idnits 2.17.1 draft-morin-bess-mvpn-fast-failover-02.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Using lowercase 'not' together with uppercase 'MUST', 'SHALL', 'SHOULD', or 'RECOMMENDED' is not an accepted usage according to RFC 2119. Please use uppercase 'NOT' together with RFC 2119 keywords (if that is what you mean). Found 'SHOULD not' in this paragraph: [RFC4875], the status of the corresponding P-Tunnel SHOULD be re-evaluated. If the P-Tunnel transitions from up to down state, the upstream PE, that is the ingress of the P-Tunnel, SHOULD not be considered a valid UMH. == Using lowercase 'not' together with uppercase 'MUST', 'SHALL', 'SHOULD', or 'RECOMMENDED' is not an accepted usage according to RFC 2119. Please use uppercase 'NOT' together with RFC 2119 keywords (if that is what you mean). Found 'SHOULD not' in this paragraph: When Leaf PE's P-Tunnel is already up, and is tracked with BFD, and it receives new x-PMSI A-D Route without BGP-BFD attribute, it must accept the x-PMSI A-D Route the BFD session should be declared admin down. Receiver node SHOULD not switch the traffic to the Standby P-tunnel. -- The document date (July 6, 2015) is 3216 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: 'I-D.ietf-bfd-multipoint' is defined on line 726, but no explicit reference was found in the text == Outdated reference: A later version (-19) exists of draft-ietf-bfd-multipoint-06 Summary: 0 errors (**), 0 flaws (~~), 5 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 Network Working Group T. Morin, Ed. 2 Internet-Draft Orange 3 Intended status: Standards Track R. Kebler, Ed. 4 Expires: January 3, 2016 Juniper Networks 5 July 6, 2015 7 Multicast VPN fast upstream failover 8 draft-morin-bess-mvpn-fast-failover-02 10 Abstract 12 This document defines multicast VPN extensions and procedures that 13 allow fast failover for upstream failures, by allowing downstream PEs 14 to take into account the status of Provider-Tunnels (P-tunnels) when 15 selecting the upstream PE for a VPN multicast flow, and extending BGP 16 MVPN routing so that a C-multicast route can be advertized toward a 17 standby upstream PE. 19 Requirements Language 21 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 22 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 23 document are to be interpreted as described in RFC 2119 [RFC2119]. 25 Status of This Memo 27 This Internet-Draft is submitted in full conformance with the 28 provisions of BCP 78 and BCP 79. 30 Internet-Drafts are working documents of the Internet Engineering 31 Task Force (IETF). Note that other groups may also distribute 32 working documents as Internet-Drafts. The list of current Internet- 33 Drafts is at http://datatracker.ietf.org/drafts/current/. 35 Internet-Drafts are draft documents valid for a maximum of six months 36 and may be updated, replaced, or obsoleted by other documents at any 37 time. It is inappropriate to use Internet-Drafts as reference 38 material or to cite them other than as "work in progress." 40 This Internet-Draft will expire on January 3, 2016. 42 Copyright Notice 44 Copyright (c) 2015 IETF Trust and the persons identified as the 45 document authors. All rights reserved. 47 This document is subject to BCP 78 and the IETF Trust's Legal 48 Provisions Relating to IETF Documents 49 (http://trustee.ietf.org/license-info) in effect on the date of 50 publication of this document. Please review these documents 51 carefully, as they describe your rights and restrictions with respect 52 to this document. Code Components extracted from this document must 53 include Simplified BSD License text as described in Section 4.e of 54 the Trust Legal Provisions and are provided without warranty as 55 described in the Simplified BSD License. 57 Table of Contents 59 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 60 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 61 3. UMH Selection based on tunnel status . . . . . . . . . . . . 3 62 3.1. Determining the status of a tunnel . . . . . . . . . . . 4 63 3.1.1. mVPN tunnel root tracking . . . . . . . . . . . . . . 5 64 3.1.2. PE-P Upstream link status . . . . . . . . . . . . . . 5 65 3.1.3. P2MP RSVP-TE tunnels . . . . . . . . . . . . . . . . 5 66 3.1.4. Leaf-initiated P-tunnels . . . . . . . . . . . . . . 