idnits 2.17.1 draft-ietf-idr-as-migration-05.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- -- The draft header indicates that this document updates RFC4271, but the abstract doesn't seem to mention this, which it should. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year (Using the creation date from RFC4271, updated by this document, for RFC5378 checks: 2006-01-13) -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (April 28, 2015) is 3283 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) No issues found here. Summary: 0 errors (**), 0 flaws (~~), 1 warning (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Internet Engineering Task Force W. George 3 Internet-Draft Time Warner Cable 4 Updates: 4271 (if approved) S. Amante 5 Intended status: Standards Track Apple, Inc. 6 Expires: October 30, 2015 April 28, 2015 8 Autonomous System Migration Mechanisms and Their Effects on the BGP 9 AS_PATH Attribute 10 draft-ietf-idr-as-migration-05 12 Abstract 14 This draft discusses some existing commonly-used BGP mechanisms for 15 ASN migration that are not formally part of the BGP4 protocol 16 specification. It is necessary to document these de facto standards 17 to ensure that they are properly supported in future BGP protocol 18 work. 20 Status of This Memo 22 This Internet-Draft is submitted in full conformance with the 23 provisions of BCP 78 and BCP 79. 25 Internet-Drafts are working documents of the Internet Engineering 26 Task Force (IETF). Note that other groups may also distribute 27 working documents as Internet-Drafts. The list of current Internet- 28 Drafts is at http://datatracker.ietf.org/drafts/current/. 30 Internet-Drafts are draft documents valid for a maximum of six months 31 and may be updated, replaced, or obsoleted by other documents at any 32 time. It is inappropriate to use Internet-Drafts as reference 33 material or to cite them other than as "work in progress." 35 This Internet-Draft will expire on October 30, 2015. 37 Copyright Notice 39 Copyright (c) 2015 IETF Trust and the persons identified as the 40 document authors. All rights reserved. 42 This document is subject to BCP 78 and the IETF Trust's Legal 43 Provisions Relating to IETF Documents 44 (http://trustee.ietf.org/license-info) in effect on the date of 45 publication of this document. Please review these documents 46 carefully, as they describe your rights and restrictions with respect 47 to this document. Code Components extracted from this document must 48 include Simplified BSD License text as described in Section 4.e of 49 the Trust Legal Provisions and are provided without warranty as 50 described in the Simplified BSD License. 52 Table of Contents 54 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 55 1.1. Requirements Language . . . . . . . . . . . . . . . . . . 3 56 1.2. Documentation note . . . . . . . . . . . . . . . . . . . 3 57 2. ASN Migration Scenario Overview . . . . . . . . . . . . . . . 3 58 3. External BGP Autonomous System Migration Mechanisms . . . . . 5 59 3.1. Modify Inbound BGP AS_PATH Attribute . . . . . . . . . . 5 60 3.2. Modify Outbound BGP AS_PATH Attribute . . . . . . . . . . 7 61 3.3. Implementation . . . . . . . . . . . . . . . . . . . . . 8 62 4. Internal BGP Autonomous System Migration Mechanisms . . . . . 9 63 4.1. Internal BGP AS Migration . . . . . . . . . . . . . . . . 9 64 4.2. Implementation . . . . . . . . . . . . . . . . . . . . . 12 65 5. Additional Operational Considerations . . . . . . . . . . . . 13 66 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 13 67 7. Security Considerations . . . . . . . . . . . . . . . . . . . 13 68 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 14 69 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 14 70 9.1. Normative References . . . . . . . . . . . . . . . . . . 14 71 9.2. Informative References . . . . . . . . . . . . . . . . . 14 72 Appendix A. Implementation report . . . . . . . . . . . . . . . 15 73 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 15 75 1. Introduction 77 This draft discusses some existing commonly-used BGP mechanisms for 78 Autonomous System Number (ASN) migration that are not formally part 79 of the BGP4 [RFC4271] protocol specification. These mechanisms are 80 local to a given BGP Speaker and do not require negotiation with or 81 cooperation of BGP neighbors. The deployment of these mechanisms do 82 not need to interwork with one another to accomplish the desired 83 results, so slight variations between existing vendor implementations 84 exist, and will not necessarily be harmonized due to this document. 