idnits 2.17.1 draft-evens-grow-bmp-local-rib-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- Couldn't find a document date in the document -- date freshness check skipped. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Looks like a reference, but probably isn't: '1' on line 462 Summary: 0 errors (**), 0 flaws (~~), 1 warning (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Global Routing Operations T. Evens 3 Internet-Draft S. Bayraktar 4 Intended Status: Standards Track M. Bhardwaj 5 Expires: September 11, 2017 Cisco Systems 6 March 10, 2017 P. Lucente 7 NTT Communications 9 Support for Local RIB in BGP Monitoring Protocol (BMP) 10 draft-evens-grow-bmp-local-rib-00 12 Abstract 14 The BGP Monitoring Protocol (BMP) defines access to the Adj-RIB-In 15 and locally originated routes (e.g. routes distributed into BGP from 16 protocols such as static) but not access to the BGP instance Loc-RIB. 17 This document updates the BGP Monitoring Protocol (BMP) RFC 7854 by 18 adding access to the BGP instance Local-RIB, as defined in RFC 4271 19 the routes that have been selected by the local BGP speaker's 20 Decision Process. These are the routes over all peers, locally 21 originated, and after best-path selection. 23 Status of this Memo 25 This Internet-Draft is submitted in full conformance with the 26 provisions of BCP 78 and BCP 79. 28 Internet-Drafts are working documents of the Internet Engineering 29 Task Force (IETF), its areas, and its working groups. Note that 30 other groups may also distribute working documents as Internet- 31 Drafts. 33 Internet-Drafts are draft documents valid for a maximum of six months 34 and may be updated, replaced, or obsoleted by other documents at any 35 time. It is inappropriate to use Internet-Drafts as reference 36 material or to cite them other than as "work in progress." 38 The list of current Internet-Drafts can be accessed at 39 http://www.ietf.org/ietf/1id-abstracts.txt 41 The list of Internet-Draft Shadow Directories can be accessed at 42 http://www.ietf.org/shadow.html 44 This Internet-Draft will expire on September 11, 2017. 46 Copyright and License Notice 47 Copyright (c) 2017 IETF Trust and the persons identified as the 48 document authors. All rights reserved. 50 This document is subject to BCP 78 and the IETF Trust's Legal 51 Provisions Relating to IETF Documents 52 (http://trustee.ietf.org/license-info) in effect on the date of 53 publication of this document. Please review these documents 54 carefully, as they describe your rights and restrictions with respect 55 to this document. Code Components extracted from this document must 56 include Simplified BSD License text as described in Section 4.e of 57 the Trust Legal Provisions and are provided without warranty as 58 described in the Simplified BSD License. 60 Table of Contents 62 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 63 1.1. Current Method to Monitor Loc-RIB . . . . . . . . . . . . . 5 64 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 6 65 3. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 7 66 4. Per-Peer Header . . . . . . . . . . . . . . . . . . . . . . . 7 67 4.1. Peer Type . . . . . . . . . . . . . . . . . . . . . . . . 7 68 4.2. Peer Flags . . . . . . . . . . . . . . . . . . . . . . . . 7 69 5. Loc-RIB Monitoring . . . . . . . . . . . . . . . . . . . . . . 8 70 5.1. Per-Peer Header . . . . . . . . . . . . . . . . . . . . . 8 71 5.2. Peer UP Notification . . . . . . . . . . . . . . . . . . . 8 72 5.2.1. Peer UP Information . . . . . . . . . . . . . . . . . 9 73 5.3. Peer Down Notification . . . . . . . . . . . . . . . . . . 9 74 5.4. Route Monitoring . . . . . . . . . . . . . . . . . . . . . 9 75 5.5. Route Mirroring . . . . . . . . . . . . . . . . . . . . . . 9 76 5.6 Statistics Report . . . . . . . . . . . . . . . . . . . . . 9 77 6. Other Considerations . . . . . . . . . . . . . . . . . . . . . 10 78 6.1. Loc-RIB Implementation . . . . . . . . . . . . . . . . . . 10 79 6.1.1 Multiple Loc-RIB Peers . . . . . . . . . . . . . . . . . 10 80 6.1.2 Filtering Loc-RIB to BMP Receivers . . . . . . . . . . . 10 81 7. Security Considerations . . . . . . . . . . . . . . . . . . . 