6 67 3.1.5. (S,G) counter information . . . . . . . . . . . . . . 6 68 3.1.6. BFD Discriminator . . . . . . . . . . . . . . . . . . 6 69 3.1.7. Per PE-CE link BFD Discriminator . . . . . . . . . . 8 70 4. Standby C-multicast route . . . . . . . . . . . . . . . . . . 9 71 4.1. Downstream PE behavior . . . . . . . . . . . . . . . . . 9 72 4.2. Upstream PE behavior . . . . . . . . . . . . . . . . . . 10 73 4.3. Reachability determination . . . . . . . . . . . . . . . 11 74 4.4. Inter-AS . . . . . . . . . . . . . . . . . . . . . . . . 12 75 4.4.1. Inter-AS procedures for downstream PEs, ASBR fast 76 failover . . . . . . . . . . . . . . . . . . . . . . 12 77 4.4.2. Inter-AS procedures for ASBRs . . . . . . . . . . . . 12 78 5. Hot leaf standby . . . . . . . . . . . . . . . . . . . . . . 13 79 6. Duplicate packets . . . . . . . . . . . . . . . . . . . . . . 14 80 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 14 81 8. Security Considerations . . . . . . . . . . . . . . . . . . . 14 82 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 14 83 10. Contributor Addresses . . . . . . . . . . . . . . . . . . . . 14 84 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 16 85 11.1. Normative References . . . . . . . . . . . . . . . . . . 16 86 11.2. Informative References . . . . . . . . . . . . . . . . . 17 87 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 17 89 1. Introduction 91 In the context of multicast in BGP/MPLS VPNs, it is desirable to 92 provide mechanisms allowing fast recovery of connectivity on 93 different types of failures. This document addresses failures of 94 elements in the provider network that are upstream of PEs connected 95 to VPN sites with receivers. 97 The sections 3 and 4 describe two independent mechanisms, allowing 98 different levels of resiliency, and providing different failure 99 coverage: 101 o Section 3 describes local procedures allowing an egress PE (a PE 102 connected to a receiver site) to take into account the status of 103 P-Tunnels to determine the Upstream Multicast Hop (UMH) for a 104 given (C-S, C-G). This method does not provide a "fast failover" 105 solution when used alone, but can be used with the following 106 sections for a "fast failover" solution. 108 o Section 4 describes protocol extensions that can speed up failover 109 by not requiring any multicast VPN routing message exchange at 110 recovery time. 112 Moreover, section 5 describes a "hot leaf standby" mechanism, that 113 uses a combination of these two mechanisms. This approach has 114 similarities with the solution described in [I-D.mofrr] to improve 115 failover times when PIM routing is used in a network given some 116 topology and metric constraints. 118 2. Terminology 120 The terminology used in this document is the terminology defined in 121 [RFC6513] and [RFC6514]. 123 3. UMH Selection based on tunnel status 125 Current multicast VPN specifications [RFC6513], section 5.1, describe 126 the procedures used by a multicast VPN downstream PE to determine 127 what the upstream multicast hop (UMH) is for a said (C-S,C-G). 129 The procedure described here is an OPTIONAL procedure that consists 130 of having a downstream PE take into account the status of P-tunnels 131 rooted at each possible upstream PEs, for including or not including 132 each said PE in the list of candidate UMHs for a said (C-S,C-G) 133 state. The result is that, if a P-tunnel is "down" (see 134 Section 3.1), the PE that is the root of the P-Tunnel will not be 135 considered for UMH selection, which will result in the downstream PE 136 to failover to the upstream PE which is next in the list of 137 candidates. 139 A downstream PE monitors the status of the tunnels of UMHs that are 140 ahead of the current one. Whenever the downstream PE determines that 141 one of these tunnels is no longer "known to down", the PE selects the 142 UMH corresponding to that as the new UMH. 144 More precisely, UMH determination for a said (C-S,C-G) will consider 145 the UMH candidates in the following order: 147 o first, the UMH candidates that either (a) advertise a PMSI bound 148 to a tunnel, where the specified tunnel is not known to be down or 149 (b) do not advertise any I- or S- PMSI applicable to the said 150 (C-S,C-G) but have associated a VRF Route Import BGP