85 However, it is necessary to document these de facto standards to 86 ensure that new implementations can be successful, and any future 87 protocol enhancements to BGP that propose to read, copy, manipulate 88 or compare the AS_PATH attribute can do so without inhibiting the use 89 of these very widely used ASN migration mechanisms. 91 The migration mechanisms discussed here are useful to ISPs and 92 organizations of all sizes, but it is important to understand the 93 business need for these mechanisms and illustrate why they are so 94 critical for ISPs' operations. During a merger, acquisition or 95 divestiture involving two organizations it is necessary to seamlessly 96 migrate both internal and external BGP speakers from one ASN to a 97 second ASN. The overall goal in doing so is to simplify operations 98 through consistent configurations across all BGP speakers in the 99 combined network. In addition, given that the BGP Path Selection 100 algorithm selects routes with the shortest AS_PATH attribute, it is 101 critical that the ISP does not increase AS_PATH length during or 102 after ASN migration, because an increased AS_PATH length would likely 103 result in sudden, undesirable changes in traffic patterns in the 104 network. 106 By default, the BGP protocol requires an operator to configure a 107 router to use a single remote ASN for the BGP neighbor, and the ASN 108 must match on both ends of the peering in order to successfully 109 negotiate and establish a BGP session. Prior to the existence of 110 these migration mechanisms, it would have required an ISP to 111 coordinate an ASN change with, in some cases, tens of thousands of 112 customers. In particular, as each router is migrated to the new ASN, 113 to avoid an outage due to ASN mismatch, the ISP would have to force 114 all customers on that router to change their router configurations to 115 use the new ASN immediately after the ASN change. Thus, it becomes 116 critical to allow the ISP to make this process a bit more asymmetric, 117 so that it could seamlessly migrate the ASN within its network(s), 118 but allow the customers to gradually migrate to the ISP's new ASN at 119 their leisure, either by coordinating individual reconfigurations, or 120 accepting sessions using either the old or new ASN to allow for truly 121 asymmetric migration. 123 1.1. Requirements Language 125 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 126 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 127 document are to be interpreted as described in RFC 2119 [RFC2119]. 129 1.2. Documentation note 131 This draft uses Autonomous System Numbers (ASNs) from the range 132 reserved for documentation as described in RFC 5398 [RFC5398]. In 133 the examples used here, they are intended to represent Globally 134 Unique ASNs, not private use ASNs as documented in RFC 6996 [RFC6996] 135 section 5. 137 2. ASN Migration Scenario Overview 139 The use case being discussed here is an ISP merging two or more ASNs, 140 where eventually one ASN subsumes the other(s). In this use case, we 141 will assume the most common case where there are two ISPs, A and B, 142 that prior to the ASN migration use AS 64500 and 64510, respectively. 143 AS 64500 will be the permanently retained ASN used across the 144 consolidated set of both ISPs network equipment, and AS 64510 will be 145 retired. Thus, at the conclusion of the ASN migration, there will be 146 a single ISP A' with all internal BGP speakers configured to use AS 147 64500. To all external BGP speakers, the AS_PATH length will not be 148 increased. 150 In this same scenario, AS 64496 and AS 64499 represent two separate 151 customer networks: C and D, respectively. Originally, customer C (AS 152 64496) is attached to ISP B, which will undergo ASN migration from AS 153 64510 to AS 64500. Furthermore, customer D (AS 64499) is attached to 154 ISP A, which does not undergo ASN migration since the ASN for ISP A 155 will remain constant, (AS 64500). Although this example refers to AS 156 64496 and 64499 as customer networks, either or both may be 157 settlement-free or other types of peers. In this use case they are 158 referred to as "customers" merely for convenience. 