idnits 2.17.1 draft-wang-lsr-prefix-unreachable-annoucement-06.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document doesn't use any RFC 2119 keywords, yet seems to have RFC 2119 boilerplate text. -- The document date (March 26, 2021) is 1126 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: 'RFC2328' is defined on line 342, but no explicit reference was found in the text == Unused Reference: 'RFC5340' is defined on line 356, but no explicit reference was found in the text == Unused Reference: 'RFC5709' is defined on line 360, but no explicit reference was found in the text == Unused Reference: 'RFC7770' is defined on line 365, but no explicit reference was found in the text == Unused Reference: 'RFC7981' is defined on line 375, but no explicit reference was found in the text == Outdated reference: A later version (-12) exists of draft-ietf-lsr-ospf-prefix-originator-07 Summary: 0 errors (**), 0 flaws (~~), 8 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 LSR Working Group A. Wang 3 Internet-Draft China Telecom 4 Intended status: Standards Track G. Mishra 5 Expires: September 27, 2021 Verizon Inc. 6 Z. Hu 7 Y. Xiao 8 Huawei Technologies 9 March 26, 2021 11 Prefix Unreachable Announcement 12 draft-wang-lsr-prefix-unreachable-annoucement-06 14 Abstract 16 This document describes a mechanism to solve an existing issue with 17 Longest Prefix Match (LPM), that exists where an operator domain is 18 divided into multiple areas or levels where summarization is 19 utilized. This draft addresses a fail-over issue related to a multi 20 areas or levels domain, where a link or node down event occurs 21 resulting in an LPM component prefix being omitted from the FIB 22 resulting in black hole sink of routing and connectivity loss. This 23 draft introduces a new control plane convergence signaling mechanism 24 using a negative prefix called Prefix Unreachable Announcement (PUA), 25 utilized to detect a link or node down event and signal the RIB that 26 the event has occurred to force immediate control plane convergence. 28 Status of This Memo 30 This Internet-Draft is submitted in full conformance with the 31 provisions of BCP 78 and BCP 79. 33 Internet-Drafts are working documents of the Internet Engineering 34 Task Force (IETF). Note that other groups may also distribute 35 working documents as Internet-Drafts. The list of current Internet- 36 Drafts is at https://datatracker.ietf.org/drafts/current/. 38 Internet-Drafts are draft documents valid for a maximum of six months 39 and may be updated, replaced, or obsoleted by other documents at any 40 time. It is inappropriate to use Internet-Drafts as reference 41 material or to cite them other than as "work in progress." 43 This Internet-Draft will expire on September 27, 2021. 45 Copyright Notice 47 Copyright (c) 2021 IETF Trust and the persons identified as the 48 document authors. All rights reserved. 50 This document is subject to BCP 78 and the IETF Trust's Legal 51 Provisions Relating to IETF Documents 52 (https://trustee.ietf.org/license-info) in effect on the date of 53 publication of this document. Please review these documents 54 carefully, as they describe your rights and restrictions with respect 55 to this document. Code Components extracted from this document must 56 include Simplified BSD License text as described in Section 4.e of 57 the Trust Legal Provisions and are provided without warranty as 58 described in the Simplified BSD License. 60 Table of Contents 62 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 63 2. Conventions used in this document . . . . . . . . . . . . . . 3 64 3. Scenario Description . . . . . . . . . . . . . . . . . . . . 3 65 3.1. Inter-Area Node Failure Scenario . . . . . . . . . . . . 4 66 3.2. Inter-Area Links Failure Scenario . . . . . . . . . . . . 4 67 4. PUA (Prefix Unreachable Advertisement) Procedures . . . . . . 5 68 5. MPLS and SRv6 LPM based BGP Next-hop Failure Application . . 