idnits 2.17.1 draft-ietf-i2rs-rib-info-model-04.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- -- The document has examples using IPv4 documentation addresses according to RFC6890, but does not use any IPv6 documentation addresses. Maybe there should be IPv6 examples, too? Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 433 has weird spacing: '...thop-id egre...' -- The document date (December 3, 2014) is 3425 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- == Outdated reference: A later version (-11) exists of draft-ietf-i2rs-problem-statement-04 Summary: 0 errors (**), 0 flaws (~~), 3 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group N. Bahadur, Ed. 3 Internet-Draft Bracket Computing 4 Intended status: Informational R. Folkes, Ed. 5 Expires: June 01, 2015 Juniper Networks, Inc. 6 S. Kini, Ed. 7 Ericsson 8 J. Medved 9 Cisco 10 December 3, 2014 12 Routing Information Base Info Model 13 draft-ietf-i2rs-rib-info-model-04 15 Abstract 17 Routing and routing functions in enterprise and carrier networks are 18 typically performed by network devices (routers and switches) using a 19 routing information base (RIB). Protocols and configuration push 20 data into the RIB and the RIB manager installs state into the 21 hardware; for packet forwarding. This draft specifies an information 22 model for the RIB to enable defining a standardized data model. Such 23 a data model can be used to define an interface to the RIB from an 24 entity that may even be external to the network device. This 25 interface can be used to support new use-cases being defined by the 26 IETF I2RS WG. 28 Status of This Memo 30 This Internet-Draft is submitted in full conformance with the 31 provisions of BCP 78 and BCP 79. 33 Internet-Drafts are working documents of the Internet Engineering 34 Task Force (IETF). Note that other groups may also distribute 35 working documents as Internet-Drafts. The list of current Internet- 36 Drafts is at http://datatracker.ietf.org/drafts/current/. 38 Internet-Drafts are draft documents valid for a maximum of six months 39 and may be updated, replaced, or obsoleted by other documents at any 40 time. It is inappropriate to use Internet-Drafts as reference 41 material or to cite them other than as "work in progress." 43 This Internet-Draft will expire on November 28, 2014. 45 Copyright Notice 47 Copyright (c) 2014 IETF Trust and the persons identified as the 48 document authors. All rights reserved. 50 This document is subject to BCP 78 and the IETF Trust's Legal 51 Provisions Relating to IETF Documents 52 (http://trustee.ietf.org/license-info) in effect on the date of 53 publication of this document. Please review these documents 54 carefully, as they describe your rights and restrictions with respect 55 to this document. Code Components extracted from this document must 56 include Simplified BSD License text as described in Section 4.e of 57 the Trust Legal Provisions and are provided without warranty as 58 described in the Simplified BSD License. 60 Table of Contents 62 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 63 1.1. Conventions used in this document . . . . . . . . . . . . 5 64 2. RIB data . . . . . . . . . . . . . . . . . . . . . . . . . . 5 65 2.1. RIB definition . . . . . . . . . . . . . . . . . . . . . 6 66 2.2. Routing instance . . . . . . . . . . . . . . . . . . . . 6 67 2.3. Route . . . . . . . . . . . . . . . . . . . . . . . . . . 7 68 2.4. Nexthop . . . . . . . . . . . . . . . . . . . . . . . . . 9 69 2.4.1. Nexthop types . . . . . . . . . . . . . . . . . . . . 11 70 2.4.2. Nexthop list attributes . . . . . . . . . . . . . . . 12 71 2.4.3. Nexthop content . . . . . . . . . . . . . . . . . . . 13 72 2.4.4. Special nexthops . . . . . . . . . . . . . . . . . . 14 73 3. Reading from the RIB . . . . . . . . . . . . . . . . . . . . 14 74 4. Writing to the RIB . . . . . . . . . . . . . . . . . . . . . 14 75 5. Notifications . . . . . . . . . . . . . . . . . . . . . . . . 15 76 6. RIB grammar . . . . . . . . . . . . . . . . . . . . . . . . . 15 77 7. Using the RIB grammar . . . . . . . . . . . . . . . . . . . . 18 78 7.1. Using route preference . . . . . . . . . . . . . . . . . 18 79 7.2. Using different nexthops types . . . . . . . . . . . . . 18 80 7.2.1. Tunnel nexthops . . . . . . . . . . . . . . . . . . . 19 81 7.2.2. Replication lists . . . . . . . . . . . . . . . . . . 19 82 7.2.3. Weighted lists . . . . . . . . . . . . . . . . . . . 19 83 7.2.4. Protection lists . . . . . . . . . . . . . . . . . . 20 84 7.2.5. Nexthop chains . . . . . . . . . . . . . . . . . . . 20 85 7.2.6. Lists of lists . . . . . . . . . . . . . . . . . . . 21 86 7.3. Performing multicast . . . . . . . . . . . . . . . . . . 21 87 8. RIB operations at scale . . . . . . . . . . . . . . . . . . . 22 88 8.1. RIB reads . . . . . . . . . . . . . . . . . . . . . . . . 22 89 8.2. RIB writes . . . . . . . . . . . . . . . . . . . . . . . 22 90 8.3. RIB events and notifications . . . . . . . . . . . . . . 