160 ------ ------ 161 / ISP A \ / ISP B \ 162 | AS 64500 | | AS 64510 | 163 \ / \ / 164 ------- ------- 165 | | 166 | | 167 ------------ ------------- 168 | Cust D | | Cust C | 169 | AS 64499 | | AS 64496 | 170 ------------ ------------- 172 Figure 1: Before Migration 174 --------------- 175 / \ 176 | ISP A' | 177 | AS 64500 | 178 \ / 179 --------------- 180 / \ 181 / \ 182 | | 183 ------------ ------------- 184 | Cust D | | Cust C | 185 | AS 64499 | | AS 64496 | 186 ------------ ------------- 188 Figure 2: After Migration 190 The general order of operations, typically carried out in a single 191 maintenance window by the network undergoing ASN migration (ISP B), 192 are as follows. First, ISP B will change the global BGP ASN used by 193 a Provider Edge (PE) router, from ASN 64510 to 64500. At this point, 194 the router will no longer be able to establish eBGP sessions toward 195 the existing Customer Edge (CE) devices that are attached to it and 196 still using AS 64510. Second, since ISP B needs to do this without 197 coordinating the simultaneous change of its ASN with all of its eBGP 198 peers, ISP B will configure two separate, but related ASN migration 199 mechanisms discussed in this document on all eBGP sessions toward all 200 CE devices. These mechanisms enable the router to establish BGP 201 neighbors using the legacy ASN, modify the AS_PATH attribute received 202 from a CE device when advertising it further, and modify AS_PATH when 203 transmitted toward CE devices to achieve the desired effect of not 204 increasing the length of the AS_PATH. 206 At the conclusion of the ASN migration, the CE devices at the edge of 207 the network are not aware of the fact that their upstream router is 208 now in a new ASN and do not observe any change in the length of the 209 AS_PATH attribute. However, after the changes discussed in this 210 document are put in place by ISP A', there is a change to the 211 contents of the AS_PATH attribute to ensure the AS_PATH is not 212 artificially lengthened while these AS migration parameters are used. 214 In this use case, neither ISP is using BGP Confederations RFC 5065 215 [RFC5065] internally. 217 3. External BGP Autonomous System Migration Mechanisms 219 The following section addresses optional capabilities that are 220 specific to modifying the AS_PATH attribute at the Autonomous System 221 Border Routers (ASBRs) of an organization, (typically a single 222 Service Provider). This ensures that external BGP customers/peers 223 are not forced to make any configuration changes on their CE routers 224 before or during the exact time the Service Provider wishes to 225 migrate to a new, permanently retained ASN. Furthermore, these 226 mechanisms eliminate the artificial lengthening of the AS_PATH both 227 transmitted from and received by the Service Provider that is 228 undergoing AS Migration, which would have negative implications on 229 path selection by external networks. 231 3.1. Modify Inbound BGP AS_PATH Attribute 233 The first instrument used in the process described above is called 234 "Local AS". This allows the router to supersede the globally 235 configured ASN in the "My Autonomous System" field of the BGP OPEN 236 [RFC4271] with a locally defined AS value for a specific BGP neighbor 237 or group of neighbors. This mechanism allows the PE router that was 238 formerly in ISP B to establish an eBGP session toward the existing CE 239 devices using the legacy AS, AS 64510. Ultimately, the CE devices 240 (i.e.: customer C) are completely unaware that ISP B has reconfigured 241 its router to participate as a member of a new AS. Within the 242 context of the former ISP B PE router, the second effect this 243 specific mechanism has on AS_PATH is that, by default, it prepends 244 all received BGP UPDATEs with the legacy AS of ISP B: AS 64510, while 245 advertising it (Adj-RIB-Out) to other BGP speakers (A'). Within the 246 Loc-RIB on ISP B prior to the migration, the AS_PATH toward customer 247 C would appear as: 64510, whereas the same RIB on ISP A' (ISP B 248 routers post-migration) would contain AS_PATH: 64510 64496. 250 A second instrument, referred to as "No Prepend Inbound", is enabled 251 on PE routers migrating from ISP B. The "No Prepend Inbound" 252 capability causes ISP B's routers to not prepend the legacy AS, AS 253 64510, when advertising UPDATES received from customer C. This 254 restores the AS_PATH within ISP A' toward customer C so that it is 255 just one ASN in length: 64496. 257 In the direction of CE -> PE (inbound): 259 1. "Local AS": Allows the local BGP router to generate a BGP OPEN to 260 an eBGP neighbor with the old, legacy ASN value in the "My 261 Autonomous System" field. When this capability is activated, it 262 also causes the local router to prepend the value to 263 the AS_PATH when installing or advertising routes received from a 264 CE to iBGP neighbors inside the Autonomous System. 