| Internet-Draft | BFD Stability | January 2024 |
| Mishra, et al. | Expires 25 July 2024 | [Page] |
This document describes extensions to the Bidirectional Forwarding Detection (BFD) protocol to measure BFD stability. Specifically, it describes a mechanism for detection of BFD packet loss.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 25 July 2024.¶
Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
The Bidirectional Forwarding Detection ( BFD) [RFC5880] protocol operates by transmitting and receiving BFD control packets, generally at high frequency, over the datapath being monitored. In order to prevent significant data loss due to a datapath failure, BFD session detection time as defined in BFD [RFC5880] is set to the smallest feasible value.¶
This document proposes a mechanism to detect lost packets in a BFD session in addition to the datapath fault detection mechanisms of BFD. Such a mechanism presents significant value to measure the stability of BFD sessions and provides data to the operators for the cause of a BFD failure.¶
This document does not propose any BFD extension to measure data traffic loss or delay on a link or tunnel and the scope is limited to BFD packets.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119] and RFC 8174 [RFC8174].¶
The reader is expected to be familiar with the BFD [RFC5880], Optimizing BFD Authentication [I-D.ietf-bfd-optimizing-authentication] and BFD Secure Sequence Numbers [I-D.ietf-bfd-secure-sequence-numbers].¶
Bidirectional Forwarding Detection as defined in BFD [RFC5880] cannot detect any BFD packet loss if the loss does not last for detection time. This document proposes a method to detect a dropped packet on the receiver. For example, if the receiver receives BFD control packet k at time t but receives packet k+3 at time t+10ms, and never receives packet k+1 and/or k+2, then it has experienced a drop.¶
This proposal enables BFD implementations to generate diagnostic information on the health of each BFD session that could be used to preempt a failure on a datapath that BFD was monitoring by allowing time for a corrective action to be taken.¶
In a faulty datapath scenario, an operator can use BFD health information to trigger delay and loss measurement OAM protocol (Connectivity Fault Management (CFM) or Loss Measurement (LM)-Delay Measurement (DM)) to further isolate the issue.¶
The functionality proposed for BFD stability measurement is achieved by appending an authentication section with the NULL Authentication type (as defined in Optimizing BFD Authentication [I-D.ietf-bfd-optimizing-authentication] ) to the BFD control packets that do not have authentication enabled.¶
This mechanism allows operators to measure the loss of BFD control packets.¶
When using MD5 or SHA authentication, BFD uses an authentication section that carries the Sequence Number. However, if non-meticulous authentication is being used, or no authentication is in use, then the non-authenticated BFD control packets MUST include an authentication section with the NULL Authentication type.¶
Loss measurement counts the number of BFD control packets missed at the receiver during any Detection Time period. The loss is detected by comparing the Sequence Number field in the Auth TLV (NULL or otherwise) in successive BFD control packets. The Sequence Number in each successive control packet generated on a BFD session by the transmitter is incremented by one. This loss count can then be exposed using the YANG module defined in the subsequent section.¶