22 91 9. Security Considerations . . . . . . . . . . . . . . . . . . . 22 92 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 23 93 11. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 23 94 12. References . . . . . . . . . . . . . . . . . . . . . . . . . 23 95 12.1. Normative References . . . . . . . . . . . . . . . . . . 23 96 12.2. Informative References . . . . . . . . . . . . . . . . . 23 97 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 24 99 1. Introduction 101 Routing and routing functions in enterprise and carrier networks are 102 traditionally performed in network devices. Traditionally routers 103 run routing protocols and the routing protocols (along with static 104 config) populate the Routing information base (RIB) of the router. 105 The RIB is managed by the RIB manager and the RIB manager provides a 106 north-bound interface to its clients i.e. the routing protocols to 107 insert routes into the RIB. The RIB manager consults the RIB and 108 decides how to program the forwarding information base (FIB) of the 109 hardware by interfacing with the FIB manager. The relationship 110 between these entities is shown in Figure 1. 112 +-------------+ +-------------+ 113 |RIB client 1 | ...... |RIB client N | 114 +-------------+ +-------------+ 115 ^ ^ 116 | | 117 +----------------------+ 118 | 119 V 120 +---------------------+ 121 |RIB manager | 122 | | 123 | +-----+ | 124 | | RIB | | 125 | +-----+ | 126 +---------------------+ 127 ^ 128 | 129 +---------------------------------+ 130 | | 131 V V 132 +-------------+ +-------------+ 133 |FIB manager 1| |FIB manager M| 134 | +-----+ | .......... | +-----+ | 135 | | FIB | | | | FIB | | 136 | +-----+ | | +-----+ | 137 +-------------+ +-------------+ 139 Figure 1: RIB manager, RIB clients and FIB managers 141 Routing protocols are inherently distributed in nature and each 142 router makes an independent decision based on the routing data 143 received from its peers. With the advent of newer deployment 144 paradigms and the need for specialized applications, there is an 145 emerging need to guide the router's routing function 146 [I-D.ietf-i2rs-problem-statement]. Traditional network-device 147 protocol-based RIB population suffices for most use cases where 148 distributed network control is used. However there are use cases 149 which the network operators currently address by configuring static 150 routes, policies and RIB import/export rules on the routers. There 151 is also a growing list of use cases [I-D.white-i2rs-use-case], 152 [I-D.hares-i2rs-use-case-vn-vc] in which a network operator might 153 want to program the RIB based on data unrelated to just routing 154 (within that network's domain). Programming the RIB could be based 155 on other information such as routing data in the adjacent domain or 156 the load on storage and compute in the given domain. Or it could 157 simply be a programmatic way of creating on-demand dynamic overlays 158 (e.g. GRE tunnels) between compute hosts (without requiring the 159 hosts to run traditional routing protocols). If there was a 160 standardized publicly documented programmatic interface to a RIB, it 161 would enable further networking applications that address a variety 162 of use-cases [I-D.ietf-i2rs-problem-statement]. 164 A programmatic interface to the RIB involves 2 types of operations - 165 reading from the RIB and writing (adding/modifying/deleting) to the 166 RIB. [I-D.white-i2rs-use-case] lists various use-cases which require 167 read and/or write manipulation of the RIB. 169 In order to understand what is in a router's RIB, methods like per- 170 protocol SNMP MIBs and show output screen scraping are used. These 171 methods are not scalable, since they are client pull mechanisms and 172 not proactive push (from the router) mechanisms. Screen scraping is 173 error prone (since the output format can change) and is vendor 174 dependent. Building a RIB from per-protocol MIBs is error prone 175 since the MIB data represent protocol data and not the exact 176 information that went into the RIB. Thus, just getting read-only RIB 177 information from a router is a hard task. 179 Adding content to the RIB from an external entity can be done today 180 using static configuration mechanisms provided by router vendors. 181 However the mix of what can be modified in the RIB varies from vendor 182 to vendor and the method of configuring it is also vendor dependent. 183 This makes it hard for an external entity to program a multi-vendor 184 network in a consistent and vendor-independent way. 186 The purpose of this draft is to specify an information model for the 187 RIB. Using the information model, one can build a detailed data 188 model for the RIB. That data model could then be used by an external 189 entity to program a network device. 