idnits 2.17.1 draft-ietf-grow-bmp-local-rib-05.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- == There are 1 instance of lines with private range IPv4 addresses in the document. If these are generic example addresses, they should be changed to use any of the ranges defined in RFC 6890 (or successor): 192.0.2.x, 198.51.100.x or 203.0.113.x. -- The draft header indicates that this document updates RFC7854, but the abstract doesn't seem to directly say this. It does mention RFC7854 though, so this could be OK. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document seems to lack the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords -- however, there's a paragraph with a matching beginning. Boilerplate error? (The document does seem to have the reference to RFC 2119 which the ID-Checklist requires). -- The document date (August 5, 2019) is 1719 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Looks like a reference, but probably isn't: '1' on line 618 Summary: 0 errors (**), 0 flaws (~~), 3 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Global Routing Operations T. Evens 3 Internet-Draft S. Bayraktar 4 Updates: 7854 (if approved) M. Bhardwaj 5 Intended status: Standards Track Cisco Systems 6 Expires: February 6, 2020 P. Lucente 7 NTT Communications 8 August 5, 2019 10 Support for Local RIB in BGP Monitoring Protocol (BMP) 11 draft-ietf-grow-bmp-local-rib-05 13 Abstract 15 The BGP Monitoring Protocol (BMP) defines access to the Adj-RIB-In 16 and locally originated routes (e.g. routes distributed into BGP from 17 protocols such as static) but not access to the BGP instance Loc-RIB. 18 This document updates the BGP Monitoring Protocol (BMP) RFC 7854 by 19 adding access to the BGP instance Local-RIB, as defined in RFC 4271 20 the routes that have been selected by the local BGP speaker's 21 Decision Process. These are the routes over all peers, locally 22 originated, and after best-path selection. 24 Status of This Memo 26 This Internet-Draft is submitted in full conformance with the 27 provisions of BCP 78 and BCP 79. 29 Internet-Drafts are working documents of the Internet Engineering 30 Task Force (IETF). Note that other groups may also distribute 31 working documents as Internet-Drafts. The list of current Internet- 32 Drafts is at https://datatracker.ietf.org/drafts/current/. 34 Internet-Drafts are draft documents valid for a maximum of six months 35 and may be updated, replaced, or obsoleted by other documents at any 36 time. It is inappropriate to use Internet-Drafts as reference 37 material or to cite them other than as "work in progress." 39 This Internet-Draft will expire on February 6, 2020. 41 Copyright Notice 43 Copyright (c) 2019 IETF Trust and the persons identified as the 44 document authors. All rights reserved. 46 This document is subject to BCP 78 and the IETF Trust's Legal 47 Provisions Relating to IETF Documents 48 (https://trustee.ietf.org/license-info) in effect on the date of 49 publication of this document. Please review these documents 50 carefully, as they describe your rights and restrictions with respect 51 to this document. Code Components extracted from this document must 52 include Simplified BSD License text as described in Section 4.e of 53 the Trust Legal Provisions and are provided without warranty as 54 described in the Simplified BSD License. 56 Table of Contents 58 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 59 1.1. Current Method to Monitor Loc-RIB . . . . . . . . . . . . 5 60 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 7 61 3. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 8 62 4. Per-Peer Header . . . . . . . . . . . . . . . . . . . . . . . 8 63 4.1. Peer Type . . . . . . . . . . . . . . . . . . . . . . . . 8 64 4.2. Peer Flags . . . . . . . . . . . . . . . . . . . . . . . 8 65 5. Loc-RIB Monitoring . . . . . . . . . . . . . . . . . . . . . 9 66 5.1. Per-Peer Header . . . . . . . . . . . . . . . . . . . . . 