266 2. "No Prepend Inbound (of Local AS)": the local BGP router does not 267 prepend value to the AS_PATH when installing or 268 advertising routes received from the CE to iBGP neighbors inside 269 the Autonomous System 271 PE-B is a PE that was originally in ISP B, and has a customer eBGP 272 session to CE-B. PE-B has had its global configuration ASN changed 273 from AS 64510 to AS 64500 to make it part of the permanently retained 274 ASN. This now makes PE-B a member of ISP A'. PE-A is a PE that was 275 originally in ISP A, and has a customer peer CE-A. Although its 276 global configuration ASN remains AS 64500, throughout this exercise 277 we also consider PE-A a member of ISP A'. 279 ISP A' ISP A' 280 CE-A <--- PE-A <------------------- PE-B <--- CE-B 281 64499 New_ASN: 64500 Old_ASN: 64510 64496 282 New_ASN: 64500 284 Note: Direction of BGP UPDATE as per the arrows. 286 Figure 3: Local AS and No Prepend BGP UPDATE Diagram 288 As a result using both the "Local AS" and "No Prepend Inbound" 289 capabilities on PE-B, CE-A will see an AS_PATH of: 64500 64496. CE-A 290 will not receive a BGP UPDATE containing AS 64510 in the AS_PATH. 291 (If only the "Local AS" mechanism was configured without "No Prepend 292 Inbound" on PE-B, then CE-A would have seen an AS_PATH of: 64500 293 64510 64496, which results in an unacceptable lengthening of the 294 AS_PATH). 296 3.2. Modify Outbound BGP AS_PATH Attribute 298 The two aforementioned mechanisms, "Local AS" and "No Prepend 299 Inbound", only modify the AS_PATH Attribute received by the ISP's 300 PE's in the course of processing BGP UPDATEs from CE devices when CE 301 devices still have an eBGP session established with the ISPs legacy 302 AS (AS64510). 304 In some existing implementations, "Local AS" and "No Prepend Inbound" 305 does not concurrently modify the AS_PATH Attribute for BGP UPDATEs 306 that are transmitted by the ISP's PE's to CE devices. In these 307 implementations, with "Local AS" and "No Prepend Inbound" used on PE- 308 B, it automatically causes a lengthening of the AS_PATH in outbound 309 BGP UPDATEs from ISP A' toward directly attached eBGP speakers, 310 (Customer C in AS 64496). The externally observed result is that 311 customer C, in AS 64496, will receive the following AS_PATH: 64510 312 64500 64499. Therefore, if ISP A' takes no further action, it will 313 cause an unacceptable increase in AS_PATH length within customer's 314 networks directly attached to ISP A'. 316 A tertiary mechanism, referred to as "Replace Old AS", is used to 317 resolve this problem. This capability allows ISP A' to prevent 318 routers from appending the globally configured ASN in outbound BGP 319 UPDATEs toward directly attached eBGP neighbors that are using the 320 "Local AS" mechanism. Instead, only the old (or previously used) AS 321 will be prepended in the outbound BGP UPDATE toward the customer's 322 network, restoring the AS_PATH length to what it what was before AS 323 Migration occurred. 325 To re-use the above diagram, but in the opposite direction, we have: 327 ISP A' ISP A' 328 CE-A ---> PE-A -------------------> PE-B ---> CE-B 329 64499 New_ASN: 64500 Old_ASN: 64510 64496 330 New_ASN: 64500 332 Note: Direction of BGP UPDATE as per the arrows. 334 Figure 4: Replace AS BGP UPDATE Diagram 336 By default, without the use of "Replace Old AS", CE-B would see an 337 AS_PATH of: 64510 64500 64499, which is artificially lengthened, 338 typically by use of the "Local AS" and/or "No Prepend" capabilities 339 during the course of the ASN Migration. After ISP A' changes PE-B to 340 use "Replace Old AS", CE-B would receive an AS_PATH of: 64510 64499, 341 which is the same AS_PATH length pre-AS migration. NOTE: If there 342 are still routers in the old ASN, it is possible for them to accept 343 these manipulated routes as if they have not already passed through 344 their ASN, potentially causing a loop, since BGP's normal loop- 345 prevention behavior of rejecting routes that include its ASN in the 346 path will not catch these. Careful filtering between routers 347 remaining in the old ASN and routers migrated to the new ASN is 348 necessary to minimize the risk of routing loops. 