191 The rest of this document is organized as follows. Section 2 goes 192 into the details of what constitutes and can be programmed in a RIB. 193 Guidelines for reading and writing the RIB are provided in Section 3 194 and Section 4 respectively. Section 5 provides a high-level view of 195 the events and notifications going from a network device to an 196 external entity, to update the external entity on asynchronous 197 events. The RIB grammar is specified in Section 6. Examples of 198 using the RIB grammar are shown in Section 7. Section 8 covers 199 considerations for performing RIB operations at scale. 201 1.1. Conventions used in this document 203 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 204 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 205 document are to be interpreted as described in [RFC2119]. 207 2. RIB data 209 This section describes the details of a RIB. It makes forward 210 references to objects in the RIB grammar (Section 6). A high-level 211 description of the RIB contents is as shown below. 213 routing-instance 215 | | 216 | | 217 0..N | | 1..N 218 | | 220 interface(s) RIB(s) 222 | 223 | 224 | 0..N 226 route(s) 228 Figure 2: RIB model 230 2.1. RIB definition 232 A RIB is an entity that contains routes. A RIB is identified by its 233 name and a RIB is contained within a routing instance (Section 2.2). 234 The name MUST be unique within a routing instance. All routes in a 235 given RIB MUST be of the same type (e.g. IPv4). Each RIB MUST 236 belong to a routing instance. 238 A routing instance can have multiple RIBs. A routing instance can 239 even have two or more RIBs with the same type of routes (e.g. IPv6). 240 A typical case where this can be used is for multi-topology routing 241 ([RFC4915], [RFC5120]). 243 Each RIB can be optionally associated with a ENABLE_IP_RPF_CHECK 244 attribute that enables Reverse path forwarding (RPF) checks on all IP 245 routes in that RIB. Reverse path forwarding (RPF) check is used to 246 prevent spoofing and limit malicious traffic. For IP packets, the IP 247 source address is looked up and the rpf interface(s) associated with 248 the route for that IP source address is found. If the incoming IP 249 packet's interface matches one of the rpf interface(s), then the IP 250 packet is forwarded based on its IP destination address; otherwise, 251 the IP packet is discarded. 253 2.2. Routing instance 255 A routing instance, in the context of the RIB information model, is a 256 collection of RIBs, interfaces, and routing parameters. A routing 257 instance creates a logical slice of the router and allows different 258 logical slices; across a set of routers; to communicate with each 259 other. Layer 3 Virtual Private Networks (VPN), Layer 2 VPNs (L2VPN) 260 and Virtual Private Lan Service (VPLS) can be modeled as routing 261 instances. Note that modeling a Layer 2 VPN using a routing instance 262 only models the Layer-3 (RIB) aspect and does not model any layer-2 263 information (like ARP) that might be associated with the L2VPN. 265 The set of interfaces indicates which interfaces are associated with 266 this routing instance. The RIBs specify how incoming traffic is to 267 be forwarded. And the routing parameters control the information in 268 the RIBs. The intersection set of interfaces of 2 routing instances 269 MUST be the null set. In other words, an interface MUST NOT be 270 present in 2 routing instances. Thus a routing instance describes 271 the routing information and parameters across a set of interfaces. 273 A routing instance MUST contain the following mandatory fields. 275 o INSTANCE_NAME: A routing instance is identified by its name, 276 INSTANCE_NAME. This MUST be unique across all routing instances 277 in a given network device. 279 o rib-list: This is the list of RIBs associated with this routing 280 instance. Each routing instance can have multiple RIBs to 281 represent routes of different types. For example, one would put 282 IPv4 routes in one RIB and MPLS routes in another RIB. 284 A routing instance MAY contain the following optional fields. 286 o interface-list: This represents the list of interfaces associated 287 with this routing instance. The interface list helps constrain 288 the boundaries of packet forwarding. Packets coming on these 289 interfaces are directly associated with the given routing 290 instance. The interface list contains a list of identifiers, with 291 each identifier uniquely identifying an interface. 293 o ROUTER_ID: The router-id field identifies the network device in 294 control plane interactions with other network devices. This field 295 is to be used if one wants to virtualize a physical router into 296 multiple virtual routers. Each virtual router MUST have a unique 297 router-id. ROUTER_ID MUST be unique across all network devices in 298 a given domain. 300 2.3. Route 302 A route is essentially a match condition and an action following the 303 match. The match condition specifies the kind of route (IPv4, MPLS, 304 etc.) and the set of fields to match on. Figure 3 represents the 305 overall contents of a route. 