9 67 5.2. Peer UP Notification . . . . . . . . . . . . . . . . . . 10 68 5.2.1. Peer UP Information . . . . . . . . . . . . . . . . . 10 69 5.3. Peer Down Notification . . . . . . . . . . . . . . . . . 11 70 5.4. Route Monitoring . . . . . . . . . . . . . . . . . . . . 11 71 5.4.1. ASN Encoding . . . . . . . . . . . . . . . . . . . . 11 72 5.4.2. Granularity . . . . . . . . . . . . . . . . . . . . . 11 73 5.5. Route Mirroring . . . . . . . . . . . . . . . . . . . . . 12 74 5.6. Statistics Report . . . . . . . . . . . . . . . . . . . . 12 75 6. Other Considerations . . . . . . . . . . . . . . . . . . . . 12 76 6.1. Loc-RIB Implementation . . . . . . . . . . . . . . . . . 12 77 6.1.1. Multiple Loc-RIB Peers . . . . . . . . . . . . . . . 12 78 6.1.2. Filtering Loc-RIB to BMP Receivers . . . . . . . . . 12 79 6.1.3. Changes to existing BMP sessions . . . . . . . . . . 13 80 7. Security Considerations . . . . . . . . . . . . . . . . . . . 13 81 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 13 82 8.1. BMP Peer Type . . . . . . . . . . . . . . . . . . . . . . 13 83 8.2. BMP Peer Flags . . . . . . . . . . . . . . . . . . . . . 13 84 8.3. Peer UP Information TLV . . . . . . . . . . . . . . . . . 13 85 8.4. Peer Down Reason code . . . . . . . . . . . . . . . . . . 14 86 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 14 87 9.1. Normative References . . . . . . . . . . . . . . . . . . 14 88 9.2. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . 14 89 Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 14 90 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 14 92 1. Introduction 94 This document defines a mechanism to monitor the BGP Local-RIB state 95 for multiple BGP instances without the need for one or more unneeded 96 BGP peering sessions. The BGP Monitoring Protocol (BMP) suggests 97 that locally originated routes are locally sourced routes, such as 98 redistributed or otherwise added routes to the BGP instance by the 99 local router. It does not specify routes that are in the BGP 100 instance Loc-RIB, such as routes after best-path selection. 102 Figure 1 shows the flow of received routes from one or more BGP peers 103 into the Loc-RIB. 105 +------------------+ +------------------+ 106 | Peer-A | | Peer-B | 107 /-- | | ---- | | --\ 108 | | Adj-RIB-In (Pre) | | Adj-RIB-In (Pre) | | 109 | +------------------+ +------------------+ | 110 | | | | 111 | Filters/Policy -| Filters/Policy -| | 112 | V V | 113 | +------------------ +------------------+ | 114 | | Adj-RIB-In (Post)| | Adj-RIB-In (Post)| | 115 | +------------------ +------------------+ | 116 | | | | 117 | Selected -| Selected -| | 118 | V V | 119 | +-----------------------------------------+ | 120 | | Loc-RIB | | 121 | +-----------------------------------------+ | 122 | | 123 | ROUTER/BGP Instance | 124 \----------------------------------------------------/ 126 Figure 1: BGP peering Adj-RIBs-In into Loc-RIB 128 As shown in Figure 2, Locally originated section 9.4 of [RFC4271] 129 follows a similar flow where the redistributed or otherwise 130 originated routes get installed into the Loc-RIB based on the 131 decision process selection. 133 /--------------------------------------------------------\ 134 | | 135 | +----------+ +----------+ +----------+ +----------+ | 136 | | IS-IS | | OSPF | | Static | | BGP | | 137 | +----------+ +----------+ +----------+ +----------+ | 138 | | | | | | 139 | | | | 140 | | Redistributed or originated into BGP | | 141 | | | | 142 | | | | | | 143 | V V V V | 144 | +----------------------------------------------+ | 145 | | Loc-RIB | | 146 | +----------------------------------------------+ | 147 | | 148 | ROUTER/BGP Instance | 149 \--------------------------------------------------------/ 151 Figure 2: Locally Originated into Loc-RIB 153 The following are some use-cases for Loc-RIB access: 155 o Adj-RIBs-In Post-Policy may still contain hundreds of thousands of 156 routes per-peer but only a handful are