The first BFD authentication section with a non-zero sequence number, in a valid BFD control packet, processed by the receiver is used for bootstrapping the logic. When using secure sequence numbers, if the expected values are pre-calculated, the value must be matched to detect lost packets as defined in BFD secure sequence numbers [I-D.ietf-bfd-secure-sequence-numbers].¶
This YANG module augments the "ietf-bfd" module to add the loss count to the per-session or lsp for BFD packets that are lost.¶
module: ietf-bfd-stability
augment /rt:routing/rt:control-plane-protocols
/rt:control-plane-protocol/bfd:bfd/bfd-ip-sh:ip-sh
/bfd-ip-sh:sessions/bfd-ip-sh:session
/bfd-ip-sh:session-statistics:
+--ro lost-packet-count? yang:counter32
augment /rt:routing/rt:control-plane-protocols
/rt:control-plane-protocol/bfd:bfd/bfd-ip-mh:ip-mh
/bfd-ip-mh:session-groups/bfd-ip-mh:session-group
/bfd-ip-mh:sessions/bfd-ip-mh:session-statistics:
+--ro lost-packet-count? yang:counter32
augment /rt:routing/rt:control-plane-protocols
/rt:control-plane-protocol/bfd:bfd/bfd-lag:lag
/bfd-lag:sessions/bfd-lag:session/bfd-lag:member-links
/bfd-lag:micro-bfd-ipv4/bfd-lag:session-statistics:
+--ro lost-packet-count? yang:counter32
augment /rt:routing/rt:control-plane-protocols
/rt:control-plane-protocol/bfd:bfd/bfd-lag:lag
/bfd-lag:sessions/bfd-lag:session/bfd-lag:member-links
/bfd-lag:micro-bfd-ipv6/bfd-lag:session-statistics:
+--ro lost-packet-count? yang:counter32
augment /rt:routing/rt:control-plane-protocols
/rt:control-plane-protocol/bfd:bfd/bfd-mpls:mpls
/bfd-mpls:session-groups/bfd-mpls:session-group
/bfd-mpls:sessions/bfd-mpls:session-statistics:
+--ro lost-packet-count? yang:counter32
¶
This YANG module imports Common YANG Types [RFC6991], A YANG Data Model for Routing [RFC8349], and YANG Data Model for Bidirectional Forwading Detection (BFD) [RFC9314].¶
<CODE BEGINS> file "ietf-bfd-stability@2024-01-23.yang"
module ietf-bfd-stability {
yang-version 1.1;
namespace "urn:ietf:params:xml:ns:yang:ietf-bfd-stability";
prefix "bfds";
import ietf-yang-types {
prefix "yang";
reference
"RFC 6991: Common YANG Data Types";
}
import ietf-routing {
prefix "rt";
reference
"RFC 8349: A YANG Data Model for Routing Management
(NMDA version)";
}
import ietf-bfd {
prefix bfd;
reference
"RFC 9314: YANG Data Model for Bidirectional
Forwarding Detection.";
}
import ietf-bfd-ip-sh {
prefix bfd-ip-sh;
reference
"RFC 9314: YANG Data Model for Bidirectional
Forwarding Detection.";
}
import ietf-bfd-ip-mh {
prefix bfd-ip-mh;
reference
"RFC 9314: YANG Data Model for Bidirectional
Forwarding Detection.";
}
import ietf-bfd-lag {
prefix bfd-lag;
reference
"RFC 9314: YANG Data Model for Bidirectional
Forwarding Detection.";
}
import ietf-bfd-mpls {
prefix bfd-mpls;
reference
"RFC 9314: YANG Data Model for Bidirectional
Forwarding Detection.";
}
organization
"IETF BFD Working Group";
contact
"WG Web: <http://tools.ietf.org/wg/bfd>
WG List: <bfd@ietf.org>
Authors: Mahesh Jethanandani (mjethanandani@gmail.com)
Ashesh Mishra (mishra.ashesh@gmail.com)
Ankur Saxena (ankurpsaxena@gmail.com)
Santosh Pallagatti (santosh.pallagati@gmail.com)
Mach Chen (mach.chen@huawei.com)
Peng Fan (fanp08@gmail.com).";
description
"This YANG module augments the base BFD YANG model to add
attributes related to BFD Stability. In particular it adds a
a per session count for BFD packets that are lost.
Copyright (c) 2024 IETF Trust and the persons identified as
authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with or
without modification, is permitted pursuant to, and subject to
the license terms contained in, the Revised BSD License set
forth in Section 4.c of the IETF Trust's Legal Provisions
Relating to IETF Documents
(https://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC XXXX
(https://www.rfc-editor.org/info/rfcXXXX); see the RFC itself
for full legal notices.