5 69 6. Implementation Consideration . . . . . . . . . . . . . . . . 6 70 7. Deployment Considerations . . . . . . . . . . . . . . . . . . 7 71 8. Security Considerations . . . . . . . . . . . . . . . . . . . 7 72 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7 73 10. Acknowledgement . . . . . . . . . . . . . . . . . . . . . . . 7 74 11. Normative References . . . . . . . . . . . . . . . . . . . . 8 75 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 9 77 1. Introduction 79 As part of an operator optimized design criteria, a critical 80 requirement is to limit Shortest Path First (SPF) churn which occurs 81 within a single OSPF area or ISIS level. This is accomplished by 82 sub-dividing the IGP domain into multiple areas for flood reduction 83 of intra area prefixes so they are contained within each discrete 84 area to avoid domain wide flooding. 86 OSPF and ISIS have a default and summary route mechanism which is 87 performed on the OSPF area border router or ISIS L1-L2 node. The 88 OSPF summary route is triggered to be advertised conditionally when 89 at least one component prefix exists within the non-zero area. ISIS 90 Level-L1-L2 node as well generate a summary prefix into the level-2 91 backbone area for Level 1 area prefixes that is triggered to be 92 advertised conditionally when at least a single component prefix 93 exists within the Level-1 area. ISIS L1-L2 node with attach bit set 94 also generates a default route into each Level-1 area along with 95 summary prefixes generated for other Level-1 areas. 97 Operators have historically relied on MPLS architecture which is 98 based on exact match host route FEC binding for single area. 99 [RFC5283] LDP inter-area extension provides the ability to LPM, so 100 now the RIB match can now be a summary match and not an exact match 101 of a host route of the egress PE for an inter-area LSP to be 102 instantiated. SRV6 routing framework utilities the IPv6 data plane 103 standard IGP LPM. When operators start to migrate from MPLS LSP 104 based host route bootstrapped FEC binding, to SRv6 routing framework, 105 the IGP LPM now comes into play with summarization which will 106 influence the forwarding of traffic when a link or node event occurs 107 for a component prefix within the summary range resulting in black 108 hole routing of traffic. 110 The motivation behind this draft is based on either MPLS LPM FEC 111 binding, or SRv6 BGP service overlay using traditional unicast 112 routing (uRIB) LPM forwarding plane where the IGP domain has been 113 carved up into OSPF or ISIS areas and summarization is utilized. In 114 this scenario where a failure conditions result in a black hole of 115 traffic where multiple ABRs exist and either the area is partitioned 116 or other link or node failures occur resulting in the component 117 prefix host route missing within the summary range. Summarization of 118 inter-area types routes propagated into the backbone area for flood 119 reduction are made up of component prefixes. It is these component 120 prefixes that the PUA tracks to ensure traffic is not black hole sink 121 routed due to a PE or ABR failure. The PUA mechanism ensures 122 immediate control plane convergence with ABR or PE node switchover 123 when area is partitioned or ABR has services down to avoid black hole 124 of traffic. 126 2. Conventions used in this document 128 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 129 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 130 document are to be interpreted as described in [RFC2119] . 132 3. Scenario Description 134 Figure 1 illustrates the topology scenario when OSPF or ISIS is 135 running in multi areas or multi levels domain. R0-R4 are routers in 136 backbone area, S1-S4,T1-T4 are internal routers in area 1 and area 2 137 respectively. R1 and R3 are area border routers or ISIS Level 1-2 138 border nodes between area 0 and area 1. R2 and R4 are area border 139 routers between area 0 and area 2. 