idnits 2.17.1 draft-ietf-bess-datacenter-gateway-10.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (April 15, 2021) is 1101 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-22) exists of draft-ietf-idr-tunnel-encaps-21 ** Obsolete normative reference: RFC 7752 (Obsoleted by RFC 9552) == Outdated reference: A later version (-06) exists of draft-farrel-spring-sr-domain-interconnect-05 == Outdated reference: A later version (-18) exists of draft-ietf-idr-bgp-ls-segment-routing-ext-16 Summary: 1 error (**), 0 flaws (~~), 4 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 BESS Working Group A. Farrel 3 Internet-Draft Old Dog Consulting 4 Intended status: Standards Track J. Drake 5 Expires: October 17, 2021 E. Rosen 6 Juniper Networks 7 K. Patel 8 Arrcus, Inc. 9 L. Jalil 10 Verizon 11 April 15, 2021 13 Gateway Auto-Discovery and Route Advertisement for Segment Routing 14 Enabled Domain Interconnection 15 draft-ietf-bess-datacenter-gateway-10 17 Abstract 19 Data centers are critical components of the infrastructure used by 20 network operators to provide services to their customers. Data 21 centers are attached to the Internet or a backbone network by gateway 22 routers. One data center typically has more than one gateway for 23 commercial, load balancing, and resiliency reasons. 25 Segment Routing is a protocol mechanism that can be used within a 26 data center, and also for steering traffic that flows between two 27 data center sites. In order that one data center site may load 28 balance the traffic it sends to another data center site, it needs to 29 know the complete set of gateway routers at the remote data center, 30 the points of connection from those gateways to the backbone network, 31 and the connectivity across the backbone network. 33 Segment Routing may also be operated in other domains, such as access 34 networks. Those domains also need to be connected across backbone 35 networks through gateways. 37 This document defines a mechanism using the BGP Tunnel Encapsulation 38 attribute to allow each gateway router to advertise the routes to the 39 prefixes in the Segment Routing domains to which it provides access, 40 and also to advertise on behalf of each other gateway to the same 41 Segment Routing domain. 43 Status of This Memo 45 This Internet-Draft is submitted in full conformance with the 46 provisions of BCP 78 and BCP 79. 48 Internet-Drafts are working documents of the Internet Engineering 49 Task Force (IETF). Note that other groups may also distribute 50 working documents as Internet-Drafts. The list of current Internet- 51 Drafts is at https://datatracker.ietf.org/drafts/current/. 53 Internet-Drafts are draft documents valid for a maximum of six months 54 and may be updated, replaced, or obsoleted by other documents at any 55 time. It is inappropriate to use Internet-Drafts as reference 56 material or to cite them other than as "work in progress." 58 This Internet-Draft will expire on October 17, 2021. 60 Copyright Notice 62 Copyright (c) 2021 IETF Trust and the persons identified as the 63 document authors. All rights reserved. 65 This document is subject to BCP 78 and the IETF Trust's Legal 66 Provisions Relating to IETF Documents 67 (https://trustee.ietf.org/license-info) in effect on the date of 68 publication of this document. Please review these documents 69 carefully, as they describe your rights and restrictions with respect 70 to this document. Code Components extracted from this document must 71 include Simplified BSD License text as described in Section 4.e of 72 the Trust Legal Provisions and are provided without warranty as 73 described in the Simplified BSD License. 75 Table of Contents 77 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 78 2. Requirements Language . . . . . . . . . . . . . . . . . . . . 5 79 3. SR Domain Gateway Auto-Discovery . . . . . . . . . . . . . . 5 80 4. Relationship to BGP Link State and Egress Peer Engineering . 7 81 5. Advertising an SR Domain Route Externally . . . . . . . . . . 7 82 6. Encapsulation . . . . . . . . . . . . . . . . . . . . . . . . 7 83 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8 84 8. Security Considerations . . . . . . . . . . . . . . . . . . . 8 85 9. Manageability Considerations . . . . . . . . . . . . . . . . 9 86 9.1. Relationship to Route Target Constraint . . . . . . . . . 