The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL
NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED',
'MAY', and 'OPTIONAL' in this document are to be interpreted as
described in BCP 14 (RFC 2119) (RFC 8174) when, and only when,
they appear in all capitals, as shown here.";
revision "2024-01-23" {
description
"Initial Version.";
reference
"RFC XXXX, BFD Stability.";
}
augment "/rt:routing/rt:control-plane-protocols/" +
"rt:control-plane-protocol/bfd:bfd/bfd-ip-sh:ip-sh/" +
"bfd-ip-sh:sessions/bfd-ip-sh:session/" +
"bfd-ip-sh:session-statistics" {
leaf lost-packet-count {
type yang:counter32;
description
"Number of BFD packets that were lost without bringing the
session down.";
}
description
"Augment the 'bfd' container to add attributes related to BFD
stability.";
}
augment "/rt:routing/rt:control-plane-protocols/" +
"rt:control-plane-protocol/bfd:bfd/bfd-ip-mh:ip-mh/" +
"bfd-ip-mh:session-groups/bfd-ip-mh:session-group/" +
"bfd-ip-mh:sessions/bfd-ip-mh:session-statistics" {
leaf lost-packet-count {
type yang:counter32;
description
"Number of BFD packets that were lost without bringing the
session down.";
}
description
"Augment the 'bfd' container to add attributes related to BFD
stability.";
}
augment "/rt:routing/rt:control-plane-protocols/" +
"rt:control-plane-protocol/bfd:bfd/bfd-lag:lag/" +
"bfd-lag:sessions/bfd-lag:session/bfd-lag:member-links/" +
"bfd-lag:micro-bfd-ipv4/bfd-lag:session-statistics" {
leaf lost-packet-count {
type yang:counter32;
description
"Number of BFD packets that were lost without bringing the
session down.";
}
description
"Augment the 'bfd' container to add attributes related to BFD
stability.";
}
augment "/rt:routing/rt:control-plane-protocols/" +
"rt:control-plane-protocol/bfd:bfd/bfd-lag:lag/" +
"bfd-lag:sessions/bfd-lag:session/bfd-lag:member-links/" +
"bfd-lag:micro-bfd-ipv6/bfd-lag:session-statistics" {
leaf lost-packet-count {
type yang:counter32;
description
"Number of BFD packets that were lost without bringing the
session down.";
}
description
"Augment the 'bfd' container to add attributes related to BFD
stability.";
}
augment "/rt:routing/rt:control-plane-protocols/" +
"rt:control-plane-protocol/bfd:bfd/bfd-mpls:mpls/" +
"bfd-mpls:session-groups/bfd-mpls:session-group/" +
"bfd-mpls:sessions/bfd-mpls:session-statistics" {
leaf lost-packet-count {
type yang:counter32;
description
"Number of BFD packets that were lost without bringing the
session down.";
}
description
"Augment the 'bfd' container to add attributes related to BFD
stability.";
}
}
<CODE ENDS>¶
This document registers one URIs in the "ns" subregistry of the "IETF XML" registry [RFC3688]. Following the format in [RFC3688], the following registration is requested:¶
URI: urn:ietf:params:xml:ns:yang:ietf-bfd-stability Registrant Contact: The IESG XML: N/A, the requested URI is an XML namespace.¶
This document registers one YANG modules in the "YANG Module Names" registry [RFC6020]. Following the format in [RFC6020], the following registrations are requested:¶
name: ietf-bfd-stability namespace: urn:ietf:params:xml:ns:yang:ietf-bfd-stability prefix: bfds reference: RFC XXXX¶
The YANG module specified in this document defines a schema for data that is designed to be accessed via network management protocols such as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer is the secure transport layer, and the mandatory-to-implement secure transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer is HTTPS, and the mandatory-to-implement secure transport is TLS [RFC8446]. The NETCONF Access Control Model (NACM) [RFC8341] provides the means to restrict access for particular NETCONF or RESTCONF users to a preconfigured subset of all available NETCONF or RESTCONF protocol operations and content.¶
The YANG module does not define any writeable/creatable/deletable data nodes.¶
The only readable data nodes in YANG module may be considered sensitive or vulnerable in some network environments. It is thus important to control read access (e.g., via get, get-config, or notification) to these data nodes. The model does not define any readable subtrees and data nodes.¶
The YANG module does not define any RPC operations.¶
Manav Bhatia¶
Authors would like to thank Nobo Akiya, Jeffery Haas, Dileep Singh, Basil Saji, Sagar Soni, Albert Fu and Mallik Mudigonda who also contributed to this document.¶