attribute to 151 the unicast VPN route for S (this is necessary to avoid 152 considering some invalid UMH PEs that use a policy where no I-PMSI 153 is advertized for a said VRF and where only S-PMSI are used, the 154 S-PMSI advertisement being possibly done only after the upstream 155 PE receives a C-multicast route for (C-S, C-G)/(C-*, C-G) to be 156 carried over the advertized S-PMSI) 158 o second, the UMH candidates that advertise a PMSI bound to a tunnel 159 that is "down" -- these will thus be used as a last resort to 160 ensure a graceful fallback to the basic MVPN UMH selection 161 procedures in the hypothetical case where a false negative would 162 occur when determining the status of all tunnels 164 For a said downstream PE and a said VRF, the P-tunnel corresponding 165 to a said upstream PE for a said (C-S,C-G) state is the S-PMSI tunnel 166 advertized by that upstream PE for this (C-S,C-G) and imported into 167 that VRF, or if there isn't any such S-PMSI, the I-PMSI tunnel 168 advertized by that PE and imported into that VRF. 170 Note that this documents assumes that if a site of a given MVPN that 171 contains C-S is dual-homed to two PEs, then all the other sites of 172 that MVPN would have two unicast VPN routes (VPN-IPv4 or VPN-IPv6) 173 routes to C-S, each with its own RD. 175 3.1. Determining the status of a tunnel 177 Different factors can be considered to determine the "status" of a 178 P-tunnel and are described in the following sub-sections. The 179 procedure proposed here also allows that all downstream PEs don't 180 apply the same rules to define what the status of a P-tunnel is 181 (please see Section 6), and some of them will produce a result that 182 may be different for different downstream PEs. Thus what is called 183 the "status" of a P-tunnel in this section, is not a characteristic 184 of the tunnel in itself, but is the status of the tunnel, *as seen 185 from a particular downstream PE*. Additionally, some of the 186 following methods determine the ability of downstream PE to receive 187 traffic on the P-tunnel and not specifically on the status of the 188 P-tunnel itself. This could be referred to as "P-tunnel reception 189 status", but for simplicity, we will use the terminology of P-tunnel 190 "status" for all of these methods. 192 Depending on the criteria used to determine the status of a P-tunnel, 193 there may be an interaction with another resiliency mechanism used 194 for the P-tunnel itself, and the UMH update may happen immediately or 195 may need to be delayed. Each particular case is covered in each 196 separate sub-section below. 198 3.1.1. mVPN tunnel root tracking 200 A condition to consider that the status of a P-tunnel is up is that 201 the root of the tunnel, as determined in the PMSI tunnel attribute, 202 is reachable through unicast routing tables. In this case the 203 downstream PE can immediately update its UMH when the reachability 204 condition changes. 206 This is similar to BGP next-hop tracking for VPN routes, except that 207 the address considered is not the BGP next-hop address, but the root 208 address in the PMSI tunnel attribute. 210 If BGP next-hop tracking is done for VPN routes, and the root address 211 of a said tunnel happens to be the same as the next-hop address in 212 the BGP autodiscovery route advertising the tunnel, then this 213 mechanisms may be omitted for this tunnel, as it will not bring any 214 specific benefit. 216 3.1.2. PE-P Upstream link status 218 A condition to consider a tunnel status as up can be that the last- 219 hop link of the P-tunnel is up. 221 This method should not be used when there is a fast restoration 222 mechanism (such as MPLS FRR [RFC4090]) in place for the link. 224 3.1.3. P2MP RSVP-TE tunnels 226 For P-Tunnels of type P2MP MPLS-TE, the status of the P-Tunnel is 227 considered up if one or more of the P2MP RSVP-TE LSPs, identified by 228 the P-Tunnel Attribute, are in up state. The determination of 229 whether a P2MP RSVP-TE LSP is in up state requires Path and Resv 230 state for the LSP and is based on procedures in [RFC4875]. In this 231 case the downstream PE can immediately update its UMH when the 232 reachability condition changes. 