307 route 309 | | | 310 +---------+ | +----------+ 311 | | | 312 0..N | | | 1..N 314 route-attribute match nexthop-list 316 | 317 | 318 +-------+-------+-------+--------+ 319 | | | | | 320 | | | | | 322 IPv4 IPv6 MPLS MAC Interface 324 (Unicast/Multicast) 326 Figure 3: Route model 328 This document specifies the following match types: 330 o IPv4: Match on destination IP address in the IPv4 header 332 o IPv6: Match on destination IP address in the IPv6 header 334 o MPLS: Match on a MPLS label at the top of the MPLS label stack 336 o MAC: Match on MAC destination addresses in the ethernet header 338 o Interface: Match on incoming interface of the packet 340 o IP multicast: Match on (S, G) or (*, G), where S and G are IP 341 prefixes 343 Each route MUST have associated with it the following mandatory route 344 attributes. 346 o ROUTE_PREFERENCE: This is a numerical value that allows for 347 comparing routes from different protocols. Static configuration 348 is also considered a protocol for the purpose of this field. It 349 is also known as administrative-distance. The lower the value, 350 the higher the preference. For example there can be an OSPF route 351 for 192.0.2.1/32 with a preference of 5. If a controller programs 352 a route for 192.0.2.1/32 with a preference of 2, then the 353 controller's route will be preferred by the RIB manager. 354 Preference should be used to dictate behavior. For more examples 355 of preference, see Section 7.1. 357 Each route can have associated with it one or more optional route 358 attributes. 360 o route-vendor-attributes: Vendors can specify vendor-specific 361 attributes using this. The details of this attribute is outside 362 the scope of this document. 364 2.4. Nexthop 366 A nexthop represents an object resulting from a route lookup. For 367 example, if a route lookup results in sending the packet out a given 368 interface, then the nexthop represents that interface. 370 Nexthops can be fully resolved nexthops or unresolved nexthop. A 371 resolved nexthop has adequate information to send the outgoing packet 372 to the destination by forwarding it on an interface to a directly 373 connected neighbor. For example, a nexthop to a point-to-point 374 interface or a nexthop to an IP address on an Ethernet interface has 375 the nexthop resolved. An unresolved nexthop is something that 376 requires the RIB manager to determine the final resolved nexthop. 377 For example, a nexthop could be an IP address. The RIB manager would 378 resolve how to reach that IP address, e.g. is the IP address 379 reachable by regular IP forwarding or by a MPLS tunnel or by both. 380 If the RIB manager cannot resolve the nexthop, then the nexthop 381 remains in an unresolved state and is NOT a candidate for 382 installation in the FIB. Future RIB events can cause an unresolved 383 nexthop to get resolved (like that IP address being advertised by an 384 IGP neighbor). Conversely resolved nexthops can also become 385 unresolved (e.g. in case of a tunnel going down) and hence would no 386 longer be candidates to be installed in the FIB. 388 When at least one of a route's nexthops is resolved, then the route 389 can be used to forward packets. Such a route is considered eligible 390 to be installed in the FIB and is henceforth referred to as a FIB- 391 eligible route. Conversely, when all the nexthops of a route are 392 unresolved that route can no longer be used to forward packets. Such 393 a route is considered ineligible to be installed in the FIB and is 394 henceforth referred to as a FIB-ineligible route. The RIB 395 information model allows an external entity to program routes whose 396 nexthops may be unresolved initially. Whenever an unresolved nexthop 397 gets resolved, the RIB manager will send a notification of the same 398 (see Section 5 ). 400 The overall structure and usage of a nexthop is as shown in the 401 figure below. 403 route 405 | 406 | 0..N 408 nexthop-list 410 | 411 +------------------+------------------+ 412 1..N | | 413 | | 415 nexthop-list-member special-nexthop 417 | 418 | 420 nexthop-chain 422 | 423 1..N | 425 nexthop 427 | 428 | 429 +--------+------+------------------+------------------+ 430 | | | | 431 | | | | 433 nexthop-id egress-interface logical-tunnel tunnel-encap 435 Figure 4: Nexthop model 437 Nexthops can be identified by an identifier to create a level of 438 indirection. The identifier is set by the RIB manager and returned 439 to the external entity on request. The RIB data-model SHOULD support 440 a way to optionally receive a nexthop identifier for a given nexthop. 441 For example, one can create a nexthop that points to a BGP peer. The 442 returned nexthop identifier can then be used for programming routes 443 to point to the same nexthop. Given that the RIB manager has created 444 an indirection for that BGP peer using the nexthop identifier, if the 445 transport path to the BGP peer changes, that change in path will be 446 seamless to the external entity and all routes that point to that BGP 447 peer will automatically start going over the new transport path. 448 Nexthop indirection using identifiers could be applied to not just 449 unicast nexthops, but even to nexthops that contain chains and nested 450 nexthops (Section 2.4.1). 