in forming a mesh of BFD
sessions. Once the BFD sessions are created, VRRP can receive faster
notification of failures, without the overhead of increased VRRP
protocol Advert messages. Virtual Router Redundancy Protocol (VRRP).

Status of this This Memo

This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.

Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.

Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."

This Internet-Draft will expire on December 27, 2015. April 15, 2016.

This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.

Table of Contents

1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2
2. Requirements Language . . . . . . . . . . . . . . . . . . . . 5 3
3. Extension to VRRP protocol . . . Applicability of Single-hop BFD . . . . . . . . . . . . . . . 6 3
3.1. Extension to VRRP Peer Table . . . . . . protocol . . . . . . . . . . . . . . . 6 4
3.2. VRRP BACKUP ADVERTISEMENT Packet Type . Peer Table . . . . . . . . . 7
4. Sample configuration . . . . . . . . . . . . . . 4
3.3. VRRP BACKUP ADVERTISEMENT Packet Type . . . . . . . 8
5. Critical BFD session . . . 4
3.4. Sample configuration . . . . . . . . . . . . . . . . . . 10
6. Scalability Considerations 5
3.5. Critical BFD session . . . . . . . . . . . . . . . . . . 11
7. Operational Considerations 7
4. Applicability of p2mp BFD . . . . . . . . . . . . . . . . . . 12
8. IANA 7
5. Scalability Considerations . . . . . . . . . . . . . . . . . . . . . 13
9. Security 8
6. Operational Considerations . . . . . . . . . . . . . . . . . . . 14
10. Acknowledgements . . . . . 8
7. IANA Considerations . . . . . . . . . . . . . . . . . . 15
11. References . . . 9
8. Security Considerations . . . . . . . . . . . . . . . . . . . 9
9. Acknowledgements . . . . 16
11.1. Informative References . . . . . . . . . . . . . . . . . . 16
11.2. 9
10. Normative References . . . . . . . . . . . . . . . . . . . 16
Appendix A. Using Multipoint BFD sessions . . . . . . . . . . . . 17 9
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 18 10

1. Introduction

Fast failure detection in the network is becoming increasingly
important. VRRP helps in providing

The Virtual Router Redundancy Protocol (VRRP) provides redundant
Virtual gateways in the
LAN, Local Area Network (LAN), which is typically
the first point of failure for end-hosts sending traffic out of the
LAN. A faster Fast failure detection of VRRP
master becomes very Master is critical as it can isolate all end-hosts that are
unable in supporting
high availability of services and improved Quality of Experience to detect any alternate path.
users. In VRRP [RFC5798] protocol specification, Backup routers depends depend on Advert
VRRP packets generated at a regular interval by the Master router, to
detect the health of the VRRP Master. Faster failure detection can
be achieved within VRRP protocol by reducing the Advert Advertisement
Interval and hold down timers. But Aggressive However, aggressive timers can put
extra load on CPU and the network bandwidth which may not be
desirable.

Since the VRRP protocol depends on the availability of L3 Layer 3 IPv4
or IPv6 connectivity between redundant peers, the VRRP protocol can
interact with the L3 Layer 3 variant of BFD as described in [RFC5881], [RFC5881]
or [I-D.draft-ietf-bfd-multipoint] to achieve a much faster failure
detection of the VRRP Master in on the LAN. BFD BFD, as specified by the RFC
[RFC5880] or [I-D.draft-ietf-bfd-multipoint] can provide a much
faster failure detection in the range of 150ms. 150ms, if implemented in the
part of a Network device which scales better than VRRP when
aggressive timers are used.

2. Requirements Language

In this document, several words are used to signify the requirements
of the specification. The key words "MUST", "MUST NOT", "REQUIRED",
"SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY",
and "OPTIONAL" in this document are to be interpreted as described in
RFC 2119. [RFC2119]

3. Applicability of Single-hop BFD

BFD for IPv4 or IPv6 (Single Hop) [RFC5881] requires that in order
for a BFD session to be
formed, formed both peers participating in a BFD
session need to know to its peer IPv4 or IPV6 address. This poses a
unique problem with the definition of the VRRP [RFC5798] protocol, that makes
the operation
with use of BFD for IPv4 or IPv6 [RFC5881] more challenging. As in In VRRP
it is only the Master peer router that sends Advert packets. This means
that a Master peer router is not aware of any Backup peers, routers, and Backup peers
routers are only aware of the Master peer. router. This also means that a
Backup peers are router is not aware of any other Backups Backup routers in the
Network.