234 When signaling state for a P2MP TE LSP is removed (e.g. if the 235 ingress of the P2MP TE LSP sends a PathTear message) or the P2MP TE 236 LSP changes state from up to down as determined by procedures in 238 [RFC4875], the status of the corresponding P-Tunnel SHOULD be re- 239 evaluated. If the P-Tunnel transitions from up to down state, the 240 upstream PE, that is the ingress of the P-Tunnel, SHOULD not be 241 considered a valid UMH. 243 3.1.4. Leaf-initiated P-tunnels 245 A PE can be removed from the UMH candidate list for a said (S,G) if 246 the P-tunnel for this S,G (I or S , depending) is leaf triggered 247 (PIM, mLDP), but for some reason internal to the protocol the 248 upstream one-hop branch of the tunnel from P to PE cannot be built. 249 In this case the downstream PE can immediately update its UMH when 250 the reachability condition changes. 252 3.1.5. (S,G) counter information 254 In cases, where the downstream node can be configured so that the 255 maximum inter-packet time is known for all the multicast flows mapped 256 on a P-tunnel, the local per-(C-S,C-G) traffic counter information 257 for traffic received on this P-tunnel can be used to determine the 258 status of the P-tunnel. 260 When such a procedure is used, in context where fast restoration 261 mechanisms are used for the P-tunnels, downstream PEs should be 262 configured to wait before updating the UMH, to let the P-tunnel 263 restoration mechanism happen. A configurable timer MUST be provided 264 for this purpose, and it is recommended to provide a reasonable 265 default value for this timer. 267 This method can be applicable for instance when a (S,G) flow is 268 mapped on an S-PMSI. 270 In cases where this mechanism is used in conjunction with 271 Hot leaf standby, then no prior knowledge of the rate of the 272 multicast streams is required ; downstream PEs can compare reception 273 on the two P-tunnels to determine when one of them is down. 275 3.1.6. BFD Discriminator 277 P-tunnel status can be derived from the status of a BFD session whose 278 discriminator is advertized along with an x-PMSI A-D route. 280 3.1.6.1. Root PE Procedures 282 When it is desired to track the P-Tunnel status using BFD, the Root 283 PE MUST include the BGP-BFD Attribute in the x-PMSI A-D Route. 285 If a P-Tunnel is already signaled, and then it is desired to track 286 the P-Tunnel status using BFD, x-PMSI A-D Route must be re-sent with 287 the same attributes as before, but the BGP-BFD Attribute MUST be 288 included. 290 If P-Tunnel is already signaled, and P-Tunnel status tracked using 291 BFD and it is desired to stop tracking P-Tunnel status using BFD, 292 then x-PMSI A-D Route MUST be re-sent with the same attributes as 293 before, but the BGP-BFD Attribute MUST be excluded. 295 3.1.6.2. Leaf PE Procedures 297 On receiving the BFD attribute in the x-PMSI A-D Route, the Leaf PE 298 MUST associate the received discriminator with the P-Tunnel 299 originating from the Root PE. Once the Leaf PE start getting the BFD 300 probes from the Root PE with the said discriminator, the BFD session 301 will be declared up and will then be used to track the health of the 302 P-Tunnel. 304 If the Leaf PE does not receive BFD probes for a P-Tunnel from the 305 Root PE for Detection Time, the BFD session would be brought down. 306 And, it would declare the P-tunnel associated with the discriminator 307 as down. 309 Leaf PE then can then initiate a switchover of the traffic from the 310 Primary Tunnel, to the Standby Tunnel. 312 When Leaf PE's P-Tunnel is already up, it receives new x-PMSI A-D 313 Route with BGP-BFD attribute, it must accept the x-PMSI A-D Route and 314 associate the discriminator with the P-tunnel. When the BFD probes 315 are received with the said discriminator, the BFD session is declared 316 up. 318 When Leaf PE's P-Tunnel is already up, and is tracked with BFD, and 319 it receives new x-PMSI A-D Route without BGP-BFD attribute, it must 320 accept the x-PMSI A-D Route the BFD session should be declared admin 321 down. Receiver node SHOULD not switch the traffic to the Standby 322 P-tunnel. 324 When such a procedure is used, in context where fast restoration 325 mechanisms are used for the P-tunnels, leaf PEs should be configured 326 to wait before updating the UMH, to let the P-tunnel restoration 327 mechanism happen. A configurable timer MUST be provided for this 328 purpose, and it is recommended to provide a reasonable default value 329 for this timer. 