452 2.4.1. Nexthop types 454 This document specifies a very generic, extensible and recursive 455 grammar for nexthops. Nexthops can be 457 o Unicast nexthops - pointing to an interface 459 o Tunnel nexthops - pointing to a tunnel 461 o Replication lists - list of nexthops to which to replicate a 462 packet 464 o Weighted lists - for load-balancing 466 o Protection lists - for primary/backup paths 468 o Nexthop chains - for chaining headers, e.g. MPLS label over a GRE 469 header 471 o Lists of lists - recursive application of the above 473 o Indirect nexthops - pointing to a nexthop identifier 475 o Special nexthops - for performing specific well-defined functions 477 It is expected that all network devices will have a limit on how many 478 levels of lookup can be performed and not all hardware will be able 479 to support all kinds of nexthops. RIB capability negotiation becomes 480 very important for this reason and a RIB data-model MUST specify a 481 way for an external entity to learn about the network device's 482 capabilities. Examples of when and how to use various kinds of 483 nexthops are shown in Section 7.2. 485 Tunnel nexthops allow an external entity to program static tunnel 486 headers. There can be cases where the remote tunnel end-point does 487 not support dynamic signaling (e.g. no LDP support on a host) and in 488 those cases the external entity might want to program the tunnel 489 header on both ends of the tunnel. The tunnel nexthop is kept 490 generic with specifications provided for some commonly used tunnels. 491 It is expected that the data-model will model these tunnel types with 492 complete accuracy. 494 Nexthop chains can be used to specify multiple headers over a packet, 495 before a packet is forwarded. One simple example is that of MPLS 496 over GRE, wherein the packet has an inner MPLS header followed by a 497 GRE header followed by an IP header. The outermost IP header is 498 decided by the network device whereas the MPLS header and GRE header 499 are specified by the controller. Not every network device will be 500 able to support all kinds of nexthop chains and an arbitrary number 501 of header chained together. The RIB data-model SHOULD provide a way 502 to expose nexthop chaining capability supported by a given network 503 device. 505 2.4.2. Nexthop list attributes 507 For nexthops that are of the form of a list(s), attributes can be 508 associated with each member of the list to indicate the role of an 509 individual member of the list. Two kinds of attributes are 510 specified: 512 o PROTECTION_PREFERENCE: This provides a primary/backup like 513 preference. The preference is an integer value that should be set 514 to 1 (primary) or 2 (backup). Only when all the primary nexthops 515 fail is the traffic re-routed through the backup nexthops. This 516 attribute must be specified for all the members of a list or none 517 of them. 519 o LOAD_BALANCE_WEIGHT: This is used for load-balancing. Each list 520 member MUST be assigned a weight between 1 and 99. The weight 521 determines the proportion of traffic to be sent over a nexthop 522 used for forwarding as a ratio of the weight of this nexthop 523 divided by the weights of all the nexthops of this route that are 524 used for forwarding. To perform equal load-balancing, one MAY 525 specify a weight of "0" for all the member nexthops. The value 526 "0" is reserved for equal load-balancing and if applied, MUST be 527 applied to all member nexthops. 529 A nexthop list MAY contain elements that have both 530 PROTECTION_PREFERENCE and LOAD_BALANCE_WEIGHT set. When both are 531 set, it means under normal operation the network device should load 532 balance the traffic over all FIB-eligible nexthops of the current 533 protection preference. 535 2.4.3. Nexthop content 537 At the lowest level, a nexthop can be one of: 539 o identifier: This is an identifier returned by the network device 540 representing another nexthop or another nexthop chain. 542 o EGRESS_INTERFACE: This represents a physical, logical or virtual 543 interface on the network device. Address resolution must not be 544 required on this interface. This interface may belong to any 545 routing instance. 547 o IP address: A route lookup on this IP address is done to determine 548 the egress interface. Address resolution may be required 549 depending on the interface. 551 * An optional RIB name can also be specified to indicate the RIB 552 in which the IP address is to be looked up. One can use the 553 RIB name field to direct the packet from one domain into 554 another domain. By default the RIB will be the same as the one 555 that route belongs to. 557 o EGRESS_INTERFACE and IP address: This can be used in cases e.g. 558 where the IP address is a link-local address. 