141 S1/S4 and T2/T4 PEs peer to customer CEs for overlay VPNs. Ps1/Ps4 142 is the loopback0 address of S1/S4 and Pt2/Pt4 is the loopback0 143 address of T2/T4. 145 +---------------------+------+--------+-----+--------------+ 146 | +--+ +--+ ++-+ ++-+ +-++ + -+ +--+| 147 | |S1+--------+S2+---+R1+---|R0+----+R2+---+T1+--------+T2|| 148 | +-++Ps1 +-++ ++-+ +--+ +-++ ++++ Pt2 +-++| 149 | | | | | || | | 150 | | | | | || | | 151 | +-++Ps4 +-++ ++-+ +-++ ++++ Pt4+-++| 152 | |S4+--------+S3+---+R3+-----------+R4+---+T3+--------+T4|| 153 | +--+ +--+ ++-+ +-++ ++-+ +--+| 154 | | | | 155 | | | | 156 | Area 1 | Area 0 | Area 2 | 157 +---------------------+---------------+--------------------+ 159 Figure 1: OSPF Inter-Area Prefix Unreachable Announcement Scenario 161 3.1. Inter-Area Node Failure Scenario 163 If the area border router R2/R4 does the summary action, then one 164 summary address that cover the prefixes of area 2 will be announced 165 to area 0 and area 1, instead of the detail address. When the node 166 T2 is down, Pt2 bgp next hop becomes unreachable while the LPM 167 summary prefix continues to be advertised into the backbone area. 168 Except the border router R2/R4, the other routers within area 0 and 169 area 1 do not know the unreachable status of the Pt2 bgp next hop 170 prefix. Traffic will continue to forward LPM match to prefix Pt2 and 171 will be dropped on the ABR or Level 1-2 border node resulting in 172 black hole routing and connectivity loss. Customer overlay VPN dual 173 homed to both S1/S4 and T2/R4, traffic will not be able to fail-over 174 to alternate egress PE T4 bgp next hop Pt4 due to the summarization. 176 3.2. Inter-Area Links Failure Scenario 178 In a link failure scenario, if the link between T1/T2 and T1/T3 are 179 down, R2 will not be able to reach node T2. But as R2 and R4 do the 180 summary announcement, and the summary address covers the bgp next hop 181 prefix of Pt2, other nodes in area 0 area 1 will still send traffic 182 to T2 bgp next hop prefix Pt2 via the border router R2, thus black 183 hole sink routing the traffic. 185 In such a situation, the border router R2 should notify other routers 186 that it can't reach the prefix Pt2, and lets the other ABRs(R4) that 187 can reach prefix Pt2 advertise one specific route to Pt2, then the 188 internal routers will select R4 as the bypass router to reach prefix 189 Pt2. 191 4. PUA (Prefix Unreachable Advertisement) Procedures 193 [RFC7794] and [I-D.ietf-lsr-ospf-prefix-originator] draft both define 194 one sub-tlv to announce the originator information of the one prefix 195 from a specified node. This draft utilizes such TLV for both OSPF 196 and ISIS to signal the negative prefix in the perspective PUA when a 197 link or node goes down. 199 ABR detects link or node down and floods PUA negative prefix 200 advertisement along with the summary advertisement according to the 201 prefix-originator specification. The ABR or ISIS L1-L2 border node 202 has the responsibility to add the prefix originator information when 203 it receives the Router LSA from other routers in the same area or 204 level. 206 When the ABR or ISIS L1-L2 border node generates the summary 207 advertisement based on component prefixes, the ABR will announce one 208 new summary LSA or LSP which includes the information about this down 209 prefix, with the prefix originator set to NULL. The number of PUAs 210 is equivalent to the number of links down or nodes down. The LSA or 211 LSP will be propagated with standard flooding procedures. 213 If the nodes in the area receive the PUA flood from all of its ABR 214 routers, they will start BGP convergence process if there exist BGP 215 session on this PUA prefix. The PUA creates a forced fail over 216 action to initiate immediate control plane convergence switchover to 217 alternate egress PE. Without the PUA forced convergence the down 218 prefix will yield black hole routing resulting in loss of 219 connectivity. 