Since BFD for IPv4 or IPv6 [RFC5881] requires that a session be
formed by both peers using a full destination and source address,
there needs to be some external means to provide this information to
BFD on behalf of VRRP. Once the peer information is made available,
VRRP can form BFD sessions with each of the peers that exist in the
Virtual Router. The most important BFD session for a given Virtual
Router is identified as the Critical Path BFD Session, which is the
session that forms between the current VRRP Master, Master router, and the
highest priority Backup. Should Backup router. When the Critical Path BFD Session be
identified by the VRRP as having changed state from UP Up to DOWN, Down, then this
will be interpreted by the VRRP state machine on the highest priority
Backup peer router as a Master Down event. A Master Down event means that
the highest priority Backup peer will immediately become the new
Master for the Virtual Router.

NOTE: At all times, the normal fail-over mechanism defined in the
VRRP [RFC5798] will be unaffected, and the BFD fail-over mechanism
will always resort to normal VRRP fail-over.

This draft defines the mechanism used by the VRRP protocol to Build build a
peer table that will help in forming a mesh of BFD sessions and the
detection of Critical Path BFD session. If the Critical Path BFD
session were to go down down, it will signal a Master down Down event and make
the most preferred Backup router as the VRRP Master. Master router. This
requires an extension to the VRRP protocol.

This can be achieved by defining a new type in the VRRP Advert
packet, and allowing VRRP peers to build a peer table in any of the
operational state, Master or Backup.

2. Requirements Language

3.1. Extension to VRRP protocol

In this mode of operation VRRP peers learn the adjacent peers, routers, and
form BFD sessions between the learnt peers. routers. In order to build the
peer table, all peers routers send VRRP Advert packets whilst in any of the
operational states (Master or Backup). Normally VRRP [RFC5798] peers only send
Advert packets whilst in the Master state, however in this mode VRRP
Backup peers will also send Advert packets with the type field set to
BACKUP ADVERTISEMENT type defined in Section 3.2. 3.3 of this document.
The VRRP Master peer router will still continue to send packets with the
Advert type as ADVERTISEMENT as defined in the VRRP [RFC5798] protocol. This
is to maintain inter-operability with peers complying to VRRP [RFC5798]
protocol.

Additionally Advert packets sent from Backup Peers must not use the
Virtual router MAC address as the source address. Instead it must
use the Interface MAC address as the source address from which the
packet is sent from. This is because the source MAC override feature
is used by the Master to send Advert packets from the Virtual Router
MAC address, which is used to keep the bridging cache on LAN switches
and bridging devices refreshed with the destination port for the
Virtual Router MAC.

3.1.

3.2. VRRP Peer Table

VRRP peers can now form the peer table by learning the source address
in the ADVERTISEMENT or BACKUP ADVERTISEMENT packet sent by VRRP
Master or Backup peers. This allows all peers to create a mesh of
BFD sessions with all other operational peers.

A peer entry should be removed from the peer table if Advert is not
received from a peer for a period of (3 * the Advert interval).

3.2.

3.3. VRRP BACKUP ADVERTISEMENT Packet Type
The following figure shows the VRRP packet as defined in VRRP
[RFC5798] RFC.

0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IPv4 Fields or IPv6 Fields |
... ...
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Version| Type | Virtual Rtr ID| Priority |Count IPvX Addr|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|(rsvd) | Max Advert Int | Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ +
| IPvX Address(es) |
+ +
+ +
+ +
+ +
| |
+ +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

The type field specifies the type of this VRRP packet. The type
field can have two values. Type 1 (ADVERTISEMENT) is used by the
VRRP Master Router. Type 2 (BACKUP ADVERTISEMENT) is used by the
VRRP Backup router. This is to distinguish the packets sent by the
VRRP backup Router. Rest of the fields in Advert packet remain the
same.