selected and installed in 157 the Loc-RIB as part of the best-path selection. Some monitoring 158 applications, such as ones that need only to correlate flow 159 records to Loc-RIB entries, only need to collect and monitor the 160 routes that are actually selected and used. 162 Requiring the applications to collect all Adj-RIB-In Post-Policy 163 data forces the applications to receive a potentially large 164 unwanted data set and to perform the BGP decision process 165 selection, which includes having access to the IGP next-hop 166 metrics. While it is possible to obtain the IGP topology 167 information using BGP-LS, it requires the application to implement 168 SPF and possibly CSPF based on additional policies. This is 169 overly complex for such a simple application that only needed to 170 have access to the Loc-RIB. 172 o It is common to see frequent changes over many BGP peers, but 173 those changes do not always result in the router's Loc-RIB 174 changing. The change in the Loc-RIB can have a direct impact on 175 the forwarding state. It can greatly reduce time to troubleshoot 176 and resolve issues if operators had the history of Loc-RIB 177 changes. For example, a performance issue might have been seen 178 for only a duration of 5 minutes. Post troubleshooting this issue 179 without Loc-RIB history hides any decision based routing changes 180 that might have happened during those five minutes. 182 o Operators may wish to validate the impact of policies applied to 183 Adj-RIB-In by analyzing the final decision made by the router when 184 installing into the Loc-RIB. For example, in order to validate if 185 multi-path prefixes are installed as expected for all advertising 186 peers, the Adj-RIB-In Post-Policy and Loc-RIB needs to be 187 compared. This is only possible if the Loc-RIB is available. 188 Monitoring the Adj-RIB-In for this router from another router to 189 derive the Loc-RIB is likely to not show same installed prefixes. 190 For example, the received Adj-RIB-In will be different if add- 191 paths is not enabled or if maximum number of equal paths are 192 different from Loc-RIB to routes advertised. 194 This document adds Loc-RIB to the BGP Monitoring Protocol and 195 replaces Section 8.2 of [RFC7854] Locally Originated Routes. 197 1.1. Current Method to Monitor Loc-RIB 199 Loc-RIB is used to build Adj-RIB-Out when advertising routes to a 200 peer. It is therefore possible to derive the Loc-RIB of a router by 201 monitoring the Adj-RIB-In Pre-Policy from another router. At scale 202 this becomes overly complex and error prone. 204 /------------------------------------------------------\ 205 | ROUTER1 BGP Instance | 206 | | 207 | +--------------------------------------------+ | 208 | | Loc-RIB | | 209 | +--------------------------------------------+ | 210 | | | | 211 | +------------------+ +------------------+ | 212 | | Peer-ROUTER2 | | Peer-ROUTER3 | | 213 | | Adj-RIB-Out (Pre)| | Adj-RIB-Out (Pre)| | 214 | +------------------+ +------------------+ | 215 | Filters/Policy -| Filters/Policy -| | 216 | V V | 217 | +-------------------+ +-------------------+ | 218 | | Adj-RIB-Out (Post)| | Adj-RIB-Out (Post)| | 219 | +-------------------+ +-------------------+ | 220 | | | | 221 \------------- | ------------------------ | -----------/ 222 BGP | BGP | 223 Peer | Peer | 224 +------------------+ +------------------+ 225 | Peer-ROUTER1 | | Peer-ROUTER1 | 226 /--| |--\ /--| | --\ 227 | | Adj-RIB-In (Pre) | | | | Adj-RIB-In (Pre) | | 228 | +------------------+ | | +------------------+ | 229 | | | | 230 | ROUTER2/BGP Instance | | ROUTER3/BGP Instance | 231 \------------------------/ \-------------------------/ 232 | | 233 v v 234 ROUTER2 BMP Feed ROUTER3 BMP Feed 236 Figure 3: Current method to monitor Loc-RIB 238 The setup needed to monitor the Loc-RIB of a router requires another 239 router with a peering session to the target router that is to be 240 monitored. As shown in Figure 3, the target router Loc-RIB is 241 advertised via Adj-RIB-Out to the BMP router over a standard BGP 242 peering session. The BMP router then forwards Adj-RIB-In Pre-Policy 243 to the BMP receiver. 