350 3.3. Implementation 352 The mechanisms introduced in this section MUST be configurable on a 353 per-neighbor or per neighbor group (i.e. a group of similar BGP 354 neighbor statements that reuse some common configuration to simplify 355 provisioning) basis to allow for maximum flexibility. When the 356 "Local AS" capability is used, a local ASN will be provided in the 357 configuration that is different from the globally-configured ASN of 358 the BGP router. To implement this mechanism, a BGP speaker SHOULD 359 send BGP OPEN [RFC4271] (see section 4.2) messages to the configured 360 eBGP peer(s) using the local ASN configured for this session as the 361 value sent in "My Autonomous System". The BGP router SHOULD NOT use 362 the ASN configured globally within the BGP process as the value sent 363 in "My Autonomous System" in the OPEN message. This will avoid 364 causing the eBGP neighbor to unnecessarily generate a BGP OPEN Error 365 message "Bad Peer AS". This method is typically used to re-establish 366 eBGP sessions with peers expecting the legacy ASN after a router has 367 been moved to a new ASN. 369 Implementations MAY support a more flexible model where the eBGP 370 speaker attempts to open the BGP session using either the ASN 371 configured as "Local AS" or the globally configured AS as discussed 372 in BGP Alias (Section 4.2). If the session is successfully 373 established to the globally configured ASN, then the modifications to 374 AS_PATH described in this document SHOULD NOT be performed, as they 375 are unnecessary. The benefit to this more flexible model is that it 376 allows the remote neighbor to reconfigure to the new ASN without 377 direct coordination between the ISP and the customer. 379 When the BGP router receives UPDATEs from its eBGP neighbor 380 configured with the "Local AS" mechanism, it processes the UPDATE as 381 described in RFC4271 section 5.1.2 [RFC4271]. However the presence 382 of a second ASN due to "Local AS" adds the following behavior to 383 processing UPDATEs received from an eBGP neighbor configured with 384 this mechanism: 386 1. Internal: the router SHOULD append the configured "Local AS" ASN 387 in the AS_PATH attribute before installing the route or 388 advertising the UPDATE to an iBGP neighbor. 390 2. External: the BGP router SHOULD first append the globally 391 configured ASN to the AS_PATH immediately followed by the "Local 392 AS" value before advertising the UPDATE to an eBGP neighbor. 394 Two options exist to manipulate the behavior of the basic "Local AS" 395 mechanism. They modify the behavior as described below: 397 1. "No Prepend Inbound" - When the BGP router receives inbound BGP 398 UPDATEs from its eBGP neighbor configured with this option, it 399 MUST NOT append the "Local AS" ASN value in the AS_PATH attribute 400 when installing the route or advertising that UPDATE to iBGP 401 neighbors, but it MUST still append the globally configured ASN 402 as normal when advertising the UPDATE to other local eBGP 403 neighbors (i.e. those natively peering with the globally 404 configured ASN). 406 2. "Replace Old AS", (outbound) - When the BGP router generates 407 outbound BGP UPDATEs toward an eBGP neighbor configured with this 408 option, the BGP speaker MUST NOT (first) append the globally 409 configured ASN from the AS_PATH attribute. The BGP router MUST 410 append only the configured "Local AS" ASN value to the AS_PATH 411 attribute before sending the BGP UPDATEs outbound to the eBGP 412 neighbor. 414 4. Internal BGP Autonomous System Migration Mechanisms 416 The following section describes mechanisms that assist with a gradual 417 and least service impacting migration of Internal BGP sessions from a 418 legacy ASN to the permanently retained ASN. The following mechanism 419 is very valuable to networks undergoing AS migration, but its use 420 does not cause changes to the AS_PATH attribute. 422 4.1. Internal BGP AS Migration 424 In this case, all of the routers to be consolidated into a single, 425 permanently retained ASN are under the administrative control of a 426 single entity. Unfortunately, the traditional method of migrating 427 all Internal BGP speakers, particularly within larger networks, is 428 both time consuming and widely service impacting. 430 The traditional method to migrate Internal BGP sessions was strictly 431 limited to reconfiguration of the global configuration ASN and, 432 concurrently, changing all iBGP neighbors' remote ASN from the legacy 433 ASN to the new, permanently retained ASN on each router within the 434 legacy AS. These changes can be challenging to swiftly execute in 435 networks with with more than a few dozen internal BGP routers. There 436 is also the concomitant service interruptions as these changes are 437 made to routers within the network, resulting in a reset of iBGP 438 sessions and subsequent route reconvergence to reestablish optimal 439 routing paths. Operators often cannot make such sweeping changes 440 given the associated risks of a highly visible service interruption; 441 rather, they require a more gradual method to migrate Internal BGP 442 sessions, from one ASN to a second, permanently retained ASN, that is 443 not visibly service-impacting to its customers. 