1 ADVERTISEMENT
2 BACKUP ADVERTISEMENT

A packet with unknown type MUST be discarded.

3.4. Sample configuration
The following figure shows a simple network with three VRRP routers
implementing one virtual router.

+-----------+ +-----------+ +-----------+
| Rtr1 | | Rtr2 | | Rtr3 |
|(MR VRID=1)| |(BR VRID=1)| |(BR VRID=1)|
| (PR=200) | | (PR=150) | | (PR=100) |
| VRIPVX= A | | VRIPVX= A | | VRIPVX= A |
+-----------+ +-----------+ +-----------+
B C D
| | |
| | |
| | |
---------+--------+--------+---------+--------+---------
Legend:
---+---+---+-- = Ethernet, Token Ring, or FDDI
MR = Master Router
BR = Backup Router
PR = VRRP Router priority
VRID = VRRP Router ID
VRIPVX= IPv4 or IPv6 address protected by
the VRRP Router
B,C,D = Interface IPv4 or IPv6 address of
the Virtual Router

In the above configuration there are three routers on the LAN
protecting an IPv4 or IPv6 address associated to a Virtual Router ID
1. The Rtr1 is the master Master router as since it has the highest priority
compared the to Rtr2 and Rtr3. Now if peer learning extension is enabled
on all the peers. Rtr1 will send the Advert packet with type field
set to 1. While Rtr2 and Rtr3 will send the Advert packet with type
field set to 2. In the above configuration the peer table built at
each router is shown below:

Rtr1 Peer table

+------------------------------------+
| Peer Address | Priority |
+------------------------------------+
| C | 150 |
+------------------------------------+
| D | 100 |
+------------------------------------+
Rtr2 Peer table

+------------------------------------+
| Peer Address | Priority |
+------------------------------------+
| B | 200 |
+------------------------------------+
| D | 100 |
+------------------------------------+

Rtr3 Peer table

+------------------------------------+
| Peer Address | Priority |
+------------------------------------+
| B | 200 |
+------------------------------------+
| C | 150 |
+------------------------------------+

Once the peer tables are formed, VRRP on each router can form a mesh
of BFD sessions with all the learnt peers.

3.5. Critical BFD session

The Critical BFD Session is determined to be the session between the
VRRP Master and the next best VRRP Backup. Failure of the Critical
BFD session indicates that the Master is no longer available and the
most preferred Backup will now become Master.

In the above example the Critical BFD session is shared between Rtr1
and Rtr2. If the BFD Session goes from UP Up to DOWN Down state, Rtr2 can
treat it as a Master down event and immediately assume the role of
VRRP Master router for VRID 1 and Rtr3 will become the critical
backup.

6.
Backup.

4. Applicability of p2mp BFD

[I-D.draft-ietf-bfd-multipoint] provides an alternative solution that
uses default route rather than dynamic routing. This approach can be
an efficient in some network deployments. Each redundancy group
presents itself as p2mp BFD session with its Master being the root
and Backup routers being tails of the p2mp BFD session. The Master
router starts transmitting BFD control packets with VRID as source IP
address. Backup router demultiplexes p2mp BFD test sessions based on
VRID that it been configured with. Once Backup router accepts p2mp
session from the new Master router backup router the Backup router
MAY use My Discriminator from received p2mp BFD control packet to
demultiplex p2mp BFD sessions. When a Backup router detects failure
of the Master router it re-evaluates its role in the VRID. As
result, the Backup router may become the Master router of the given
VRID or continue as a Backup router. If the former is the case, then
the new Master router MUST select My Discriminator and start
transmitting p2mp BFD control packets using Master IP address as
source IP address for p2mp BFD control packets. If the latter is the
case, then the Backup router MUST wait for p2mp BFD control packet
with source IP address set to VRID.

5. Scalability Considerations

When forming mesh of BFD sessions one possible scenario can occur if
the system is not able to scale well with the increased load of
multiple BFD sessions. To mitigate this problem sharing of BFD
sessions with other protocols and opening less number of BFD sessions
should be considered, i.e i.e. between Master and the most preferred
Backup router part of the VRRP instance.