331 3.1.6.3. BGP-BFD Attribute 333 This document defines and uses a new BGP attribute called the "BGP- 334 BFD attribute". This is an optional transitive BGP attribute. The 335 format of this attribute is defined as follows: 337 +-------------------------------+ 338 | Flags (1 octet) | 339 +-------------------------------+ 340 | BFD Discriminator (4 octets) | 341 +-------------------------------+ 343 The Flags field has the following format: 345 0 1 2 3 4 5 6 7 346 +-+-+-+-+-+-+-+-+ 347 | reserved | 348 +-+-+-+-+-+-+-+-+ 350 3.1.7. Per PE-CE link BFD Discriminator 352 The following approach is proposed for fast failover on PE-CE link 353 failures, in which UMH selection for a said (S,G) takes into account 354 the state of a BFD session dedicated to the state of the upstream PE- 355 CE link. 357 If this approach is enabled: 359 o each upstream PE: for each PE-CE link for which this protection is 360 wanted, initiates a multipoint BFD session toward downstream PEs, 361 with a trigger causing such a session to be torn down if the 362 associated PE-CE link is detected as down. 364 o each upstream PE: for each prefix of a PE-CE link for which 365 protection is wanted, advertizes a wildcard S-PMSI covering the 366 sources inside this prefix, and signals along with this S-PMSI the 367 multipoint BFD session discriminator associated with the PE-CE 368 link. (note that all these S-PMSIs can perfectly use the same 369 P-tunnel) 371 o each downstream PE: if an S-PMSI bound to a said (S,G) is signaled 372 with a multipoint BFD session, then the upstream PE is considered 373 during UMH selection for (S,G) if and only if the corresponding 374 BFD session is up. Whenever the BFD session goes down the S-PMSI 375 P-tunnel will be considered down and the downstream PE will switch 376 to the backup P-tunnel. Note that the P-tunnel is considered down 377 only for the (S,G) states that match to an S-PMSI signaling the 378 BFD discriminator of a BFD session which is down 380 4. Standby C-multicast route 382 The procedures described below are limited to the case where the site 383 that contains C-S is connected to exactly two PEs. The procedures 384 require all the PEs of that MVPN to follow the single forwarder PE 385 selection, as specified in [RFC6513]. The procedures assume that if 386 a site of a given MVPN that contains C-S is dual-homed to two PEs, 387 then all the other sites of that MVPN would have two unicast VPN 388 routes (VPN-IPv4 or VPN-IPv6) routes to C-S, each with its own RD. 390 As long as C-S is reachable via both PEs, a said downstream PE will 391 select one of the PEs connected to C-S as its Upstream PE with 392 respect to C-S. We will refer to the other PE connected to C-S as 393 the "Standby Upstream PE". Note that if the connectivity to C-S 394 through the Primary Upstream PE becomes unavailable, then the PE will 395 select the Standby Upstream PE as its Upstream PE with respect to 396 C-S. 398 For readability, in the following sub-sections, the procedures are 399 described for BGP C-multicast Source Tree Join routes, but they apply 400 equally to BGP C-multicast Shared Tree Join routes failover for the 401 case where the customer RP is dual-homed (substitute "C-RP" to 402 "C-S"). 404 4.1. Downstream PE behavior 406 When a (downstream) PE connected to some site of an MVPN needs to 407 send a C-multicast route (C-S, C-G), then following the procedures 408 specified in Section "Originating C-multicast routes by a PE" of 409 [RFC6514] the PE sends the C-multicast route with RT that identifies 410 the Upstream PE selected by the PE originating the route. As long as 411 C-S is reachable via the Primary Upstream PE, the Upstream PE is the 412 Primary Upstream PE. If C-S is reachable only via the Standby 413 Upstream PE, then the Upstream PE is the Standby Upstream PE. 415 If C-S is reachable via both the Primary and the Standby Upstream PE, 416 then in addition to sending the C-multicast route with an RT that 417 identifies the Primary Upstream PE, the PE also originates and sends 418 a C-multicast route with an RT that identifies the Standby Upstream 419 PE. This route, that has the semantic of being a 'standby' 420 