11 82 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11 83 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 11 84 9.1. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 85 9.2. Normative References . . . . . . . . . . . . . . . . . . . 11 86 9.3. Informative References . . . . . . . . . . . . . . . . . . 11 87 Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 12 88 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 12 90 1. Introduction 92 The BGP Monitoring Protocol (BMP) suggests that locally originated 93 routes are locally sourced routes, such as redistributed or otherwise 94 added routes to the BGP instance by the local router. It does not 95 specify routes that are in the BGP instance Loc-RIB, such as routes 96 after best-path selection. 98 Figure 1 shows the flow of received routes from one or more BGP peers 99 into the Loc-RIB. 101 +------------------+ +------------------+ 102 | Peer-A | | Peer-B | 103 /-- | | ---- | | --\ 104 | | Adj-RIB-In (Pre) | | Adj-RIB-In (Pre) | | 105 | +------------------+ +------------------+ | 106 | | | | 107 | Filters/Policy -| Filters/Policy -| | 108 | V V | 109 | +------------------ +------------------+ | 110 | | Adj-RIB-In (Post)| | Adj-RIB-In (Post)| | 111 | +------------------ +------------------+ | 112 | | | | 113 | Selected -| Selected -| | 114 | V V | 115 | +-----------------------------------------+ | 116 | | Loc-RIB | | 117 | +-----------------------------------------+ | 118 | | 119 | ROUTER/BGP Instance | 120 \----------------------------------------------------/ 122 Figure 1: BGP peering Adj-RIBs-In into Loc-RIB 124 As shown in Figure 2, Locally originated follows a similar flow where 125 the redistributed or otherwise originated routes get installed into 126 the Loc-RIB based on the decision process selection. 128 /--------------------------------------------------------\ 129 | | 130 | +----------+ +----------+ +----------+ +----------+ | 131 | | IS-IS | | OSPF | | Static | | BGP | | 132 | +----------+ +----------+ +----------+ +----------+ | 133 | | | | | | 134 | | | | 135 | | Redistributed or originated into BGP | | 136 | | | | 137 | | | | | | 138 | V V V V | 139 | +----------------------------------------------+ | 140 | | Loc-RIB | | 141 | +----------------------------------------------+ | 142 | | 143 | ROUTER/BGP Instance | 144 \--------------------------------------------------------/ 146 Figure 2: Locally Originated into Loc-RIB 148 BGP instance Loc-RIB usually provides a similar, if not exact, 149 forwarding information base (FIB) view of the routes from BGP that 150 the router will use. The following are some use-cases for Loc-RIB 151 access: 153 o Adj-RIBs-In Post-Policy may still contain hundreds of thousands 154 of routes per-peer but only a handful are selected and 155 installed in the Loc-RIB as part of the best-path selection. 156 Some monitoring applications, such as ones that need only to 157 correlate flow records to Loc-RIB entries, only need to collect 158 and monitor the routes that are actually selected and used. 160 Requiring the applications to collect all Adj-RIB-In Post- 161 Policy data forces the applications to receive a potentially 162 large unwanted data set and to perform the BGP decision process 163 selection, which includes having access to the IGP next-hop 164 metrics. While it is possible to obtain the IGP topology 165 information using BGP-LS, it requires the application to 166 implement SPF and possibly CSPF based on additional policies. 167 This is overly complex for such a simple application that only 168 needed to have access to the Loc-RIB. 170 o It is common to see frequent changes over many BGP peers, but 171 those changes do not always result in the router's Loc-RIB 172 changing. The change in the Loc-RIB can have a direct impact 173 on the forwarding state. It can greatly reduce time to 174 troubleshoot and resolve issues if operators had the history of 175 Loc-RIB changes. For example, a performance issue might have 176 been seen for only a duration of 5 minutes. Post 177 troubleshooting this issue without Loc-RIB history hides any 178 decision based routing changes that might have happened during 179 those five minutes. 