245 The current method introduces the need for additional resources: 247 o Requires at least two routers when only one router was to be 248 monitored. 250 o Requires additional BGP peering to collect the received updates 251 when peering may have not even been required in the first place. 252 For example, VRFs with no peers, redistributed BGP-LS with no 253 peers, segment routing egress peer engineering where no peers have 254 link-state address family enabled. 256 Complexities introduced with current method in order to derive (e.g. 257 correlate) peer to router Loc-RIB: 259 o Adj-RIB-Out received as Adj-RIB-In from another router may have a 260 policy applied that filters, generates aggregates, suppresses more 261 specifics, manipulates attributes, or filters routes. Not only 262 does this invalidate the Loc-RIB view, it adds complexity when 263 multiple BMP routers may have peering sessions to the same router. 264 The BMP receiver user is left with the error prone task of 265 identifying which peering session is the best representative of 266 the Loc-RIB. 268 o BGP peering is designed to work between administrative domains and 269 therefore does not need to include internal system level 270 information of each peering router (e.g. the system name or 271 version information). In order to derive a Loc-RIB to a router, 272 the router name or other system information is needed. The BMP 273 receiver and user are forced to do some type of correlation using 274 what information is available in the peering session (e.g. peering 275 addresses, ASNs, and BGP-IDs). This leads to error prone 276 correlations. 278 o The BGP-IDs and session addresses to router correlation requires 279 additional data, such as router inventory. This additional data 280 provides the BMP receiver the ability to map and correlate the 281 BGP-IDs and/or session addresses, but requires the BMP receiver to 282 somehow obtain this data outside of BMP. How this data is 283 obtained and the accuracy of the data directly effects the 284 integrity of the correlation. 286 2. Terminology 288 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 289 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 290 "OPTIONAL" in this document are to be interpreted as described in BCP 291 14 RFC 2119 [RFC2119] RFC 8174 [RFC8174] when, and only when, they 292 appear in all capitals, as shown here. 294 3. Definitions 296 o BGP Instance: it refers to an instance of an instance of BGP-4 297 [RFC4271] and considerations in section 8.1 of [RFC7854] do apply 298 to it. 300 o Adj-RIB-In: As defined in [RFC4271], "The Adj-RIBs-In contains 301 unprocessed routing information that has been advertised to the 302 local BGP speaker by its peers." This is also referred to as the 303 pre-policy Adj-RIB-In in this document. 305 o Adj-RIB-Out: As defined in [RFC4271], "The Adj-RIBs-Out contains 306 the routes for advertisement to specific peers by means of the 307 local speaker's UPDATE messages." 309 o Loc-RIB: As defined in section 9.4 of [RFC4271], "The Loc-RIB 310 contains the routes that have been selected by the local BGP 311 speaker's Decision Process." It is further defined that the 312 routes selected include locally originated and routes from all 313 peers. 315 o Pre-Policy Adj-RIB-Out: The result before applying the outbound 316 policy to an Adj-RIB-Out. This normally represents a similar view 317 of the Loc-RIB but may contain additional routes based on BGP 318 peering configuration. 320 o Post-Policy Adj-RIB-Out: The result of applying outbound policy to 321 an Adj-RIB-Out. This MUST be what is actually sent to the peer. 323 4. Per-Peer Header 325 4.1. Peer Type 327 A new peer type is defined for Loc-RIB to distinguish that it 328 represents Loc-RIB with or without RD and local instances. 