C-multicast route, is further called a "Standby BGP C-multicast 421 route", and is constructed as follows: 423 o the NLRI is constructed as the original C-multicast route, except 424 that the RD is the same as if the C-multicast route was built 425 using the standby PE as the UMH (it will carry the RD associated 426 to the unicast VPN route advertized by the standby PE for S) 428 o SHOULD carry the "Standby PE" BGP Community (this is a new BGP 429 Community, see Section 7) 431 The normal and the standby C-multicast routes must have their Local 432 Preference attribute adjusted so that, if two C-multicast routes with 433 same NLRI are received by a BGP peer, one carrying the "Standby PE" 434 attribute and the other one *not* carrying the "Standby PE" 435 community, then preference is given to the one *not* carrying the 436 "Standby PE" attribute. Such a situation can happen when, for 437 instance due to transient unicast routing inconsistencies, two 438 different downstream PEs consider different upstream PEs to be the 439 primary one ; in that case, without any precaution taken, both 440 upstream PEs would process a standby C-multicast route and possibly 441 stop forwarding at the same time. For this purpose a Standby BGP 442 C-multicast route MUST have the LOCAL_PREF attribute set to zero. 444 Note that, when a PE advertizes such a Standby C-multicast join for 445 an (S,G) it must join the corresponding P-tunnel. 447 If at some later point the local PE determines that C-S is no longer 448 reachable through the Primary Upstream PE, the Standby Upstream PE 449 becomes the Upstream PE, and the local PE re-sends the C-multicast 450 route with RT that identifies the Standby Upstream PE, except that 451 now the route does not carry the Standby PE BGP Community (which 452 results in replacing the old route with a new route, with the only 453 difference between these routes being the presence/absence of the 454 Standby PE BGP Community). 456 4.2. Upstream PE behavior 458 When a PE receives a C-multicast route for a particular (C-S, C-G), 459 and the RT carried in the route results in importing the route into a 460 particular VRF on the PE, if the route carries the Standby PE BGP 461 Community, then the PE performs as follows: 463 when the PE determines that C-S is not reachable through some 464 other PE, the PE SHOULD install VRF PIM state corresponding to 465 this Standby BGP C-multicast route (the result will be that a PIM 466 Join message will be sent to the CE towards C-S, and that the PE 467 will receive (C-S,C-G) traffic), and the PE SHOULD forward (C-S, 468 C-G) traffic received by the PE to other PEs through a P-tunnel 469 rooted at the PE. 471 Furthermore, irrespective of whether C-S carried in that route is 472 reachable through some other PE: 474 a) based on local policy, as soon as the PE receives this Standby BGP 475 C-multicast route, the PE MAY install VRF PIM state corresponding 476 to this BGP Source Tree Join route (the result will be that Join 477 messages will be sent to the CE toward C-S, and that the PE will 478 receive (C-S,C-G) traffic) 480 b) based on local policy, as soon as the PE receives this Standby BGP 481 C-multicast route, the PE MAY forward (C-S, C-G) traffic to other 482 PEs through a P-tunnel independently of the reachability of C-S 483 through some other PE. [note that this implies also doing (a)] 485 Doing neither (a), nor (b) for a said (C-S,C-G) is called "cold root 486 standby". 488 Doing (a) but not (b) for a said (C-S,C-G) is called "warm root 489 standby". 491 Doing (b) (which implies also doing (a)) for a said (C-S,C-G) is 492 called "hot root standby". 494 Note that, if an upstream PE uses an S-PMSI only policy, it shall 495 advertise an S-PMSI for an (S,G) as soon as it receives a C-multicast 496 route for (S,G), normal or Standby ; i.e. it shall not wait for 497 receiving a non-Standby C-multicast route before advertising the 498 corresponding S-PMSI. 500 Section 9.3.2 of [RFC6514], describes the procedures of sending a 501 Source-Active A-D result as a result of receiving the C-multicast 502 route. These procedures should be followed for both the normal and 503 Standby C-multicast routes. 