181 o Operators may wish to validate the impact of policies applied 182 to Adj-RIB-In by analyzing the final decision made by the 183 router when installing into the Loc-RIB. For example, in order 184 to validate if multi-path prefixes are installed as expected 185 for all advertising peers, the Adj-RIB-In Post-Policy and Loc- 186 RIB needs to be compared. This is only possible if the Loc-RIB 187 is available. Monitoring the Adj-RIB-In for this router from 188 another router to derive the Loc-RIB is likely to not show same 189 installed prefixes. For example, the received Adj-RIB-In will 190 be different if add-paths is not enabled or if maximum number 191 of equal paths are different from Loc-RIB to routes 192 advertised. 194 This document adds Loc-RIB to the BGP Monitoring Protocol and 195 replaces Section 8.2 [RFC7854] Locally Originated Routes. 197 1.1. Current Method to Monitor Loc-RIB 199 Loc-RIB is used to build Adj-RIB-Out when advertising routes to a 200 peer. It is therefore possible to derive the Loc-RIB of a router by 201 monitoring the Adj-RIB-In Pre-Policy from another router. While it 202 is possible to derive the Loc-RIB, it is also error prone and 203 complex. 205 The setup needed to monitor the Loc-RIB of a router requires another 206 router with a peering session to the target router that is to be 207 monitored. The target router Loc-RIB is advertised via Adj-RIB-Out 208 to the BMP router over a standard BGP peering session. The BMP 209 router then forwards Adj-RIB-In Pre-Policy to the BMP receiver. 211 Unnecessary resources needed for current method: 213 o Requires at least two routers when only one router was to be 214 monitored. 216 o Requires additional BGP peering to collect the received updates 217 when peering may have not even been required in the first 218 place. For example, VRF's with no peers, redistributed bgp-ls 219 with no peers, segment routing egress peer engineering where no 220 peers have link-state address family enabled. 222 Complexities introduced with current method in order to derive 223 (e.g. correlate) peer to router Loc-RIB: 225 o Adj-RIB-Out received as Adj-RIB-In from another router may have 226 a policy applied that filters, generates aggregates, suppresses 227 more specifics, manipulates attributes, or filters routes. Not 228 only does this invalidate the Loc-RIB view, it adds complexity 229 when multiple BMP routers may have peering sessions to the same 230 router. The BMP receiver user is left with the erroneous task of 231 identifying which peering session is the best representative of 232 the Loc-RIB. 234 o BGP peering is designed to work between administrative domains 235 and therefore does not need to include internal system level 236 information of each peering router (e.g. the system name or 237 version information). In order to derive a Loc-RIB to a router, 238 the router name or other system information is needed. The BMP 239 receiver and user are forced to do some type of correlation using 240 what information is available in the peering session (e.g. peering 241 addresses, ASNs, and BGP-ID's). This leads to error prone 242 correlations. 244 o The BGP-ID's and session addresses to router correlation 245 requires additional data, such as router inventory. This 246 additional data provides the BMP receiver the ability to map and 247 correlate the BGP-ID's and/or session addresses, but requires the 248 BMP receiver to somehow obtain this data outside of BMP. How this 249 data is obtained and the accuracy of the data directly effects the 250 integrity of the correlation. 252 2. Terminology 254 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 255 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 256 document are to be interpreted as described in RFC 2119 [RFC2119]. 258 3. Definitions 259 o Adj-RIB-In: As defined in [RFC4271], "The Adj-RIBs-In contains 260 unprocessed routing information that has been advertised to the 261 local BGP speaker by its peers." This is also referred to as the 262 pre-policy Adj-RIB-In in this document. 