idnits 2.17.1 draft-ietf-idr-add-paths-15.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (May 23, 2016) is 2895 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-04) exists of draft-ietf-idr-route-oscillation-stop-03 Summary: 0 errors (**), 0 flaws (~~), 2 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group D. Walton 3 Internet-Draft Cumulus Networks 4 Intended status: Standards Track A. Retana 5 Expires: November 24, 2016 E. Chen 6 Cisco Systems, Inc. 7 J. Scudder 8 Juniper Networks 9 May 23, 2016 11 Advertisement of Multiple Paths in BGP 12 draft-ietf-idr-add-paths-15 14 Abstract 16 This document defines a BGP extension that allows the advertisement 17 of multiple paths for the same address prefix without the new paths 18 implicitly replacing any previous ones. The essence of the extension 19 is that each path is identified by a path identifier in addition to 20 the address prefix. 22 Status of This Memo 24 This Internet-Draft is submitted in full conformance with the 25 provisions of BCP 78 and BCP 79. 27 Internet-Drafts are working documents of the Internet Engineering 28 Task Force (IETF). Note that other groups may also distribute 29 working documents as Internet-Drafts. The list of current Internet- 30 Drafts is at http://datatracker.ietf.org/drafts/current/. 32 Internet-Drafts are draft documents valid for a maximum of six months 33 and may be updated, replaced, or obsoleted by other documents at any 34 time. It is inappropriate to use Internet-Drafts as reference 35 material or to cite them other than as "work in progress." 37 This Internet-Draft will expire on November 24, 2016. 39 Copyright Notice 41 Copyright (c) 2016 IETF Trust and the persons identified as the 42 document authors. All rights reserved. 44 This document is subject to BCP 78 and the IETF Trust's Legal 45 Provisions Relating to IETF Documents 46 (http://trustee.ietf.org/license-info) in effect on the date of 47 publication of this document. Please review these documents 48 carefully, as they describe your rights and restrictions with respect 49 to this document. Code Components extracted from this document must 50 include Simplified BSD License text as described in Section 4.e of 51 the Trust Legal Provisions and are provided without warranty as 52 described in the Simplified BSD License. 54 Table of Contents 56 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 57 1.1. Specification of Requirements . . . . . . . . . . . . . . 2 58 2. How to Identify a Path . . . . . . . . . . . . . . . . . . . 3 59 3. Extended NLRI Encodings . . . . . . . . . . . . . . . . . . . 3 60 4. ADD-PATH Capability . . . . . . . . . . . . . . . . . . . . . 3 61 5. Operation . . . . . . . . . . . . . . . . . . . . . . . . . . 4 62 6. Deployment Considerations . . . . . . . . . . . . . . . . . . 5 63 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6 64 8. Security Considerations . . . . . . . . . . . . . . . . . . . 6 65 9. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 6 66 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 6 67 10.1. Normative References . . . . . . . . . . . . . . . . . . 6 68 10.2. Informative References . . . . . . . . . . . . . . . . . 7 69 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 8 71 1. Introduction 73 The BGP specification [RFC4271] defines an Update-Send Process to 74 advertise the routes chosen by the Decision Process to other BGP 75 speakers. No provisions are made to allow the advertisement of 76 multiple paths for the same address prefix, or Network Layer 77 Reachability Information (NLRI). In fact, a route with the same NLRI 78 as a previously advertised route implicitly replaces the previous 79 advertisement. 81 This document defines a BGP extension that allows the advertisement 82 of multiple paths for the same address prefix without the new paths 83 implicitly replacing any previous ones. The essence of the extension 84 is that each path is identified by a path identifier in addition to 85 the address prefix. 87 The availability of the additional paths can help reduce or eliminate 88 persistent route oscillations [RFC3345]. It can also help with 89 optimal routing and routing convergence in a network by providing 90 potential alternate or backup paths, respectively. 92 1.1. Specification of Requirements 94 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 95 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 96 document are to be interpreted as described in [RFC2119]. 98 2. How to Identify a Path 100 As defined in [RFC4271], a path refers to the information reported in 101 the path attribute field of an UPDATE message. As the procedures 102 specified in [RFC4271] allow only the advertisement of one path for a 103 particular address prefix, a path for an address prefix from a BGP 104 peer can be keyed on the address prefix. 106 In order for a BGP speaker to advertise multiple paths for the same 107 address prefix, a new identifier (termed "Path Identifier" hereafter) 108 needs to be introduced so that a particular path for an address 109 prefix can be identified by the combination of the address prefix and 110 the Path Identifier. 