221 When only some of the ABRs can't reach the failure node/link, as that 222 described in Section 3.2, the ABR that can reach the PUA prefix 223 should advertise one specific route to this PUA prefix. The internal 224 routers within another area can then bypass the ABRs that can't reach 225 the PUA prefix, to reach the PUA prefix. 227 5. MPLS and SRv6 LPM based BGP Next-hop Failure Application 229 In an MPLS or SR-MPLS service provider core, scalability has been a 230 concern for operators which have split up the IGP domain into 231 multiple areas to avoid SPF churn. Normally, MPLS FEC binding for 232 LSP instantiation is based on egress PE exact match of a host route 233 Looback0. [RFC5283] LDP inter-area extension provides the ability to 234 LPM, so now the RIB match can now be a summary match and not an exact 235 match of host route of the egress PE for an inter-area LSP to be 236 instantiated. The caveat related to this feature that has prevented 237 operators from using the [RFC5283] LDP inter-area extension concept 238 is that when the component prefixes are now hidden in the summary 239 prefix, and thus the visibility of the BGP next-hop attribute is 240 lost. 242 In a case where a PE is down, and the [RFC5283] LDP inter-area 243 extension LPM summary is used to build the LSP inter-area, the LSP 244 remains partially established black hole on the ABR performing the 245 summarization. This major gap with [RFC5283] inter-area extension 246 forces operators into a workaround of having to flood the BGP next- 247 hop domain wide. In a small network this is fine, however if you 248 have 1000s PEs and many areas, the domain wide flooding can be 249 painful for operators as far as resource usage memory consumption and 250 computational requirements for RIB / FIB / LFIB label binding control 251 plane state. The ramifications of domain wide flooding of host 252 routes is described in detail in [RFC5302] domain wide prefix 253 distribution with 2 level ISIS Section 1.2 - Scalability. As SRv6 254 utilizes LPM, this problem exists as well with SRv6 when IGP domain 255 is broken up into areas and summarization is utilized. 257 PUA is now able to provide the negative prefix component flooded 258 across the backbone to the other areas along with the summary prefix, 259 which is now immediately programmed into the RIB control plane. MPLS 260 LSP exact match or SRv6 LPM match over fail over path can now be 261 established to the alternate egress PE. No disruption in traffic or 262 loss of connectivity results from PUA. Further optimizations such as 263 LFA and BFD can be done to make the data plane convergence hitless. 264 The PUA solution applies to MPLS or SR-MPLS where LDP inter-area 265 extension is utilized for LPM aggregate FEC, as well a SRv6 IPv6 266 control plane LPM match summarization of BGP next hop. 268 6. Implementation Consideration 270 Considering the balances of reachable information and unreachable 271 information announcement capabilities, the implementation of this 272 mechanism should set one MAX_Address_Announcement (MAA) threshold 273 value that can be configurable. Then, the ABR should make the 274 following decisions to announce the prefixes: 276 1. If the number of unreachable prefixes is less than MAA, the ABR 277 should advertise the summary address and the PUA. 279 2. If the number of reachable address is less than MAA, the ABR 280 should advertise the detail reachable address only. 282 3. If the number of reachable prefixes and unreachable prefixes 283 exceed MAA, then advertise the summary address with MAX metric. 