9 87 10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 10 88 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 10 89 11.1. Normative References . . . . . . . . . . . . . . . . . . 10 90 11.2. Informative References . . . . . . . . . . . . . . . . . 11 91 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 12 93 1. Introduction 95 Data centers (DCs) are critical components of the infrastructure used 96 by network operators to provide services to their customers. DCs are 97 attached to the Internet or a backbone network by gateway routers 98 (GWs). One DC typically has more than one GW for various reasons 99 including commercial preferences, load balancing, or resiliency 100 against connection of device failure. 102 Segment Routing (SR) [RFC8402] is a protocol mechanism that can be 103 used within a DC, and also for steering traffic that flows between 104 two DC sites. In order for a source (ingress) DC that uses SR to 105 load balance the flows it sends to a destination (egress) DC, it 106 needs to know the complete set of entry nodes (i.e., GWs) for that 107 egress DC from the backbone network connecting the two DCs. Note 108 that it is assumed that the connected set of DCs and the backbone 109 network connecting them are part of the same SR BGP Link State (LS) 110 instance ([RFC7752] and [I-D.ietf-idr-bgpls-segment-routing-epe]) so 111 that traffic engineering using SR may be used for these flows. 113 SR may also be operated in other domains, such as access networks. 114 Those domains also need to be connected across backbone networks 115 through gateways. For illustrative purposes, consider the Ingress 116 and Egress SR Domains shown in Figure 1 as separate ASes. The 117 various ASes that provide connectivity between the Ingress and Egress 118 Domains could each be constructed differently and use different 119 technologies such as IP, MPLS with global table routing native BGP to 120 the edge, MPLS IP VPN, SR-MPLS IP VPN, or SRv6 IP VPN. 122 Suppose that there are two gateways, GW1 and GW2 as shown in 123 Figure 1, for a given egress SR domain and that they each advertise a 124 route to prefix X which is located within the egress SR domain with 125 each setting itself as next hop. One might think that the GWs for X 126 could be inferred from the routes' next hop fields, but typically it 127 is not the case that both routes get distributed across the backbone: 128 rather only the best route, as selected by BGP, is distributed. This 129 precludes load balancing flows across both GWs. 131 ----------------- --------------------- 132 | Ingress | | Egress ------ | 133 | SR Domain | | SR Domain |Prefix| | 134 | | | | X | | 135 | | | ------ | 136 | -- | | --- --- | 137 | |GW| | | |GW1| |GW2| | 138 -------++-------- ----+-----------+-+-- 139 | \ | / | 140 | \ | / | 141 | -+------------- --------+--------+-- | 142 | ||ASBR| ----| |---- |ASBR| |ASBR| | | 143 | | ---- |ASBR+------+ASBR| ---- ---- | | 144 | | ----| |---- | | 145 | | | | | | 146 | | ----| |---- | | 147 | | AS1 |ASBR+------+ASBR| AS2 | | 148 | | ----| |---- | | 149 | --------------- -------------------- | 150 --+-----------------------------------------------+-- 151 | |ASBR| |ASBR| | 152 | ---- AS3 ---- | 153 | | 154 ----------------------------------------------------- 156 Figure 1: Example Segment Routing Domain Interconnection 158 The obvious solution to this problem is to use the BGP feature that 159 allows the advertisement of multiple paths in BGP (known as Add- 160 Paths) [RFC7911] to ensure that all routes to X get advertised by 161 BGP. However, even if this is done, the identity of the GWs will be 162 lost as soon as the routes get distributed through an Autonomous 163 System Border Router (ASBR) that will set itself to be the next hop. 164 And if there are multiple Autonomous Systems (ASes) in the backbone, 165 not only will the next hop change several times, but the Add-Paths 166 technique will experience scaling issues. This all means that the 167 Add-Paths approach is limited to SR domains connected over a single 168 AS. 170 This document defines a solution that overcomes this limitation and 171 works equally well with a backbone constructed from one or more ASes 172 using the Tunnel Encapsulation attribute [I-D.ietf-idr-tunnel-encaps] 173 as follows: 175 When a GW to a given SR domain advertises a route to a prefix X 176 within that SR domain, it will include a Tunnel Encapsulation 177 attribute that contains the union of the Tunnel Encapsulation 178 attributes advertised by each of the GWs to that SR domain, 179 including itself. 