112 The assignment of the Path Identifier for a path by a BGP speaker is 113 purely a local matter. However, the Path Identifier MUST be assigned 114 in such a way that the BGP speaker is able to use the (prefix, path 115 identifier) to uniquely identify a path advertised to a neighbor. A 116 BGP speaker that re-advertises a route MUST generate its own Path 117 Identifier to be associated with the re-advertised route. A BGP 118 speaker that receives a route should not assume that the identifier 119 carries any particular semantics. 121 3. Extended NLRI Encodings 123 In order to carry the Path Identifier in an UPDATE message, the NLRI 124 encoding MUST be extended by prepending the Path Identifier field, 125 which is of four-octets. 127 For example, the NLRI encoding specified in [RFC4271] is extended as 128 the following: 130 +--------------------------------+ 131 | Path Identifier (4 octets) | 132 +--------------------------------+ 133 | Length (1 octet) | 134 +--------------------------------+ 135 | Prefix (variable) | 136 +--------------------------------+ 138 The usage of the extended NLRI encodings is specified in Section 5. 140 4. ADD-PATH Capability 142 The ADD-PATH Capability is a new BGP capability [RFC5492], with 143 Capability Code 69. The Capability Length field of this capability 144 is variable. The Capability Value field consists of one or more of 145 the following tuples: 147 +------------------------------------------------+ 148 | Address Family Identifier (2 octets) | 149 +------------------------------------------------+ 150 | Subsequent Address Family Identifier (1 octet) | 151 +------------------------------------------------+ 152 | Send/Receive (1 octet) | 153 +------------------------------------------------+ 155 The meaning and use of the fields are as follows: 157 Address Family Identifier (AFI): 159 This field is the same as the one used in [RFC4760]. 161 Subsequent Address Family Identifier (SAFI): 163 This field is the same as the one used in [RFC4760]. 165 Send/Receive: 167 This field indicates whether the sender is (a) able to receive 168 multiple paths from its peer (value 1), (b) able to send 169 multiple paths to its peer (value 2), or (c) both (value 3) for 170 the . 172 If any other value is received, then the capability SHOULD be 173 treated as not understood and ignored [RFC5492]. 175 A BGP speaker that wishes to indicate support for multiple AFI/SAFI 176 MUST do so by including the information in a single instance of the 177 ADD-PATH Capability. 179 5. Operation 181 The Path Identifier specified in Section 3 can be used to advertise 182 multiple paths for the same address prefix without subsequent 183 advertisements replacing the previous ones. Apart from the fact that 184 this is now possible, the route advertisement rules of [RFC4271] are 185 not changed. In particular, a new advertisement for a given address 186 prefix and a given path identifier replaces a previous advertisement 187 for the same address prefix and path identifier. If a BGP speaker 188 receives a message to withdraw a prefix with a path identifier not 189 seen before, it SHOULD silently ignore it. 191 For a BGP speaker to be able to send multiple paths to its peer, that 192 BGP speaker MUST advertise the ADD-PATH capability with the Send/ 193 Receive field set to either 2 or 3, and MUST receive from its peer 194 the ADD-PATH capability with the Send/Receive field set to either 1 195 or 3, for the corresponding . 197 A BGP speaker MUST follow the procedures defined in [RFC4271] when 198 generating an UPDATE message for a particular to a peer 199 unless the BGP speaker advertises the ADD-PATH Capability to the peer 200 indicating its ability to send multiple paths for the , 201 and also receives the ADD-PATH Capability from the peer indicating 202 its ability to receive multiple paths for the , in which 203 case the speaker MUST generate a route update for the 204 based on the combination of the address prefix and the Path 205 Identifier, and use the extended NLRI encodings specified in this 206 document. The peer SHALL act accordingly in processing an UPDATE 207 message related to a particular . 209 A BGP speaker SHOULD include the best route [RFC4271] when more than 210 one path is advertised to a neighbor, unless it is a path received 211 from that neighbor. 213 As the Path Identifiers are locally assigned, and may or may not be 214 persistent across a control plane restart of a BGP speaker, an 215 implementation SHOULD take special care so that the underlying 216 forwarding plane of a "Receiving Speaker" as described in [RFC4724] 217 is not affected during the graceful restart of a BGP session. 219 6. Deployment Considerations 221 The extension proposed in this document provides a mechanism for a 222 BGP speaker to advertise multiple paths over a BGP session. Care 223 needs to be taken in its deployment to ensure consistent routing and 224 forwarding in a network [I-D.ietf-idr-add-paths-guidelines]. 