505 4.3. Reachability determination 507 The standby PE can use the following information to determine that 508 C-S can or cannot be reached through the primary PE: 510 o presence/absence of a unicast VPN route toward C-S 512 o supposing that the standby PE is an egress of the tunnel rooted at 513 the Primary PE, the standby PE can determine the reachability of 514 C-S through the Primary PE based on the status of this tunnel, 515 determined thanks to the same criteria as the ones described in 516 Section 3.1 (without using the UMH selection procedures of 517 Section 3) 519 o other mechanisms MAY be used 521 4.4. Inter-AS 523 If the non-segmented inter-AS approach is used, the procedures in 524 section 4 can be applied. 526 When multicast VPNs are used in a inter-AS context with the segmented 527 inter-AS approach described in section 8.2 of [RFC6514], the 528 procedures in this section can be applied. 530 A pre-requisite for the procedures described below to be applied for 531 a source of a said MVPN is: 533 o that any PE of this MVPN receives two Inter-AS I-PMSI auto- 534 discovery routes advertized by the AS of the source (or more) 536 o that these Inter-AS I-PMSI autodiscovery routes have distinct 537 Route Distinguishers (as described in item "(2)" of section 9.2 of 538 [RFC6514]). 540 As an example, these conditions will be satisfied when the source is 541 dual homed to an AS that connects to the receiver AS through two ASBR 542 using auto-configured RDs. 544 4.4.1. Inter-AS procedures for downstream PEs, ASBR fast failover 546 The following procedure is applied by downstream PEs of an AS, for a 547 source S in a remote AS. 549 Additionally to choosing an Inter-AS I-PMSI autodiscovery route 550 advertized from the AS of the source to construct a C-multicast 551 route, as described in section 11.1.3 [RFC6514] a downstream PE will 552 choose a second Inter-AS I-PMSI autodiscovery route advertized from 553 the AS of the source and use this route to construct and advertise a 554 Standby C-multicast route (C-multicast route carrying the Standby 555 extended community) as described in Section 4.1. 557 4.4.2. Inter-AS procedures for ASBRs 559 When an upstream ASBR receives a C-multicast route, and at least one 560 of the RTs of the route matches one of the ASBR Import RT, the ASBR 561 locates an Inter-AS I-PMSI A-D route whose RD and Source AS matches 562 the RD and Source AS carried in the C-multicast route. If the match 563 is found, and C-multicast route carries the Standby PE BGP Community, 564 then the ASBR performs as follows: 566 o if the route was received over iBGP ; the route is expected to 567 have a LOCAL_PREF attribute set to zero and it should be re- 568 advertized in eBGP with a MED attribute (MULTI_EXIT_DISC) set to 569 the highest possible value (0xffff) 571 o if the route was received over eBGP ; the route is expected to 572 have a MED attribute set of 0xffff and should be re-advertized in 573 iBGP with a LOCAL_PREF attribute set to zero 575 Other ASBR procedures are applied without modification. 577 5. Hot leaf standby 579 The mechanisms defined in sections Section 4 and Section 3 can be 580 used together as follows. 582 The principle is that, for a said VRF (or possibly only for a said 583 C-S,C-G): 585 o downstream PEs advertise a Standby BGP C-multicast route (based on 586 Section 4) 588 o upstream PEs use the "hot standby" optional behavior and thus will 589 forward traffic for a said multicast state as soon as they have 590 whether a (primary) BGP C-multicast route or a Standby BGP 591 C-multicast route for that state (or both) 593 o downstream PEs accept traffic from the primary or standby tunnel, 594 based on the status of the tunnel (based on Section 3) 596 Other combinations of the mechanisms proposed in Section 4) and 597 Section 3 are for further study. 599 Note that the same level of protection would be achievable with a 600 simple C-multicast Source Tree Join route advertized to both the 601 primary and secondary upstream PEs (carrying as Route Target extended 602 communities, the values of the VRF Route Import attribute of each VPN 603 route from each upstream PEs). The advantage of using the Standby 604 semantic for is that, supposing that downstream PEs always advertise 605 a Standby C-multicast route to the secondary upstream PE, it allows 606 to choose the protection level through a change of configuration on 607 the secondary upstream PE, without requiring any reconfiguration of 608 all the downstream PEs. 610 6. Duplicate packets 612 Multicast VPN specifications [RFC6513] impose that a PE only forwards 613 to CEs the packets coming from the expected usptream PE 614 (Section 9.1). 