181 In other words, each route advertised by a GW identifies all of the 182 GWs to the same SR domain (see Section 3 for a discussion of how GWs 183 discover each other). I.e., the Tunnel Encapsulation attribute 184 advertised by each GW contains multiple Tunnel TLVs, one or more from 185 each active GW, and each Tunnel TLV will contain a Tunnel Egress 186 Endpoint Sub-TLV that identifies the GW for that Tunnel TLV. 187 Therefore, even if only one of the routes is distributed to other 188 ASes, it will not matter how many times the next hop changes, as the 189 Tunnel Encapsulation attribute will remain unchanged. 191 To put this in the context of Figure 1, GW1 and GW2 discover each 192 other as gateways for the egress SR domain. Both GW1 and GW2 193 advertise themselves as having routes to prefix X. Furthermore, GW1 194 includes a Tunnel Encapsulation attribute which is the union of its 195 Tunnel Encapsulation attribute and GW2's Tunnel Encapsulation 196 attribute. Similarly, GW2 includes a Tunnel Encapsulation attribute 197 which is the union of its Tunnel Encapsulation attribute and GW1's 198 Tunnel Encapsulation attribute. The gateway in the ingress SR domain 199 can now see all possible paths to X in the egress SR domain 200 regardless of which route is propagated to it, and it can choose one, 201 or balance traffic flows as it sees fit. 203 The solution defined in this document can be seen in the broader 204 context of SR domain interconnection in 205 [I-D.farrel-spring-sr-domain-interconnect]. That document shows how 206 other existing protocol elements may be combined with the solution 207 defined in this document to provide a full system, but is not a 208 necessary reference for understanding this document. 210 2. Requirements Language 212 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 213 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 214 "OPTIONAL" in this document are to be interpreted as described in BCP 215 14 [RFC2119] [RFC8174] when, and only when, they appear in all 216 capitals, as shown here. 218 3. SR Domain Gateway Auto-Discovery 220 To allow a given SR domain's GWs to auto-discover each other and to 221 coordinate their operations, the following procedures are 222 implemented: 224 o Each GW is configured with an identifier for the SR domain. That 225 identifier is common across all GWs to the domain (i.e., the same 226 identifier is used by all GWs to the same SR domain), and unique 227 across all SR domains that are connected (i.e., across all GWs to 228 all SR domains that are interconnected). 230 o A route target ([RFC4360]) is attached to each GW's auto-discovery 231 route and has its value set to the SR domain identifier. 233 o Each GW constructs an import filtering rule to import any route 234 that carries a route target with the same SR domain identifier 235 that the GW itself uses. This means that only these GWs will 236 import those routes, and that all GWs to the same SR domain will 237 import each other's routes and will learn (auto-discover) the 238 current set of active GWs for the SR domain. 240 The auto-discovery route that each GW advertises consists of the 241 following: 243 o An IPv4 or IPv6 NLRI containing one of the GW's loopback addresses 244 (that is, with an AFI/SAFI pair that is one of 1/1, 2/1, 1/4, or 245 2/4). 247 o A Tunnel Encapsulation attribute [I-D.ietf-idr-tunnel-encaps] 248 containing the GW's encapsulation information encoded in one or 249 more Tunnel TLVs. 251 To avoid the side effect of applying the Tunnel Encapsulation 252 attribute to any packet that is addressed to the GW itself, the GW 253 SHOULD use a different loopback address for packets intended for it. 255 As described in Section 1, each GW will include a Tunnel 256 Encapsulation attribute with the GW encapsulation information for 257 each of the SR domain's active GWs (including itself) in every route 258 advertised externally to that SR domain. As the current set of 259 active GWs changes (due to the addition of a new GW or the failure/ 260 removal of an existing GW) each externally advertised route will be 261 re-advertised with a new Tunnel Encapsulation attribute which 262 reflects current set of active GWs. 264 If a gateway becomes disconnected from the backbone network, or if 265 the SR domain operator decides to terminate the gateway's activity, 266 it withdraws the advertisements described above. This means that 267 remote gateways at other sites will stop seeing advertisements from 268 this gateway. 