445 With the "Internal BGP AS Migration" mechanism described herein, it 446 allows an Internal BGP speaker to form a single iBGP session using 447 either the old, legacy ASN or the new, permanently retained ASN. The 448 benefits of using this mechanism are several fold. First, it allows 449 for a more gradual and less service-impacting migration away from the 450 legacy ASN to the permanently retained ASN. Second, it (temporarily) 451 permits the coexistence of the legacy and permanently retained ASN 452 within a single network, allowing for uniform BGP path selection 453 among all routers within the consolidated network. 455 The iBGP router with the "Internal BGP AS Migration" capability 456 enabled allows the receipt of a BGP OPEN message with either the 457 legacy ASN value or the new, globally configured ASN value in the "My 458 Autonomous System" field of the BGP OPEN message from iBGP neighbors. 459 It is important to recognize that enablement of the "Internal BGP AS 460 Migration" mechanism preserves the semantics of a regular iBGP 461 session (i.e. using identical ASNs). Thus, the BGP attributes 462 transmitted by and the acceptable methods of operation on BGP 463 attributes received from iBGP sessions configured with "Internal BGP 464 AS Migration" capability are no different than those exchanged across 465 an iBGP session without "Internal BGP AS Migration" configured, as 466 defined by [RFC4271] and [RFC4456]. 468 Typically, in medium to large networks, BGP Route Reflectors 469 [RFC4456] (RRs) are used to aid in reduction of configuration of iBGP 470 sessions and scalability with respect to overall TCP (and, BGP) 471 session maintenance between adjacent iBGP routers. Furthermore, BGP 472 Route Reflectors are typically deployed in pairs within a single 473 Route Reflection cluster to ensure high reliability of the BGP 474 Control Plane. As such, the following example will use Route 475 Reflectors to aid in understanding the use of the "Internal BGP AS 476 Migration" mechanism. Note that Route Reflectors are not a 477 prerequisite to enable "Internal BGP AS Migration" and this mechanism 478 can be enabled independent of the use of Route Reflectors. 480 The general order of operations is as follows: 482 1. Within the legacy network, (the routers comprising the set of 483 devices that still have a globally configured legacy ASN), one 484 member of a redundant pair of RRs has its global configuration 485 ASN changed to the permanently retained ASN. Concurrently, the 486 "Internal BGP AS Migration" capability is enabled on all iBGP 487 sessions on that device. This will comprise Non-Client iBGP 488 sessions to other RRs as well as Client iBGP sessions, typically 489 to PE devices, both still utilizing the legacy ASN. Note that 490 during this step there will be a reset and reconvergence event on 491 all iBGP sessions on the RRs whose configuration was modified; 492 however, this should not be service impacting due to the use of 493 redundant RRs in each RR Cluster. 495 2. The above step is repeated for the other side of the redundant 496 pair of RRs. The one alteration to the above procedure is that 497 the "Internal BGP AS Migration" mechanism is now removed from the 498 Non-Client iBGP sessions toward the other (previously 499 reconfigured) RRs, since it is no longer needed. The "Internal 500 BGP AS Migration" mechanism is still required on all RRs for all 501 RR Client iBGP sessions. Also during this step, there will be a 502 reset and reconvergence event on all iBGP sessions whose 503 configuration was modified, but this should not be service 504 impacting. At the conclusion of this step, all RRs should now 505 have their globally configured ASN set to the permanently 506 retained ASN and "Internal BGP AS Migration" enabled and in use 507 toward RR Clients. 509 3. At this point, the network administrators would then be able to 510 establish iBGP sessions between all Route Reflectors in both the 511 legacy and permanently retained networks. This would allow the 512 network to appear to function, both internally and externally, as 513 a single, consolidated network using the permanently retained 514 network. 