329 Section 4.2 of [RFC7854] defines a Local Instance Peer type, which is 330 for the case of non-RD peers that have an instance identifier. 332 This document defines the following new peer type: 334 o Peer Type = 3: Loc-RIB Instance Peer 336 4.2. Peer Flags 338 In section 4.2 of [RFC7854], the "locally sourced routes" comment 339 under the L flag description is removed. Locally sourced routes MUST 340 be conveyed using the Loc-RIB instance peer type. 342 The per-peer header flags for Loc-RIB Instance Peer type are defined 343 as follows: 345 0 1 2 3 4 5 6 7 346 +-+-+-+-+-+-+-+-+ 347 |F| Reserved | 348 +-+-+-+-+-+-+-+-+ 350 o The F flag indicates that the Loc-RIB is filtered. This MUST be 351 set when only a subset of Loc-RIB routes is sent to the BMP 352 collector. 354 The remaining bits are reserved for future use. They MUST be 355 transmitted as 0 and their values MUST be ignored on receipt. 357 5. Loc-RIB Monitoring 359 The Loc-RIB contains all routes selected by the BGP protocol Decision 360 Process section 9.1 of [RFC4271]. These routes include those learned 361 from BGP peers via its Adj-RIBs-In post-policy, as well as routes 362 learned by other means section 9.4 of [RFC4271]. Examples of these 363 include redistribution of routes from other protocols into BGP or 364 otherwise locally originated (ie. aggregate routes). 366 As mentioned in Section 4.2 a subset of Loc-RIB routes MAY be sent to 367 a BMP collector by setting the F flag. 369 5.1. Per-Peer Header 371 All peer messages that include a per-peer header MUST use the 372 following values: 374 o Peer Type: Set to 3 to indicate Loc-RIB Instance Peer. 376 o Peer Distinguisher: Zero filled if the Loc-RIB represents the 377 global instance. Otherwise set to the route distinguisher or 378 unique locally defined value of the particular instance the Loc- 379 RIB belongs to. 381 o Peer Address: The remote IP address associated with the TCP 382 session over which the encapsulated PDU was received. If zero- 383 filled, the information is not available and setting the V flag is 384 not applicable. 386 o Peer AS: Set to the BGP instance global or default ASN value. 388 o Peer BGP ID: Set to the BGP instance global or RD (e.g. VRF) 389 specific router-id section 1.1 of [RFC7854]. 391 o Timestamp: The time when the encapsulated routes were installed in 392 The Loc-RIB, expressed in seconds and microseconds since midnight 393 (zero hour), January 1, 1970 (UTC). If zero, the time is 394 unavailable. Precision of the timestamp is implementation- 395 dependent. 397 5.2. Peer UP Notification 399 Peer UP notifications follow section 4.10 of [RFC7854] with the 400 following clarifications: 402 o Local Address: Zero-filled, local address is not applicable. 404 o Local Port: Set to 0, local port is not applicable. 406 o Remote Port: Set to 0, remote port is not applicable. 408 o Sent OPEN Message: This is a fabricated BGP OPEN message. 409 Capabilities MUST include 4-octet ASN and all necessary 410 capabilities to represent the Loc-RIB route monitoring messages. 411 Only include capabilities if they will be used for Loc-RIB 412 monitoring messages. For example, if add-paths is enabled for 413 IPv6 and Loc-RIB contains additional paths, the add-paths 414 capability should be included for IPv6. In the case of add-paths, 415 the capability intent of advertise, receive or both can be ignored 416 since the presence of the capability indicates enough that add- 417 paths will be used for IPv6. 419 o Received OPEN Message: Repeat of the same Sent Open Message. The 420 duplication allows the BMP receiver to use existing parsing. 422 5.2.1. Peer UP Information 424 The following Peer UP information TLV type is added: 426 o Type = 3: VRF/Table Name. The Information field contains an ASCII 427 string whose value MUST be equal to the value of the VRF or table 428 name (e.g. RD instance name) being conveyed. The string size 429 MUST be within the range of 1 to 255 bytes. 