264 o Adj-RIB-Out: As defined in [RFC4271], "The Adj-RIBs-Out contains 265 the routes for advertisement to specific peers by means of the 266 local speaker's UPDATE messages." 268 o Loc-RIB: As defined in [RFC4271], "The Loc-RIB contains the routes 269 that have been selected by the local BGP speaker's Decision 270 Process." It is further defined that the routes selected include 271 locally originated and routes from all peers. 273 o Pre-Policy Adj-RIB-Out: The result before applying the outbound 274 policy to an Adj-RIB-Out. This normally would match what is in the 275 local RIB. 277 o Post-Policy Adj-RIB-Out: The result of applying outbound policy to 278 an Adj-RIB-Out. This MUST be what is actually sent to the peer. 280 4. Per-Peer Header 282 4.1. Peer Type 284 This document defines the following new peer type: 286 o Peer Type = 3: Loc-RIB Instance Peer 288 4.2. Peer Flags 290 In section 4.2 [RFC7854], the "locally sourced routes" comment in the 291 L flag description is removed. Locally sourced routes MUST be 292 conveyed using the Loc-RIB instance peer type. 294 The per-peer header flags for Loc-RIB Instance Peer type are defined 295 as follows: 297 0 1 2 3 4 5 6 7 298 +-+-+-+-+-+-+-+-+ 299 |V|F| Reserved | 300 +-+-+-+-+-+-+-+-+ 302 o The V flag indicates that the Peer address is an IPv6 address. 303 For IPv4 peers, this is set to 0. 305 o The F flag indicates that the Loc-RIB is filtered. This 306 indicates that the Loc-RIB does not represent the complete 307 routing table. 309 The remaining bits are reserved for future use. They MUST be 310 transmitted as 0 and their values MUST be ignored on receipt. 312 5. Loc-RIB Monitoring 314 Loc-RIB contains all routes from BGP peers as well as any and all 315 routes redistributed or otherwise locally originated. In this 316 context, only the BGP instance Loc-RIB is included. Routes from 317 other routing protocols that have not been redistributed or received 318 via Adj-RIB-In are not considered. 320 5.1. Per-Peer Header 322 All peer messages that include a per-peer header MUST use the 323 following values: 325 o Peer Type: Set to 3 to indicate Loc-RIB Instance Peer. 327 o Peer Distinguisher: Zero filled if the Loc-RIB represents the 328 global instance. Otherwise set to the route distinguisher or 329 unique locally defined value of the particular instance the Loc- 330 RIB belongs to. 332 o Peer Address: Zero-filled as remote peer address is not 333 applicable. 335 o Peer AS: Set to the BGP instance global or default ASN value. 337 o Peer BGP ID: Set to the BGP instance global or RD (e.g. VRF) 338 specific router-id. 340 5.2. Peer UP Notification 342 Peer UP notifications follow section 4.10 [RFC7854] with the 343 following clarifications: 345 o Local Address: Zero-filled, local address is not applicable. 347 o Local Port: Set to 0, local port is not applicable. 349 o Remote Port: Set to 0, remote port is not applicable. 351 o Sent OPEN Message: This is a fabricated BGP OPEN message. 352 Capabilities MUST include 4-octet ASN and all necessary 353 capabilities to represent the Loc-RIB route monitoring messages. 354 Only include capabilities if they will be used for Loc-RIB 355 monitoring messages. For example, if add-paths is enabled for 356 IPv6 and Loc-RIB contains additional paths, the add-paths 357 capability should be included for IPv6. In the case of add-paths, 358 the capability intent of advertise, receive or both can be ignored 359 since the presence of the capability indicates enough that add- 360 paths will be used for IPv6. 362 o Received OPEN Message: Repeat of the same Sent Open Message. The 363 duplication allows the BMP receiver to use existing parsing. 365 5.2.1. Peer UP Information 367 The following peer UP information TLV Type is added: 369 o Type = 3: VRF Name. The Information field contains an ASCII 370 string whose value MUST be equal to the value of the VRF name 371 (e.g. RD instance name) configured. This type is only relevant and 372 used when the Loc-RIB represents a VRF/RD instance. 374 It is RECOMMENDED that the VRF Name be defined as "global" for the 375 global/default Loc-RIB instance. 377 5.3. Peer Down Notification 379 Peer down notification SHOULD follow the section 4.9 [RFC7854] reason 380 2. 