560 o EGRESS_INTERFACE and MAC address: The egress interface must be an 561 ethernet interface. Address resolution is not required for this 562 nexthop. 564 o tunnel encap: This can be an encap representing an IP tunnel or 565 MPLS tunnel or others as defined in this document. An optional 566 egress interface can be specified to indicate which interface to 567 send the packet out on. The egress interface is useful when the 568 network device contains Ethernet interfaces and one needs to 569 perform address resolution for the IP packet. 571 o logical tunnel: This can be a MPLS LSP or a GRE tunnel (or others 572 as defined in this document), that is represented by a unique 573 identifier (E.g. name). 575 o RIB_NAME: A nexthop pointing to a RIB indicates that the route 576 lookup needs to continue in the specified RIB. This is a way to 577 perform chained lookups. 579 2.4.4. Special nexthops 581 This document specifies certain special nexthops. The purpose of 582 each of them is explained below: 584 o DISCARD: This indicates that the network device should drop the 585 packet and increment a drop counter. 587 o DISCARD_WITH_ERROR: This indicates that the network device should 588 drop the packet, increment a drop counter and send back an 589 appropriate error message (like ICMP error). 591 o RECEIVE: This indicates that that the traffic is destined for the 592 network device. For example, protocol packets or OAM packets. 593 All locally destined traffic SHOULD be throttled to avoid a denial 594 of service attack on the router's control plane. An optional 595 rate-limiter can be specified to indicate how to throttle traffic 596 destined for the control plane. The description of the rate- 597 limiter is outside the scope of this document. 599 3. Reading from the RIB 601 A RIB data-model MUST allow an external entity to read entries, for 602 RIBs created by that entity. The network device administrator MAY 603 allow reading of other RIBs by an external entity through access 604 lists on the network device. The details of access lists are outside 605 the scope of this document. 607 The data-model MUST support a full read of the RIB and subsequent 608 incremental reads of changes to the RIB. An external agent SHOULD be 609 able to request a full read at any time in the lifecycle of the 610 connection. When sending data to an external entity, the RIB manager 611 SHOULD try to send all dependencies of an object prior to sending 612 that object. 614 4. Writing to the RIB 616 A RIB data-model MUST allow an external entity to write entries, for 617 RIBs created by that entity. The network device administrator MAY 618 allow writes to other RIBs by an external entity through access lists 619 on the network device. The details of access lists are outside the 620 scope of this document. 622 When writing an object to a RIB, the external entity SHOULD try to 623 write all dependencies of the object prior to sending that object. 624 The data-model MUST support requesting identifiers for nexthops and 625 collecting the identifiers back in the response. 627 Route programming in the RIB MUST result in a return code that 628 contains the following attributes: 630 o Installed - Yes/No (Indicates whether the route got installed in 631 the FIB) 633 o Active - Yes/No (Indicates whether a route is fully resolved and 634 is a candidate for selection) 636 o Reason - E.g. Not authorized 638 The data-model MUST specify which objects are modify-able objects. A 639 modify-able object is one whose contents can be changed without 640 having to change objects that depend on it and without affecting any 641 data forwarding. To change a non-modifiable object, one will need to 642 create a new object and delete the old one. For example, routes that 643 use a nexthop that is identified by a nexthop-identifier should be 644 unaffected when the contents of that nexthop changes. 646 5. Notifications 648 Asynchronous notifications are sent by the network device's RIB 649 manager to an external entity when some event occurs on the network 650 device. A RIB data-model MUST support sending asynchronous 651 notifications. A brief list of suggested notifications is as below: 653 o Route change notification, with return code as specified in 654 Section 4 656 o Nexthop resolution status (resolved/unresolved) notification 658 6. RIB grammar 660 This section specifies the RIB information model in Routing Backus- 661 Naur Form [RFC5511]. 663 ::= 664 [] 665 [] 667 ::= ( ...) 669 ::= ( ...) 670 ::= 671 [ ... ] 672 [ENABLE_IP_RPF_CHECK] 674 ::= | | 675 | 677 ::= 678 [] 679 [] 681 ::= ( | | | 682 | ) 683 ::= | | | | 685 ::= 686 ( | | 687 ( )) 688 ::= 689 ::= 690 ::= 692 ::= 693 ( | | 694 ( )) 695 ::= 696 ::= 697 ::= 698 ::= | | 700 ::= 701 ::= 702 ::= 704 ::= [] 705 [] 707 ::= | 708 | 709 710 ::= <> 711 ::= <> 712 ::= <> 713 ::= <> 715 ::= | 716 (() | 717 ([ ... ] )) 719 ::= ( | 720 ) 721 [] 722 ::= [] 723 [] 725 ::= ( ...) 