431 The VRF/Table Name TLV is optionally included. For consistency, 432 it is RECOMMENDED that the VRF/Table Name always be included. The 433 default value of "global" MUST be used for the default Loc-RIB 434 instance with a zero-filled distinguisher. If the TLV is 435 included, then it MUST also be included in the Peer Down 436 notification. 438 Multiple TLVs of the same type can be repeated as part of the same 439 message, for example to convey a filtered view of a VRF. A BMP 440 receiver should append multiple TLVs of the same type to a set in 441 order to support alternate or additional names for the same peer. If 442 multiple strings are included, their ordering MUST be preserved when 443 they are reported. 445 5.3. Peer Down Notification 447 Peer down notification MUST use reason code TBD3. Following the 448 reason is data in TLV format. The following peer Down information 449 TLV type is defined: 451 o Type = 3: VRF/Table Name. The Information field contains an ASCII 452 string whose value MUST be equal to the value of the VRF or table 453 name (e.g. RD instance name) being conveyed. The string size 454 MUST be within the range of 1 to 255 bytes. The VRF/Table Name 455 informational TLV MUST be included if it was in the Peer UP. 457 5.4. Route Monitoring 459 Route Monitoring messages are used for initial synchronization of the 460 Loc-RIB. They are also used to convey incremental Loc-RIB changes. 462 As defined in section 4.3 of [RFC7854], "Following the common BMP 463 header and per-peer header is a BGP Update PDU." 465 5.4.1. ASN Encoding 467 Loc-RIB route monitor messages MUST use 4-byte ASN encoding as 468 indicated in PEER UP sent OPEN message (Section 5.2) capability. 470 5.4.2. Granularity 472 State compression and throttling SHOULD be used by a BMP sender to 473 reduce the amount of route monitoring messages that are transmitted 474 to BMP receivers. With state compression, only the final resultant 475 updates are sent. 477 For example, prefix 10.0.0.0/8 is updated in the Loc-RIB 5 times 478 within 1 second. State compression of BMP route monitor messages 479 results in only the final change being transmitted. The other 4 480 changes are suppressed because they fall within the compression 481 interval. If no compression was being used, all 5 updates would have 482 been transmitted. 484 A BMP receiver should expect that Loc-RIB route monitoring 485 granularity can be different by BMP sender implementation. 487 5.5. Route Mirroring 489 Route mirroring is not applicable to Loc-RIB and Route Mirroring 490 messages SHOULD be ignored. 492 5.6. Statistics Report 494 Not all Stat Types are relevant to Loc-RIB. The Stat Types that are 495 relevant are listed below: 497 o Stat Type = 8: (64-bit Gauge) Number of routes in Loc-RIB. 499 o Stat Type = 10: Number of routes in per-AFI/SAFI Loc-RIB. The 500 value is structured as: 2-byte AFI, 1-byte SAFI, followed by a 64- 501 bit Gauge. 503 6. Other Considerations 505 6.1. Loc-RIB Implementation 507 There are several methods to implement Loc-RIB efficiently. In all 508 methods, the implementation emulates a peer with Peer UP and DOWN 509 messages to convey capabilities as well as Route Monitor messages to 510 convey Loc-RIB. In this sense, the peer that conveys the Loc-RIB is 511 a local router emulated peer. 513 6.1.1. Multiple Loc-RIB Peers 515 There MUST be multiple emulated peers for each Loc-RIB instance, such 516 as with VRFs. The BMP receiver identifies the Loc-RIB by the peer 517 header distinguisher and BGP ID. The BMP receiver uses the VRF/ 518 Table Name from the PEER UP information to associate a name to the 519 Loc-RIB. 521 In some implementations, it might be required to have more than one 522 emulated peer for Loc-RIB to convey different address families for 523 the same Loc-RIB. In this case, the peer distinguisher and BGP ID 524 should be the same since it represents the same Loc-RIB instance. 