270 Note that if a GW is (mis)configured with a different SR domain 271 identifier from the other GWs to the same domain then it will not be 272 auto-discovered by the other GWs (and will not auto-discover the 273 other GWs). This would result in a GW for another SR domain 274 receiving only the Tunnel Encapsulation attribute included in the BGP 275 best route; i.e., the Tunnel Encapsulation attribute of the 276 (mis)configured GW or that of the other GWs. 278 4. Relationship to BGP Link State and Egress Peer Engineering 280 When a remote GW receives a route to a prefix X it uses the Tunnel 281 Egress Endpoint Sub-TLVs in the containing Tunnel Encapsulation 282 attribute to identify the GWs through which X can be reached. It 283 uses this information to compute SR Traffic Engineering (SR TE) paths 284 across the backbone network looking at the information advertised to 285 it in SR BGP Link State (BGP-LS) 286 [I-D.ietf-idr-bgp-ls-segment-routing-ext] and correlated using the SR 287 domain identity. SR Egress Peer Engineering (EPE) 288 [I-D.ietf-idr-bgpls-segment-routing-epe] can be used to supplement 289 the information advertised in BGP-LS. 291 5. Advertising an SR Domain Route Externally 293 When a packet destined for prefix X is sent on an SR TE path to a GW 294 for the SR domain containing X (that is, the packet is sent in the 295 Ingress Domain on an SR TE path that describes the path including 296 within the Egress Domain), it needs to carry the receiving GW's label 297 for X such that this label rises to the top of the stack before the 298 GW completes its processing of the packet. To achieve this, each 299 Tunnel TLV in the Tunnel Encapsulation attribute contains a Prefix 300 SID sub-TLV [I-D.ietf-idr-tunnel-encaps] for X. 302 Alternatively, if the GWs for a given SR domain are configured to 303 allow remote GWs to perform SR TE through that SR domain for a prefix 304 X, then each GW computes an SR TE path through that SR domain to X 305 from each of the currently active GWs, and places each in an MPLS 306 label stack sub-TLV [I-D.ietf-idr-tunnel-encaps] in the SR Tunnel TLV 307 for that GW. 309 Please refer to Section 7 of 310 [I-D.farrel-spring-sr-domain-interconnect] for worked examples of how 311 the label stack is constructed in this case, and how the 312 advertisements would work. 314 6. Encapsulation 316 If the GWs for a given SR domain are configured to allow remote GWs 317 to send them a packet in that SR domain's native encapsulation, then 318 each GW will also include multiple instances of a Tunnel TLV for that 319 native encapsulation in externally advertised routes: one for each GW 320 and each containing a Tunnel Egress Endpoint sub-TLV with that GW's 321 address. A remote GW may then encapsulate a packet according to the 322 rules defined via the sub-TLVs included in each of the Tunnel TLVs. 324 7. IANA Considerations 326 IANA maintains a registry called "Border Gateway Protocol (BGP) 327 Parameters" with a sub-registry called "BGP Tunnel Encapsulation 328 Attribute Tunnel Types." The registration policy for this registry 329 is First-Come First-Served [RFC8126]. 331 IANA previously assigned the value 17 from this sub-registry for "SR 332 Tunnel", referencing this document. IANA is now requested to mark 333 that assignment as deprecated. IANA may reclaim that codepoint at 334 such a time that the registry is depleted. 336 8. Security Considerations 338 From a protocol point of view, the mechanisms described in this 339 document can leverage the security mechanisms already defined for 340 BGP. Further discussion of security considerations for BGP may be 341 found in the BGP specification itself [RFC4271] and in the security 342 analysis for BGP [RFC4272]. The original discussion of the use of 343 the TCP MD5 signature option to protect BGP sessions is found in 344 [RFC5925], while [RFC6952] includes an analysis of BGP keying and 345 authentication issues. 