382 5.4. Route Monitoring 384 Route Monitoring messages are used for initial synchronization of the 385 Loc-RIB. They are also used for incremental updates upon every 386 change to the RIB. State compression on interval, such as 1 or 387 greater seconds, can mask critical RIB changes. Therefore state 388 compression SHOULD be avoided. If the Loc-RIB changes, a route 389 monitor message should be sent. 391 As defined in section 4.3 [RFC7854], "Following the common BMP header 392 and per-peer header is a BGP Update PDU." 394 5.5. Route Mirroring 396 Route mirroring is not applicable to Loc-RIB. 398 5.6 Statistics Report 400 Not all Stat Types are relevant to Loc-RIB. The Stat Types that are 401 relevant are listed below: 403 o Stat Type = 8: (64-bit Gauge) Number of routes in Loc-RIB. 405 o Stat Type = 10: Number of routes in per-AFI/SAFI Loc-RIB. The 406 value is structured as: 2-byte AFI, 1-byte SAFI, followed by a 64- 407 bit Gauge. 409 6. Other Considerations 411 6.1. Loc-RIB Implementation 413 There are several methods to implement Loc-RIB efficiently. In all 414 methods, the implementation emulates a peer with Peer UP and DOWN 415 messages to convey capabilities as well as Route Monitor messages to 416 convey Loc-RIB. In this sense, the peer that conveys the Loc-RIB is 417 a local router emulated peer. 419 6.1.1 Multiple Loc-RIB Peers 421 There MUST be multiple emulated peers for each Loc-RIB instance, such 422 as with VRF's. The BMP receiver identifies the Loc-RIB's by the peer 423 header distinguisher and BGP ID. The BMP receiver uses the VRF Name 424 from the PEER UP to name the Loc-RIB. 426 In some implementations, it might be required to have more than one 427 emulated peer for Loc-RIB to convey different address families for 428 the same Loc-RIB. In this case, the peer distinguisher and BGP ID 429 should be the same since it represents the same Loc-RIB instance. 430 Each emulated peer instance MUST send a PEER UP with the OPEN message 431 indicating the address family capabilities. A BMP receiver MUST 432 process these capabilities to know which peer belongs to which 433 address family. 435 6.1.2 Filtering Loc-RIB to BMP Receivers 437 There maybe be use-cases where BMP receivers should only receive 438 specific routes from Loc-RIB. For example, IPv4 unicast routes may 439 include IBGP, EBGP, and IGP but only routes from EBGP should be sent 440 to the BMP receiver. Alternatively, it may be that only IBGP and 441 EBGP that should be sent and IGP redistributed routes should be 442 excluded. In these cases where the Loc-RIB is filtered, the F flag 443 is set to 1 to indicate to the BMP receiver that the Loc-RIB is 444 partial. 446 7. Security Considerations 448 It is not believed that this document adds any additional security 449 considerations. 451 8. IANA Considerations 453 This document requests that IANA assign the following new peer types 454 to the BMP parameters name space [1]. 456 o Peer Type = 3: Loc-RIB Instance Peer 458 9. References 460 9.1. URIs 462 [1] https://www.iana.org/assignments/bmp-parameters/bmp- 463 parameters.xhtml 465 9.2. Normative References 467 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 468 Requirement Levels", BCP 14, RFC 2119, DOI 469 10.17487/RFC2119, March 1997, . 472 [RFC4271] Rekhter, Y., Ed., Li, T., Ed., and S. Hares, Ed., "A 473 Border Gateway Protocol 4 (BGP-4)", RFC 4271, DOI 474 10.17487/RFC4271, January 2006, . 477 [RFC7854] Scudder, J., Ed., Fernando, R., and S. Stuart, "BGP 478 Monitoring Protocol (BMP)", RFC 7854, DOI 479 10.17487/RFC7854, June 2016, . 482 9.3. Informative References 484 [I-ID.ietf-grow-bmp-adj-rib-out] TBD. 486 Acknowledgments 488 TBD. 490 Authors' Addresses 492 Tim Evens 493 Cisco Systems 494 2901 Third Avenue, Suite 600 495 Seattle, WA 98121 496 USA 498 Email: tievens@cisco.com 500 Serpil Bayraktar 501 Cisco Systems 502 3700 Cisco Way 503 San Jose, CA 95134 504 USA 506 Email: serpil@cisco.com 508 Manish Bhardwaj 509 Cisco Systems 510 3700 Cisco Way 511 San Jose, CA 95134 512 USA 514 Email: manbhard@cisco.com 516 Paolo Lucente 517 NTT Communications 518 Siriusdreef 70-72 519 Hoofddorp 2132 WT 520 NL 522 Email: paolo@ntt.net