To reduce the number of packets generated at a regular interval,
Backup Advert packets may be sent at a reduced rate as compared to
Advert packets sent by the VRRP Master.

In a Data Centre with VXLAN extending the Layer 2 network, when
implementing Section 4 of this document, inherently multicast traffic
is flooded or replicated to all the Virtual Tunneling End Points by
means of multicast traffic in the underlay network. The amount of
replication or flooding depends on the number of Virtual Tunnelling
End Points connected to the VXLAN network. VRRP is typically
deployed on the Virtual Tunneling End Points. If Multipoint BFD is
used for tracking the state of VRRP Master Router the Multipoint BFD
packets will get carried over the Layer 2 Overlay, this can lead to a
lot of traffic getting flooded on the overlay as the rate at which
BFD packets are generated will be typically in sub second range.
Which is the problem if VRRP is configured with sub second timers.
So in such scenarios where flooding of Multicast traffic is a
concern, it is recommended to use Point to Point BFD sessions to
avoid inherent flooding of Multicast traffic and configure VRRP to
default or slow timers.

6. Operational Considerations

A VRRP [RFC5798] peer that forms a member of this Virtual Router, but does not
support this feature or extension must be configured with the lowest
priority, and will only operate as the Router of last resort on
failure of all other VRRP routers supporting this functionality.

It is recommended that mechanism defined by this draft, to interface
VRRP with BFD should be used when BFD can support more aggressive
monitoring timers than VRRP. Otherwise it is desirable not to
interface VRRP with BFD for determining the health of VRRP Master.

This Draft does not preclude the possibility of the peer table being
populated by means of manual configuration, instead of using the
BACKUP ADVERTISEMENT as defined by the Draft.

7. IANA Considerations

This draft includes no request to IANA.

8. Security Considerations

Security considerations are discussed in the Section 9 of VRRP
protocol [RFC5798] specification. [RFC5798], [RFC5880] and
[I-D.draft-ietf-bfd-multipoint], apply to this document. There are
no additional security considerations identified by this draft.

10.

9. Acknowledgements

The authors gratefully acknowledge the contributions of Gerry Meyer,
and Mouli Chandramouli, for their contributions to the draft. The
authors will also like to thank Jeffrey Hass, Haas, Maik Pfeil and Vengada
Prasad Govindan for their comments and suggestions.

11. References

11.1. Informative

10. Normative References

[RFC5880] Katz, D. and D. Ward, "Bidirectional Forwarding Detection
(BFD)", RFC 5880.

11.2. Normative References 5880, 2010.

[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", RFC 2119. 2119, 1997.

[RFC5881] Katz, D. and D. Ward, "Bidirectional Forwarding Detection
(BFD) for IPv4 and IPv6 (Single Hop)", RFC 5881. 5881, 2010.

[RFC5798] Nadas, S., "Virtual Router Redundancy Protocol (VRRP)
Version 3 for IPv4 and IPv6", RFC 5798. 5798, 2010.

[I-D.draft-ietf-bfd-multipoint]
Katz, D., Ward, D., and S. Pallagatti, "BFD for Multipoint
Networks", Work in Progress draft-ietf-bfd-multipoint-06.

Appendix A. Using Multipoint BFD sessions

Possibility of detecting the failure of VRRP Master using Multipoint
BFD [I-D.draft-ietf-bfd-multipoint] sessions is still under
consideration. draft-ietf-bfd-multipoint-07,
2015.

Authors' Addresses

Nitish Gupta
Cisco Systems, Inc.
Sarjapur Outer Ring Road
Bangalore 560103
India

Phone: +91 80 4429 2530
Email: nitisgup@cisco.com
URI: http://www.cisco.com/

Aditya Dogra
Cisco Systems, Inc.
Sarjapur Outer Ring Road
Bangalore 560103
India

Phone: +91 80 4429 2166
Email: addogra@cisco.com
URI: http://www.cisco.com/

Colin Docherty
25 George Grieve Way
Tranent
East Lothian, Scotland EH332QT
United Kingdom

Email: colin@doch.org.uk

Greg Mirsky
Ericsson

Email: gregory.mirsky@ericsson.com

Jeff Tantsura
Ericsson

Email: jeff.tantsura@ericsson.com