226 The only explicit indication that the encoding described in Section 3 227 is in use in a particular BGP session is the exchange of Capabilities 228 Section 4. If the negotiation is successful [RFC5492], then the BGP 229 speakers will be able to process all BGP UPDATES properly, as 230 described in Section 5. However, if, for example, a packet analyzer 231 is used on the wire to examine an active BGP session, it may not be 232 able to properly decode the BGP UPDATES because it lacks prior 233 knowledge of the negotiated Capabilities. 235 When deployed as a provider edge router or a peering router that 236 interacts with external neighbors, a BGP speaker usually advertises 237 at most one path to the internal neighbors in a network. In the case 238 the speaker is configured to advertise multiple paths to the internal 239 neighbors, and additional information is needed for the application, 240 the speaker could use attributes such as the Edge_Discriminator 241 attribute [I-D.pmohapat-idr-fast-conn-restore]. The use of that type 242 of additional information is outside the scope of this document. 244 7. IANA Considerations 246 IANA has assigned capability number 69 for the ADD-PATH Capability 247 described in this document. This registration is in the BGP 248 Capability Codes registry. 250 8. Security Considerations 252 This document defines a BGP extension that allows the advertisement 253 of multiple paths for the same address prefix without the new paths 254 implicitly replacing any previous ones. As a result, multiple paths 255 for a large number of prefixes may be received by a BGP speaker 256 potentially depleting memory resources or even causing network-wide 257 instability, which can be considered a denial of service attack. 258 Note that this is not a new vulnerability, but one that is present in 259 the base BGP specification [RFC4272]. 261 The use of the ADD-PATH Capability is intended to address specific 262 needs related to, for example, eliminating the MED-induced route 263 oscillations in a network [I-D.ietf-idr-route-oscillation-stop]. 264 While describing the applications for the ADD-PATH Capability is 265 outside the scope of this document, users are encouraged to examine 266 their behavior and potential impact by studying the best practices 267 described in [I-D.ietf-idr-add-paths-guidelines]. 269 Security concerns in the base operation of BGP [RFC4271] also apply. 271 9. Acknowledgments 273 We would like to thank David Cook and Naiming Shen for their 274 contributions to the design and development of the extension. 276 Many people have made valuable comments and suggestions, including 277 Rex Fernando, Eugene Kim, Danny McPherson, Dave Meyer, Pradosh 278 Mohapatra, Keyur Patel, Robert Raszuk, Eric Rosen, Srihari Sangli, 279 Dan Tappan, Mark Turner, Jeff Haas, Jay Borkenhagen, Mach Chen, Denis 280 Ovsienko, Carlos Pignataro, Meral Shirazipour and Kathleen Moriarty. 282 10. References 284 10.1. Normative References 286 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 287 Requirement Levels", BCP 14, RFC 2119, 288 DOI 10.17487/RFC2119, March 1997, 289 . 291 [RFC4271] Rekhter, Y., Ed., Li, T., Ed., and S. Hares, Ed., "A 292 Border Gateway Protocol 4 (BGP-4)", RFC 4271, 293 DOI 10.17487/RFC4271, January 2006, 294 . 296 [RFC4760] Bates, T., Chandra, R., Katz, D., and Y. Rekhter, 297 "Multiprotocol Extensions for BGP-4", RFC 4760, 298 DOI 10.17487/RFC4760, January 2007, 299 . 301 [RFC5492] Scudder, J. and R. Chandra, "Capabilities Advertisement 302 with BGP-4", RFC 5492, DOI 10.17487/RFC5492, February 303 2009, . 305 10.2. Informative References 307 [I-D.ietf-idr-add-paths-guidelines] 308 Uttaro, J., Francois, P., Patel, K., Haas, J., Simpson, 309 A., and R. Fragassi, "Best Practices for Advertisement of 310 Multiple Paths in IBGP", draft-ietf-idr-add-paths- 311 guidelines-08 (work in progress), April 2016. 313 [I-D.ietf-idr-route-oscillation-stop] 314 Walton, D., Retana, A., Chen, E., and J. Scudder, "BGP 315 Persistent Route Oscillation Solutions", draft-ietf-idr- 316 route-oscillation-stop-03 (work in progress), April 2016. 318 [I-D.pmohapat-idr-fast-conn-restore] 319 Mohapatra, P., Fernando, R., Filsfils, C., and R. Raszuk, 320 "Fast Connectivity Restoration Using BGP Add-path", draft- 321 pmohapat-idr-fast-conn-restore-03 (work in progress), 322 January 2013. 324 [RFC3345] McPherson, D., Gill, V., Walton, D., and A. Retana, 325 "Border Gateway Protocol (BGP) Persistent Route 326 Oscillation Condition", RFC 3345, DOI 10.17487/RFC3345, 327 August 2002, . 329 [RFC4272] Murphy, S., "BGP Security Vulnerabilities Analysis", 330 RFC 4272, DOI 10.17487/RFC4272, January 2006, 331 . 333 [RFC4724] Sangli, S., Chen, E., Fernando, R., Scudder, J., and Y. 334 Rekhter, "Graceful Restart Mechanism for BGP", RFC 4724, 335 DOI 10.17487/RFC4724, January 2007, 336 . 338 Authors' Addresses 340 Daniel Walton 341 Cumulus Networks 342 185 E. Dana Street 343 Mountain View, CA 94041 344 US 346 Email: dwalton@cumulusnetworks.com 348 Alvaro Retana 349 Cisco Systems, Inc. 350 Kit Creek Rd. 351 Research Triangle Park, NC 27709 352 US 354 Email: aretana@cisco.com 356 Enke Chen 357 Cisco Systems, Inc. 358 170 W. Tasman Dr. 359 San Jose, CA 95134 360 US 362 Email: enkechen@cisco.com 364 John Scudder 365 Juniper Networks 366 1194 N. Mathilda Ave 367 Sunnyvale, CA 94089 368 US 370 Email: jgs@juniper.net