347 The mechanisms described in this document involve sharing routing or 348 reachability information between domains: that may mean disclosing 349 information that is normally contained within a domain. So it needs 350 to be understood that normal security paradigms based on the 351 boundaries of domains are weakened. Discussion of these issues with 352 respect to VPNs can be found in [RFC4364], while [RFC7926] describes 353 many of the issues associated with the exchange of topology or TE 354 information between domains. 356 Particular exposures resulting from this work include: 358 o Gateways to a domain will know about all other gateways to the 359 same domain. This feature applies within a domain and so is not a 360 substantial exposure, but it does mean that if the BGP exchanges 361 within a domain can be snooped or if a gateway can be subverted 362 then an attacker may learn the full set of gateways to a domain. 363 This would facilitate more effective attacks on that domain. 365 o The existence of multiple gateways to a domain becomes more 366 visible across the backbone and even into remote domains. This 367 means that an attacker is able to prepare a more comprehensive 368 attack than exists when only the locally attached backbone network 369 (e.g., the AS that hosts the domain) can see all of the gateways 370 to a site. For example, a Denial of Service attack on a single GW 371 is mitigated by the existence of other GWs, but if the attacker 372 knows about all the gateways then the whole set can be attacked at 373 once. 375 o A node in a domain that does not have external BGP peering (i.e., 376 is not really a domain gateway and cannot speak BGP into the 377 backbone network) may be able to get itself advertised as a 378 gateway by letting other genuine gateways discover it (by speaking 379 BGP to them within the domain) and so may get those genuine 380 gateways to advertise it as a gateway into the backbone network. 381 This would allow the malicious node to attract traffic without 382 having to have secure BGP peerings with out-of-domain nodes. 384 o If it is possible to modify a BGP message within the backbone, it 385 may be possible to spoof the existence of a gateway. This could 386 cause traffic to be attracted to a specific node and might result 387 in black-holing of traffic. 389 All of the issues in the list above could cause disruption to domain 390 interconnection, but are not new protocol vulnerabilities so much as 391 new exposures of information that SHOULD be protected against using 392 existing protocol mechanisms. Furthermore, it is a general 393 observation that if these attacks are possible then it is highly 394 likely that far more significant attacks can be made on the routing 395 system. It should be noted that BGP peerings are not discovered, but 396 always arise from explicit configuration. 398 9. Manageability Considerations 400 The principal configuration item added by this solution is the 401 allocation of an SR domain identifier. The same identifier MUST be 402 assigned to every GW to the same domain, and each domain MUST have a 403 different identifier. This requires coordination, probably through a 404 central management agent. 406 It should be noted that BGP peerings are not discovered, but always 407 arise from explicit configuration. This is no different from any 408 other BGP operation. 410 9.1. Relationship to Route Target Constraint 412 In order to limit the VPN routing information that is maintained at a 413 given route reflector, [RFC4364] suggests the use of "Cooperative 414 Route Filtering" [RFC5291] between route reflectors. [RFC4684] 415 defines an extension to that mechanism to include support for 416 multiple autonomous systems and asymmetric VPN topologies such as 417 hub-and-spoke. The mechanism in RFC 4684 is known as Route Target 418 Constraint (RTC). 420 An operator would not normally configure RTC by default for any AFI/ 421 SAFI combination, and would only enable it after careful 422 consideration. When using the mechanisms defined in this document, 423 the operator should consider carefully the effects of filtering 424 routes. In some cases this may be desirable, and in others it could 425 limit the effectiveness of the procedures. 