516 4. To complete the AS migration, each RR Client (PE) in the legacy 517 network still utilizing the legacy ASN is now modified. 518 Specifically, each legacy PE would have its globally configured 519 ASN changed to use the permanently retained ASN. The ASN 520 configured within the PE for the iBGP sessions toward each RR 521 would be changed to use the permanently retained ASN. It is 522 unnecessary to enable "Internal BGP AS Migration" mechanism on 523 these migrated iBGP sessions. During the same maintenance 524 window, External BGP sessions would be modified to include the 525 above "Local AS", "No Prepend" and "Replace Old AS" mechanisms 526 described in Section 3 above, since all of the changes are 527 service interrupting to the eBGP sessions of the PE. At this 528 point, all PEs will have been migrated to the permanently 529 retained ASN. 531 5. The final step is to excise the "Internal BGP AS Migration" 532 configuration from the Router Reflectors in an orderly fashion. 533 After this is complete, all routers in the network will be using 534 the new, permanently retained ASN for all iBGP sessions with no 535 vestiges of the legacy ASN on any iBGP sessions. 537 The benefit of using the aforementioned "Internal BGP AS Migration" 538 capability is that it is a more gradual and less externally service- 539 impacting change to accomplish an AS migration. Previously, without 540 "Internal BGP AS Migration", such an AS migration change would carry 541 a high risk and need to be successfully accomplished in a very short 542 timeframe (e.g.: at most several hours). In addition, it would 543 likely cause substantial routing churn and rapid fluctuations in 544 traffic carried -- potentially causing periods of congestion and 545 resultant packet loss -- during the period the configuration changes 546 are underway to complete the AS Migration. On the other hand, with 547 "Internal BGP AS Migration", the migration from the legacy ASN to the 548 permanently retained ASN can occur over a period of days or weeks 549 with reduced customer disruption. (The only observable service 550 disruption should be when each PE undergoes the changes discussed in 551 step 4 above.) 553 4.2. Implementation 555 The mechanism introduced in this section MUST be configurable on a 556 per-neighbor or per neighbor group basis to allow for maximum 557 flexibility. When configured with this mechanism, a BGP speaker MUST 558 accept BGP OPEN and establish an iBGP session from configured iBGP 559 peers if the ASN value in "My Autonomous System" is either the 560 globally configured ASN or a locally configured ASN provided when 561 this capability is utilized. Additionally, a BGP router configured 562 with this mechanism MUST send its own BGP OPEN [RFC4271] (see section 563 4.2) using both the globally configured and the locally configured 564 ASN in "My Autonomous System". To avoid potential deadlocks when two 565 BGP speakers are attempting to establish a BGP peering session and 566 are both configured with this mechanism, the speaker SHOULD send BGP 567 OPEN using the globally configured ASN first, and only send a BGP 568 OPEN using the locally configured ASN as a fallback if the remote 569 neighbor responds with the BGP error "Bad Peer AS". In each case, 570 the BGP speaker MUST treat UPDATEs sent and received to this peer as 571 if this was a natively configured iBGP session, as defined by 572 [RFC4271] and [RFC4456]. 574 5. Additional Operational Considerations 576 This document describes several mechanisms to support ISPs and other 577 organizations that need to perform ASN migrations. Other variations 578 of these mechanisms may exist, for example, in legacy router software 579 that has not been upgraded or reached End of Life, but continues to 580 operate in the network. Such variations are beyond the scope of this 581 document. 583 Companies routinely go through periods of mergers, acquisitions and 584 divestitures, which in the case of the former cause them to 585 accumulate several legacy ASNs over time. ISPs often do not have 586 control over the configuration of customers' devices (i.e.: the ISPs 587 are often not providing a managed CE router service, particularly to 588 medium and large customers that require eBGP). Furthermore, ISPs are 589 using methods to perform ASN migration that do not require 590 coordination with customers. Ultimately, this means there is not a 591 finite period of time after which legacy ASNs will be completely 592 expunged from the ISP's network. In fact, it is common that legacy 593 ASNs and the associated External BGP AS Migration mechanisms 594 discussed in this document can and do persist for several years, if 595 not longer. Thus, it is prudent to plan that legacy ASNs and 596 associated External BGP AS Migration mechanisms will persist in a 597 operational network indefinitely. 