616 We highlight the reader's attention to the fact that the respect of 617 this part of multicast VPN specifications is especially important 618 when two distinct upstream PEs are susceptible to forward the same 619 traffic on P-tunnels at the same time in steady state. This will be 620 the case when "hot root standby" mode is used (Section 4), and which 621 can also be the case if procedures of Section 3 are used and (a) the 622 rules determining the status of a tree are not the same on two 623 distinct downstream PEs or (b) the rule determining the status of a 624 tree depend on conditions local to a PE (e.g. the PE-P upstream link 625 being up). 627 7. IANA Considerations 629 Allocation is expected from IANA for the BGP "Standby PE" community. 630 (TBC) 632 [Note to RFC Editor: this section may be removed on publication as an 633 RFC.] 635 8. Security Considerations 637 9. Acknowledgements 639 The authors want to thank Greg Reaume and Eric Rosen for their review 640 and useful feedback. 642 10. Contributor Addresses 644 Below is a list of other contributing authors in alphabetical order: 646 Rahul Aggarwal 647 Arktan 649 Email: raggarwa_1@yahoo.com 651 Nehal Bhau 652 Alcatel-Lucent, Inc. 653 701 E Middlefield Rd 654 Mountain View, CA 94043 655 USA 656 Email: Nehal.Bhau@alcatel-lucent.com 658 Clayton Hassen 659 Bell Canada 660 2955 Virtual Way 661 Vancouver 662 CANADA 664 Email: Clayton.Hassen@bell.ca 666 Wim Henderickx 667 Alcatel-Lucent 668 Copernicuslaan 50 669 Antwerp 2018 670 Belgium 672 Email: wim.henderickx@alcatel-lucent.com 674 Pradeep Jain 675 Alcatel-Lucent, Inc. 676 701 E Middlefield Rd 677 Mountain View, CA 94043 678 USA 680 Email: pradeep.jain@alcatel-lucent.com 682 Jayant Kotalwar 683 Alcatel-Lucent, Inc. 684 701 E Middlefield Rd 685 Mountain View, CA 94043 686 USA 688 Email: Jayant.Kotalwar@alcatel-lucent.com 690 Praveen Muley 691 Alcatel-Lucent 692 701 East Middlefield Rd 693 Mountain View, CA 94043 694 U.S.A. 696 Email: praveen.muley@alcatel-lucent.com 698 Ray (Lei) Qiu 699 Juniper Networks 700 1194 North Mathilda Ave. 701 Sunnyvale, CA 94089 702 U.S.A. 704 Email: rqiu@juniper.net 706 Yakov Rekhter 707 Juniper Networks 708 1194 North Mathilda Ave. 709 Sunnyvale, CA 94089 710 U.S.A. 712 Email: yakov@juniper.net 714 Kanwar Singh 715 Alcatel-Lucent, Inc. 716 701 E Middlefield Rd 717 Mountain View, CA 94043 718 USA 720 Email: kanwar.singh@alcatel-lucent.com 722 11. References 724 11.1. Normative References 726 [I-D.ietf-bfd-multipoint] 727 Katz, D., Ward, D., and S. Pallagatti, "BFD for Multipoint 728 Networks", draft-ietf-bfd-multipoint-06 (work in 729 progress), January 2015. 731 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 732 Requirement Levels", BCP 14, RFC 2119, March 1997. 734 [RFC4875] Aggarwal, R., Papadimitriou, D., and S. Yasukawa, 735 "Extensions to Resource Reservation Protocol - Traffic 736 Engineering (RSVP-TE) for Point-to-Multipoint TE Label 737 Switched Paths (LSPs)", RFC 4875, May 2007. 739 [RFC6513] Aggarwal, R., Bandi, S., Cai, Y., Morin, T., Rekhter, Y., 740 Rosen, E., Wijnands, I., and S. Yasukawa, "Multicast in 741 MPLS/BGP IP VPNs", RFC 6513, February 2012. 743 [RFC6514] Aggarwal, R., Rosen, E., Morin, T., and Y. Rekhter, "BGP 744 Encodings and Procedures for Multicast in MPLS/BGP IP 745 VPNs", RFC 6514, February 2012. 747 11.2. Informative References 749 [I-D.mofrr] 750 Karan, A., Filsfils, C., Farinacci, D., Decraene, B., 751 Leymann, N., and T. Telkamp, "Multicast only Fast Re- 752 Route", draft-ietf-rtgwg-mofrr-08 (work in progress), 753 February 2015. 755 [RFC4090] Pan, P., Swallow, G., and A. Atlas, "Fast Reroute 756 Extensions to RSVP-TE for LSP Tunnels", RFC 4090, May 757 2005. 759 Authors' Addresses 761 Thomas Morin (editor) 762 Orange 763 2, avenue Pierre Marzin 764 Lannion 22307 765 France 767 Email: thomas.morin@orange-ftgroup.com 769 Robert Kebler (editor) 770 Juniper Networks 771 1194 North Mathilda Ave. 772 Sunnyvale, CA 94089 773 U.S.A. 775 Email: rkebler@juniper.net