| Internet-Draft | BGP Forwarding Route Reflector | February 2024 |
| Vairavakkalai & Venkataraman | Expires 19 August 2024 | [Page] |
The procedures in BGP Route Reflection (RR) spec [RFC4456] primarily deal with scenarios where the RR is not in forwarding path, and is reflecting BGP routes with next hop unchanged.¶
These procedures can sometimes result in traffic forwarding loops in deployments where the RR is in forwarding path, and is reflecting BGP routes with next hop set to self.¶
This document specifies approaches to minimize possiblity of such traffic forwarding loops. One of those approaches updates path selection procedures specified in Section 9 of BGP RR. [RFC4456]¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 RFC 2119 [RFC2119] RFC 8174 [RFC8174] when, and only when, they appear in all capitals, as shown here.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 19 August 2024.¶
Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
The procedures in BGP Route Reflection (RR) spec [RFC4456] primarily deal with scenarios where the RR is not in forwarding path, and is reflecting BGP routes with next hop unchanged.¶
These procedures can sometimes result in traffic forwarding loops in deployments where the RR is in forwarding path, and is reflecting BGP routes with next hop set to self.¶
This document specifies approaches to minimize possiblity of such traffic forwarding loops. One of those approaches updates path selection procedures specified in Section 9 of BGP RR. [RFC4456]¶
AS: Autonomous System¶
NLRI: Network Layer Reachability Information¶
AFI: Address Family Identifier¶
SAFI: Subsequent Address Family Identifier¶
SN: Service Node¶
BN: Border Node¶
PE: Provider Edge¶
EP: Endpoint, e.g. a loopback address in the network¶
MPLS: Multi Protocol Label Switching¶
[RR26] [RR27] [RR16]
| | |
| | |
|+-[ABR23]--+|+--[ASBR21]---[ASBR13]-+|+--[PE11]--+
|| ||| ` / ||| |
[CE41]--[PE25]--[P28] [P29] `/ [P15] [CE31]
| | | /` | | |
| | | / ` | | |
| | | / ` | | |
+--[ABR24]--+ +--[ASBR22]---[ASBR14]-+ +--[PE12]--+
| AS2 | AS2 | |
AS4 + region-1 + region-2 + AS1 + AS3
| | | |
203.0.113.41 ------------ Traffic Direction ----------> 203.0.113.31
A pair of redundant ABRs (ABR23, ABR24 in Figure 1), each acting as an RR with next hop self, may choose each other as best path towards egress PE11, instead of the upstream ASBR (ASBR21 or ASBR22), causing a traffic forwarding loop.¶
This happens because of following the path selection rule specified in Section 9 of BGP RR [RFC4456] that tie-breaks on ORIGINATOR_ID before CLUSTER_LIST. RFC4456 considers pure RR functionality which is not in forwarding path. When a RR is in forwarding path and reflects routes with next hop self, as is the case for ABR BNs in a BGP transport network, this rule may cause loops.¶
This problem can happen for routes of any BGP address family, including BGP LU (1/4 or 2/4) and BGP CT (AFI/SAFIs: 1/76 or 2/76).¶
Using one or more of the following approaches softens the possibility of such loops in a network with redundant ABRs.¶
Implementations SHOULD provide a way to alter the tie-breaking rule specified in Section 9 of BGP RR [RFC4456] so as to tie-break on CLUSTER_LIST step before ORIGINATOR_ID step, when performing path selection for BGP routes.¶
This document suggests the following modification to the BGP Decision Process Tie Breaking rules (Section 9.1.2.2 of [RFC4271]) that can be applied to path selection of BGP routes:¶
The following rule SHOULD be inserted between Steps e) and f): a BGP Speaker SHOULD prefer a route with the shorter CLUSTER_LIST length. The CLUSTER_LIST length is zero if a route does not carry the CLUSTER_LIST attribute.¶
Taking into account some other deployment considerations can also help in avoiding this problem, e.g.,:¶
IGP metric should be assigned such that "ABR to redundant ABR" cost is inferior to "ABR to upstream ASBR" cost.¶
Using procedures described in [BGP-CT] , tunnels belonging to non 'best effort' Transport Classes SHOULD NOT be provisioned between ABRs. This will ensure that the BGP CT route received from an ABR with next hop self will not be usable at a redundant ABR.¶
This document makes no new requests of IANA.¶
This document does not change the underlying security issues inherent in the existing BGP protocol, such as those described in [RFC4271], [RFC4272] and [RFC4456].¶
The content in this document was introduced as part of [BGP-CT]. But because the described problem is not specific to BGP CT and is useful for other BGP families also, it is being extracted out to this separate document.¶
The authors thank Jeff Haas, John Scudder, Susan Hares, Dongjie (Jimmy), Moses Nagarajah, Jeffrey (Zhaohui) Zhang, Joel Harpern, Jingrong Xie, Mohamed Boucadair, Greg Skinner, Simon Leinen, Navaneetha Krishnan, Ravi M R, Chandrasekar Ramachandran, Shradha Hegde, Colby Barth, Vishnu Pavan Beeram, Sunil Malali, William J Britto, R Shilpa, Ashish Kumar (FE), Sunil Kumar Rawat, Abhishek Chakraborty, Richard Roberts, Krzysztof Szarkowicz, John E Drake, Srihari Sangli, Jim Uttaro, Luay Jalil, Keyur Patel, Ketan Talaulikar, Dhananjaya Rao, Swadesh Agarwal, Robert Raszuk, Ahmed Darwish, Aravind Srinivas Srinivasa Prabhakar, Moshiko Nayman, Chris Tripp, Gyan Mishra, Vijay Kestur, Santosh Kolenchery for all the valuable discussions, constructive criticisms, and review comments.¶
The decision to not reuse SAFI 128 and create a new address-family to carry these transport-routes was based on suggestion made by Richard Roberts and Krzysztof Szarkowicz.¶