285 7. Deployment Considerations 287 To support the PUA advertisement, the ABRs should be upgraded 288 according to the procedures described in Section 4. The PEs that 289 want to accomplish the BGP switchover that described in Section 3.1 290 and Section 5 should also be upgraded to act upon the receive of the 291 PUA message. Other nodes within the network can ignore such PUA 292 message if they don't care or don't support. 294 As described in Section 4, the ABR will advertise the PUA message 295 once it detects there is link or node down within the summary 296 address. In order to reduce the unnecessary advertisements of PUA 297 messages on ABRs, the ABRs should support the configuration of the 298 protected prefixes. Based on such information, the ABR will only 299 advertise the PUA message when the protected prefixes(for example, 300 the loopback addresses of PEs that run BGP) that within the summary 301 address is missing. 303 The advertisement of PUA message should only last one configurable 304 period to allow the services that run on the failure prefixes are 305 converged or switchover. If one prefix is missed before the PUA 306 mechanism takes effect, the ABR will not declare its absence via the 307 PUA mechanism. 309 8. Security Considerations 311 Advertisement of PUA information follow the same procedure of 312 traditional LSA. The action based on the PUA is clearly defined in 313 this document for ABR or Level1/2 router and the receiver that run 314 BGP. 316 There is no changes to the forward behavior of other internal 317 routers. 319 9. IANA Considerations 321 This document has no IANA actions. 323 10. Acknowledgement 325 Thanks Peter Psenak, Les Ginsberg, Acee Lindem, Shraddha Hegde, 326 Robert Raszuk, Tonly Li, Jeff Tantsura, Tony Przygienda and Bruno 327 Decraene for their suggestions and comments on this draft. 329 11. Normative References 331 [I-D.ietf-lsr-ospf-prefix-originator] 332 Wang, A., Lindem, A., Dong, J., Psenak, P., and K. 333 Talaulikar, "OSPF Prefix Originator Extensions", draft- 334 ietf-lsr-ospf-prefix-originator-07 (work in progress), 335 October 2020. 337 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 338 Requirement Levels", BCP 14, RFC 2119, 339 DOI 10.17487/RFC2119, March 1997, 340 . 342 [RFC2328] Moy, J., "OSPF Version 2", STD 54, RFC 2328, 343 DOI 10.17487/RFC2328, April 1998, 344 . 346 [RFC5283] Decraene, B., Le Roux, JL., and I. Minei, "LDP Extension 347 for Inter-Area Label Switched Paths (LSPs)", RFC 5283, 348 DOI 10.17487/RFC5283, July 2008, 349 . 351 [RFC5302] Li, T., Smit, H., and T. Przygienda, "Domain-Wide Prefix 352 Distribution with Two-Level IS-IS", RFC 5302, 353 DOI 10.17487/RFC5302, October 2008, 354 . 356 [RFC5340] Coltun, R., Ferguson, D., Moy, J., and A. Lindem, "OSPF 357 for IPv6", RFC 5340, DOI 10.17487/RFC5340, July 2008, 358 . 360 [RFC5709] Bhatia, M., Manral, V., Fanto, M., White, R., Barnes, M., 361 Li, T., and R. Atkinson, "OSPFv2 HMAC-SHA Cryptographic 362 Authentication", RFC 5709, DOI 10.17487/RFC5709, October 363 2009, . 365 [RFC7770] Lindem, A., Ed., Shen, N., Vasseur, JP., Aggarwal, R., and 366 S. Shaffer, "Extensions to OSPF for Advertising Optional 367 Router Capabilities", RFC 7770, DOI 10.17487/RFC7770, 368 February 2016, . 370 [RFC7794] Ginsberg, L., Ed., Decraene, B., Previdi, S., Xu, X., and 371 U. Chunduri, "IS-IS Prefix Attributes for Extended IPv4 372 and IPv6 Reachability", RFC 7794, DOI 10.17487/RFC7794, 373 March 2016, . 375 [RFC7981] Ginsberg, L., Previdi, S., and M. Chen, "IS-IS Extensions 376 for Advertising Router Information", RFC 7981, 377 DOI 10.17487/RFC7981, October 2016, 378 . 380 Authors' Addresses 382 Aijun Wang 383 China Telecom 384 Beiqijia Town, Changping District 385 Beijing 102209 386 China 388 Email: wangaj3@chinatelecom.cn 390 Gyan Mishra 391 Verizon Inc. 393 Email: gyan.s.mishra@verizon.com 395 Zhibo Hu 396 Huawei Technologies 397 Huawei Bld., No.156 Beiqing Rd. 398 Beijing 100095 399 China 401 Email: huzhibo@huawei.com 403 Yaqun Xiao 404 Huawei Technologies 405 Huawei Bld., No.156 Beiqing Rd. 406 Beijing 100095 407 China 409 Email: xiaoyaqun@huawei.com