726 ::= | 727 ::= ( | | 728 | | 729 ( ( | ) 730 [RIB_NAME]) | 731 ( ) | 732 ( []) | 733 | 734 ) 736 ::= | 737 ::= | | 738 ( []) 740 ::= 741 ::= | | | | | 743 ::= ( ) | 744 ( ) | 745 ( ) | 746 ( ) | 747 ( ) | 748 ( ) 750 ::= 751 [] [] 753 ::= 754 [] 755 [] [] 757 ::= ( ...) 758 ::= ( [] 759 [] []) | 760 ( []) 762 ::= [] 763 ::= ( | ) 764 [] 765 ::= ( | ) 766 767 [] 769 Figure 5: RIB rBNF grammar 771 7. Using the RIB grammar 773 The RIB grammar is very generic and covers a variety of features. 774 This section provides examples on using objects in the RIB grammar 775 and examples to program certain use cases. 777 7.1. Using route preference 779 Using route preference a client can pre-install alternate paths in 780 the network. For example, if OSPF has a route preference of 10, then 781 another client can install a route with route preference of 20 to the 782 same destination. The OSPF route will get precedence and will get 783 installed in the FIB. When the OSPF route is withdrawn, the 784 alternate path will get installed in the FIB. 786 Route preference can also be used to prevent denial of service 787 attacks by installing routes with the best preference, which either 788 drops the offending traffic or routes it to some monitoring/analysis 789 station. Since the routes are installed with the best preference, 790 they will supersede any route installed by any other protocol. 792 7.2. Using different nexthops types 794 The RIB grammar allows one to create a variety of nexthops. This 795 section describes uses for certain types of nexthops. 797 7.2.1. Tunnel nexthops 799 A tunnel nexthop points to a tunnel of some kind. Traffic that goes 800 over the tunnel gets encapsulated with the tunnel encap. Tunnel 801 nexthops are useful for abstracting out details of the network, by 802 having the traffic seamlessly route between network edges. 804 7.2.2. Replication lists 806 One can create a replication list for replication traffic to multiple 807 destinations. The destinations, in turn, could be complex nexthops 808 in themselves - at a level supported by the network device. Point to 809 multipoint and broadcast are examples that involve replication. 811 A replication list (at the simplest level) can be represented as: 813 ::= [ ... ] 815 The above can be derived from the grammar as follows: 817 ::= [ ...] 818 ::= [ ...] 819 ::= [ ... ] 821 7.2.3. Weighted lists 823 A weighted list is used to load-balance traffic among a set of 824 nexthops. From a modeling perspective, a weighted list is very 825 similar to a replication list, with the difference that each member 826 nexthop MUST have a LOAD_BALANCE_WEIGHT associated with it. 828 A weighted list (at the simplest level) can be represented as: 830 ::= ( ) 831 [( )... ] 833 The above can be derived from the grammar as follows: 835 ::= [ ...] 836 ::= ( ) 837 [( 838 ) ...] 839 ::= ( ) 840 [( ) ... ] 841 ::= ( ) 842 [( )... ] 844 7.2.4. Protection lists 846 Protection lists are similar to weighted lists. A protection list 847 specifies a set of primary nexthops and a set of backup nexthops. 848 The attribute indicates which nexthop is 849 primary and which is backup. 851 A protection list can be represented as: 853 ::= ( ) 854 [( )... ] 856 A protection list can also be a weighted list. In other words, 857 traffic can be load-balanced among the primary nexthops of a 858 protection list. In such a case, the list will look like: 860 ::= ( 861 ) 862 [( 863 )... ] 865 7.2.5. Nexthop chains 867 A nexthop chain is a nexthop that puts one or more headers on an 868 outgoing packet. One example is a Pseudowire - which is MPLS over 869 some transport (MPLS or GRE for instance). Another example is VxLAN 870 over IP. A nexthop chain allows an external entity to break up the 871 programming of the nexthop into independent pieces - one per 872 encapsulation. 874 A simple example of MPLS over GRE can be represented as: 876 ::= ( ) ( ) 878 The above can be derived from the grammar as follows: 880 ::= [ ...] 881 ::= 882 ::= [ ... ] 883 ::= ( [ ...]) 884 ::= () 885 ::= ( ) ( ) 887 7.2.6. Lists of lists 889 Lists of lists is a complex construct. One example of usage of such 890 a construct is to replicate traffic to multiple destinations, with 891 high availability. In other words, for each destination you have a 892 primary and backup nexthop (replication list) to ensure there is no 893 traffic drop in case of a failure. So the outer list is a protection 894 list and the inner lists are replication lists of primary/backup 895 nexthops. 897 7.3. Performing multicast 899 IP multicast involves matching a packet on (S, G) or (*, G), where 900 both S (source) and G (group) are IP prefixes. Following the match, 901 the packet is replicated to one or more recipients. How the 902 recipients subscribe to the multicast group is outside the scope of 903 this document. 