599 With respect to the Internal BGP AS Migration mechanism, all of the 600 routers to be consolidated into a single, permanently retained ASN 601 are under the administrative control of a single entity. Thus, 602 completing the migration from iBGP sessions using the legacy ASN to 603 the permanently retained ASN is more straightforward and could be 604 accomplished in a matter of days to months. Finally, good 605 operational hygiene would dictate that it is good practice to avoid 606 using "Internal BGP AS Migration" capability over a long period of 607 time for reasons of not only operational simplicity of the network, 608 but also reduced reliance on that mechanism during the ongoing 609 lifecycle management of software, features and configurations that 610 are maintained on the network. 612 6. IANA Considerations 614 This memo includes no request to IANA. 616 7. Security Considerations 618 This draft discusses a process by which one ASN is migrated into and 619 subsumed by another. This involves manipulating the AS_PATH 620 Attribute with the intent of not increasing the AS_PATH length, which 621 would typically cause the BGP route to no longer be selected by BGP's 622 Path Selection Algorithm in others' networks. This could result in 623 sudden and unexpected shifts in traffic patterns in the network, 624 potentially resulting in congestion. 626 Given that these mechanisms can only be enabled through configuration 627 of routers within a single network, standard security measures should 628 be taken to restrict access to the management interface(s) of routers 629 that implement these mechanisms. Additionally, BGP sessions SHOULD 630 be protected using TCP Authentication Option [RFC5925] and the 631 Generalized TTL Security Mechanism [RFC5082] 633 8. Acknowledgements 635 Thanks to Kotikalapudi Sriram, Stephane Litkowski, Terry Manderson, 636 David Farmer, Jaroslaw Adam Gralak, Gunter Van de Velde, Juan 637 Alcaide, Jon Mitchell, Thomas Morin, Alia Atlas, and Alvaro Retana 638 for their comments. 640 9. References 642 9.1. Normative References 644 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 645 Requirement Levels", BCP 14, RFC 2119, March 1997. 647 [RFC4271] Rekhter, Y., Li, T., and S. Hares, "A Border Gateway 648 Protocol 4 (BGP-4)", RFC 4271, January 2006. 650 [RFC4456] Bates, T., Chen, E., and R. Chandra, "BGP Route 651 Reflection: An Alternative to Full Mesh Internal BGP 652 (IBGP)", RFC 4456, April 2006. 654 9.2. Informative References 656 [ALU] Alcatel-Lucent, "BGP Local AS attribute", 2006-2012, 657 . 661 [CISCO] Cisco Systems, Inc., "BGP Support for Dual AS 662 Configuration for Network AS Migrations", 2003, 663 . 667 [JUNIPER] Juniper Networks, Inc., "Configuring the BGP Local 668 Autonomous System Attribute", 2012, 669 . 672 [RFC5065] Traina, P., McPherson, D., and J. Scudder, "Autonomous 673 System Confederations for BGP", RFC 5065, August 2007. 675 [RFC5082] Gill, V., Heasley, J., Meyer, D., Savola, P., and C. 676 Pignataro, "The Generalized TTL Security Mechanism 677 (GTSM)", RFC 5082, October 2007. 679 [RFC5398] Huston, G., "Autonomous System (AS) Number Reservation for 680 Documentation Use", RFC 5398, December 2008. 682 [RFC5925] Touch, J., Mankin, A., and R. Bonica, "The TCP 683 Authentication Option", RFC 5925, June 2010. 685 [RFC6996] Mitchell, J., "Autonomous System (AS) Reservation for 686 Private Use", BCP 6, RFC 6996, July 2013. 688 Appendix A. Implementation report 690 As noted elsewhere in this document, this set of migration mechanisms 691 has multiple existing implementations in wide use. 693 o Cisco [CISCO] 695 o Juniper [JUNIPER] 697 o Alcatel-Lucent [ALU] 699 This is not intended to be an exhaustive list, as equivalent features 700 do exist in other implementations, however the authors were unable to 701 find publicly available documentation of the vendor-specific 702 implementation to reference. 704 Authors' Addresses 706 Wesley George 707 Time Warner Cable 708 13820 Sunrise Valley Drive 709 Herndon, VA 20171 710 US 712 Phone: +1 703-561-2540 713 Email: wesley.george@twcable.com 714 Shane Amante 715 Apple, Inc. 716 1 Infinite Loop 717 Cupertino, CA 95014 718 US 720 Email: samante@apple.com