427 10. Acknowledgements 429 Thanks to Bruno Rijsman, Stephane Litkowski, Boris Hassanov, Linda 430 Dunbar, Ravi Singh, and Gyan Mishra for review comments, and to 431 Robert Raszuk for useful discussions. 433 11. References 435 11.1. Normative References 437 [I-D.ietf-idr-bgpls-segment-routing-epe] 438 Previdi, S., Talaulikar, K., Filsfils, C., Patel, K., Ray, 439 S., and J. Dong, "BGP-LS extensions for Segment Routing 440 BGP Egress Peer Engineering", draft-ietf-idr-bgpls- 441 segment-routing-epe-19 (work in progress), May 2019. 443 [I-D.ietf-idr-tunnel-encaps] 444 Patel, K., Velde, G., Sangli, S., and J. Scudder, "The BGP 445 Tunnel Encapsulation Attribute", draft-ietf-idr-tunnel- 446 encaps-21 (work in progress), January 2021. 448 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 449 Requirement Levels", BCP 14, RFC 2119, 450 DOI 10.17487/RFC2119, March 1997, 451 . 453 [RFC4271] Rekhter, Y., Ed., Li, T., Ed., and S. Hares, Ed., "A 454 Border Gateway Protocol 4 (BGP-4)", RFC 4271, 455 DOI 10.17487/RFC4271, January 2006, 456 . 458 [RFC4360] Sangli, S., Tappan, D., and Y. Rekhter, "BGP Extended 459 Communities Attribute", RFC 4360, DOI 10.17487/RFC4360, 460 February 2006, . 462 [RFC5925] Touch, J., Mankin, A., and R. Bonica, "The TCP 463 Authentication Option", RFC 5925, DOI 10.17487/RFC5925, 464 June 2010, . 466 [RFC7752] Gredler, H., Ed., Medved, J., Previdi, S., Farrel, A., and 467 S. Ray, "North-Bound Distribution of Link-State and 468 Traffic Engineering (TE) Information Using BGP", RFC 7752, 469 DOI 10.17487/RFC7752, March 2016, 470 . 472 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 473 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 474 May 2017, . 476 11.2. Informative References 478 [I-D.farrel-spring-sr-domain-interconnect] 479 Farrel, A. and J. Drake, "Interconnection of Segment 480 Routing Domains - Problem Statement and Solution 481 Landscape", draft-farrel-spring-sr-domain-interconnect-05 482 (work in progress), October 2018. 484 [I-D.ietf-idr-bgp-ls-segment-routing-ext] 485 Previdi, S., Talaulikar, K., Filsfils, C., Gredler, H., 486 and M. Chen, "BGP Link-State extensions for Segment 487 Routing", draft-ietf-idr-bgp-ls-segment-routing-ext-16 488 (work in progress), June 2019. 490 [RFC4272] Murphy, S., "BGP Security Vulnerabilities Analysis", 491 RFC 4272, DOI 10.17487/RFC4272, January 2006, 492 . 494 [RFC4364] Rosen, E. and Y. Rekhter, "BGP/MPLS IP Virtual Private 495 Networks (VPNs)", RFC 4364, DOI 10.17487/RFC4364, February 496 2006, . 498 [RFC4684] Marques, P., Bonica, R., Fang, L., Martini, L., Raszuk, 499 R., Patel, K., and J. Guichard, "Constrained Route 500 Distribution for Border Gateway Protocol/MultiProtocol 501 Label Switching (BGP/MPLS) Internet Protocol (IP) Virtual 502 Private Networks (VPNs)", RFC 4684, DOI 10.17487/RFC4684, 503 November 2006, . 505 [RFC5291] Chen, E. and Y. Rekhter, "Outbound Route Filtering 506 Capability for BGP-4", RFC 5291, DOI 10.17487/RFC5291, 507 August 2008, . 509 [RFC6952] Jethanandani, M., Patel, K., and L. Zheng, "Analysis of 510 BGP, LDP, PCEP, and MSDP Issues According to the Keying 511 and Authentication for Routing Protocols (KARP) Design 512 Guide", RFC 6952, DOI 10.17487/RFC6952, May 2013, 513 . 515 [RFC7911] Walton, D., Retana, A., Chen, E., and J. Scudder, 516 "Advertisement of Multiple Paths in BGP", RFC 7911, 517 DOI 10.17487/RFC7911, July 2016, 518 . 520 [RFC7926] Farrel, A., Ed., Drake, J., Bitar, N., Swallow, G., 521 Ceccarelli, D., and X. Zhang, "Problem Statement and 522 Architecture for Information Exchange between 523 Interconnected Traffic-Engineered Networks", BCP 206, 524 RFC 7926, DOI 10.17487/RFC7926, July 2016, 525 . 527 [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for 528 Writing an IANA Considerations Section in RFCs", BCP 26, 529 RFC 8126, DOI 10.17487/RFC8126, June 2017, 530 . 532 [RFC8402] Filsfils, C., Ed., Previdi, S., Ed., Ginsberg, L., 533 Decraene, B., Litkowski, S., and R. Shakir, "Segment 534 Routing Architecture", RFC 8402, DOI 10.17487/RFC8402, 535 July 2018, . 537 Authors' Addresses 539 Adrian Farrel 540 Old Dog Consulting 542 Email: adrian@olddog.co.uk 544 John Drake 545 Juniper Networks 547 Email: jdrake@juniper.net 549 Eric Rosen 550 Juniper Networks 552 Email: erosen52@gmail.com 554 Keyur Patel 555 Arrcus, Inc. 557 Email: keyur@arrcus.com 558 Luay Jalil 559 Verizon 561 Email: luay.jalil@verizon.com