525 Each emulated peer instance MUST send a PEER UP with the OPEN message 526 indicating the address family capabilities. A BMP receiver MUST 527 process these capabilities to know which peer belongs to which 528 address family. 530 6.1.2. Filtering Loc-RIB to BMP Receivers 532 There maybe be use-cases where BMP receivers should only receive 533 specific routes from Loc-RIB. For example, IPv4 unicast routes may 534 include IBGP, EBGP, and IGP but only routes from EBGP should be sent 535 to the BMP receiver. Alternatively, it may be that only IBGP and 536 EBGP that should be sent and IGP redistributed routes should be 537 excluded. In these cases where the Loc-RIB is filtered, the F flag 538 is set to 1 to indicate to the BMP receiver that the Loc-RIB is 539 filtered. If multiple filters are associated to the same Loc-RIB, a 540 Table Name MUST be used in order to allow a BMP receiver to make the 541 right associations. 543 6.1.3. Changes to existing BMP sessions 545 In case of any change that results in the alteration of behaviour of 546 an existing BMP session, ie. changes to filtering and table names, 547 the session MUST be bounced with a Peer DOWN/Peer UP sequence. 549 7. Security Considerations 551 The same considerations as in section 11 of [RFC7854] apply to this 552 document. Implementations of this protocol SHOULD require to 553 establish sessions with authorized and trusted monitoring devices. 554 It is also believed that this document does not add any additional 555 security considerations. 557 8. IANA Considerations 559 This document requests that IANA assign the following new parameters 560 to the BMP parameters name space [1]. 562 8.1. BMP Peer Type 564 This document defines a new peer type (Section 4.1): 566 o Peer Type = 3: Loc-RIB Instance Peer 568 8.2. BMP Peer Flags 570 This document defines a new flag (Section 4.2) and proposes that peer 571 flags are specific to the peer type: 573 o The F flag indicates that the Loc-RIB is filtered. This indicates 574 that the Loc-RIB does not represent the complete routing table. 576 8.3. Peer UP Information TLV 578 This document defines the following new BMP PEER UP informational 579 message TLV types (Section 5.2.1): 581 o Type = 3: VRF/Table Name. The Information field contains an ASCII 582 string whose value MUST be equal to the value of the VRF or table 583 name (e.g. RD instance name) being conveyed. The string size 584 MUST be within the range of 1 to 255 bytes. 586 8.4. Peer Down Reason code 588 This document defines the following new BMP Peer Down reason code 589 (Section 5.3): 591 o Type = TBD3: Local system closed, TLV data follows. 593 9. References 595 9.1. Normative References 597 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 598 Requirement Levels", BCP 14, RFC 2119, 599 DOI 10.17487/RFC2119, March 1997, 600 . 602 [RFC4271] Rekhter, Y., Ed., Li, T., Ed., and S. Hares, Ed., "A 603 Border Gateway Protocol 4 (BGP-4)", RFC 4271, 604 DOI 10.17487/RFC4271, January 2006, 605 . 607 [RFC7854] Scudder, J., Ed., Fernando, R., and S. Stuart, "BGP 608 Monitoring Protocol (BMP)", RFC 7854, 609 DOI 10.17487/RFC7854, June 2016, 610 . 612 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 613 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 614 May 2017, . 616 9.2. URIs 618 [1] https://www.iana.org/assignments/bmp-parameters/bmp- 619 parameters.xhtml 621 Acknowledgements 623 The authors would like to thank John Scudder, Jeff Haas and Mukul 624 Srivastava for their valuable input. 626 Authors' Addresses 627 Tim Evens 628 Cisco Systems 629 2901 Third Avenue, Suite 600 630 Seattle, WA 98121 631 USA 633 Email: tievens@cisco.com 635 Serpil Bayraktar 636 Cisco Systems 637 3700 Cisco Way 638 San Jose, CA 95134 639 USA 641 Email: serpil@cisco.com 643 Manish Bhardwaj 644 Cisco Systems 645 3700 Cisco Way 646 San Jose, CA 95134 647 USA 649 Email: manbhard@cisco.com 651 Paolo Lucente 652 NTT Communications 653 Siriusdreef 70-72 654 Hoofddorp, WT 2132 655 NL 657 Email: paolo@ntt.net