905 In PIM-based multicast, the packets are IP forwarded on an IP 906 multicast tree. The downstream nodes on each point in the multicast 907 tree is one or more IP addresses. These can be represented as a 908 replication list ( Section 7.2.2 ). 910 In MPLS-based multicast, the packets are forwarded on a point to 911 multipoint (P2MP) label-switched path (LSP). The nexthop for a P2MP 912 LSP can be represented in the nexthop grammar as a 913 (P2MP LSP identifier) or a replication list ( Section 7.2.2) of 914 , with each tunnel encap representing a single mpls 915 downstream nexthop. 917 8. RIB operations at scale 919 This section discusses the scale requirements for a RIB data-model. 920 The RIB data-model should be able to handle large scale of 921 operations, to enable deployment of RIB applications in large 922 networks. 924 8.1. RIB reads 926 Bulking (grouping of multiple objects in a single message) MUST be 927 supported when a network device sends RIB data to an external entity. 928 Similarly the data model MUST enable a RIB client to request data in 929 bulk from a network device. 931 8.2. RIB writes 933 Bulking (grouping of multiple write operations in a single message) 934 MUST be supported when an external entity wants to write to the RIB. 935 The response from the network device MUST include a return-code for 936 each write operation in the bulk message. 938 8.3. RIB events and notifications 940 There can be cases where a single network event results in multiple 941 events and/or notifications from the network device to an external 942 entity. On the other hand, due to timing of multiple things 943 happening at the same time, a network device might have to send 944 multiple events and/or notifications to an external entity. The 945 network device originated event/notification message MUST support 946 bulking of multiple events and notifications in a single message. 948 9. Security Considerations 950 All interactions between a RIB manager and an external entity MUST be 951 authenticated and authorized. The RIB manager MUST protect itself 952 against a denial of service attack by a rogue external entity, by 953 throttling request processing. A RIB manager MUST enforce limits on 954 how much data can be programmed by an external entity and return 955 error when such a limit is reached. 957 The RIB manager MUST expose a data-model that it implements. An 958 external agent MUST send requests to the RIB manager that comply with 959 the supported data-model. The data-model MUST specify the behavior 960 of the RIB manager on handling of unsupported data requests. 962 10. IANA Considerations 964 This document does not generate any considerations for IANA. 966 11. Acknowledgements 968 The authors would like to thank the working group co-chairs and 969 reviewers on their comments and suggestions on this draft. The 970 following people contributed to the design of the RIB model as part 971 of the I2RS Interim meeting in April 2013 - Wes George, Chris 972 Liljenstolpe, Jeff Tantsura, Susan Hares and Fabian Schneider. 974 12. References 976 12.1. Normative References 978 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 979 Requirement Levels", BCP 14, RFC 2119, March 1997. 981 12.2. Informative References 983 [I-D.hares-i2rs-use-case-vn-vc] 984 Hares, S. and M. Chen, "Use Cases for Virtual Connections 985 on Demand (VCoD) and Virtual Network on Demand (VNoD) 986 using Interface to Routing System", draft-hares-i2rs-use- 987 case-vn-vc-03 (work in progress), July 2014. 989 [I-D.ietf-i2rs-problem-statement] 990 Atlas, A., Nadeau, T., and D. Ward, "Interface to the 991 Routing System Problem Statement", draft-ietf-i2rs- 992 problem-statement-04 (work in progress), June 2014. 994 [I-D.white-i2rs-use-case] 995 White, R., Hares, S., and A. Retana, "Protocol Independent 996 Use Cases for an Interface to the Routing System", draft- 997 white-i2rs-use-case-06 (work in progress), July 2014. 999 [RFC4915] Psenak, P., Mirtorabi, S., Roy, A., Nguyen, L., and P. 1000 Pillay-Esnault, "Multi-Topology (MT) Routing in OSPF", RFC 1001 4915, June 2007. 1003 [RFC5120] Przygienda, T., Shen, N., and N. Sheth, "M-ISIS: Multi 1004 Topology (MT) Routing in Intermediate System to 1005 Intermediate Systems (IS-ISs)", RFC 5120, February 2008. 1007 [RFC5511] Farrel, A., "Routing Backus-Naur Form (RBNF): A Syntax 1008 Used to Form Encoding Rules in Various Routing Protocol 1009 Specifications", RFC 5511, April 2009. 1011 Authors' Addresses 1013 Nitin Bahadur (editor) 1014 Bracket Computing 1015 320 Soquel Way 1016 Sunnyvale, CA 94085 1017 US 1019 Email: nitin_bahadur@yahoo.com 1021 Ron Folkes (editor) 1022 Juniper Networks, Inc. 1023 1194 N. Mathilda Avenue 1024 Sunnyvale, CA 94089 1025 US 1027 Phone: +1 408 745 2000 1028 Email: ronf@juniper.net 1029 URI: www.juniper.net 1031 Sriganesh Kini (editor) 1032 Ericsson 1034 Email: sriganesh.kini@ericsson.com 1036 Jan Medved 1037 Cisco 1039 Email: jmedved@cisco.co