Re: [GROW] GROW, draft-lucente-grow-bmp-rel - BMP warning and upper bound event reason codes
Ahmed.Elhassany@swisscom.com Fri, 12 January 2024 13:40 UTC
Return-Path: <Ahmed.Elhassany@swisscom.com>
X-Original-To: grow@ietfa.amsl.com
Delivered-To: grow@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 62D45C14F691 for <grow@ietfa.amsl.com>; Fri, 12 Jan 2024 05:40:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.407
X-Spam-Level:
X-Spam-Status: No, score=-4.407 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=swisscom.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Dw8Z1s7r0ytD for <grow@ietfa.amsl.com>; Fri, 12 Jan 2024 05:40:24 -0800 (PST)
Received: from mail.swisscom.com (mailout110.swisscom.com [138.188.166.110]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EF3C6C14F616 for <grow@ietf.org>; Fri, 12 Jan 2024 05:40:22 -0800 (PST)
Received: by mail.swisscom.com; Fri, 12 Jan 2024 14:40:17 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=swisscom.com; s=iscm; t=1705066818; bh=3l7dMIkTS/4PYdwTCgmSWjGjwAZrhBT+5mn7X/fUsMg=; h=From:To:CC:Subject:Date:References:In-Reply-To; b=YGenT/hSnOok+TWwxdwmqXrOjUg25g38NT9rOEcCgHnhvF0tyzecWVfsgADtnE5Lh Ns7hcG7PN/6yX87XWuIjvPbH2mDxjHBBoCbd/k4VrHX0q8Xfit+3TtL0+ffqasVXNZ mKDvZVCmsNbj+UMFfRX4rGLG9fR3mLhiHBYFwiQUnlmSRkVsd4WZ0eblyIutGgKhji fif1LbXGeW36JfQuGOjxk0K9G5nh9aBLf4PS5TxUh9SPZMoN6OwtSjABztwJOZQWvl /KBZ98XrzePC4A8qRIsbKtLLnyozCZjHS2KrbN2f4u497RNFf6yBwHSAH5zRdC7biI W2uHME7/BRPDA==
From: Ahmed.Elhassany@swisscom.com
To: paolo@ntt.net, Thomas.Graf@swisscom.com, grow@ietf.org, camilo.cardona@global.ntt
CC: nmrg@ietf.org
Thread-Topic: [GROW] GROW, draft-lucente-grow-bmp-rel - BMP warning and upper bound event reason codes
Thread-Index: AQHaRBSUf6zLHstEc0S8FsRN0ZQeWLDWMZWA
Date: Fri, 12 Jan 2024 13:40:15 +0000
Message-ID: <5F76D327-208A-412A-A4AF-1885BC4A255C@swisscom.com>
References: <cf9da9aa79e642c793b9de37519cb4aa@swisscom.com> <171ee42b-09d1-4690-9aff-4a6efcbd4295@ntt.net>
In-Reply-To: <171ee42b-09d1-4690-9aff-4a6efcbd4295@ntt.net>
Accept-Language: en-US, de-CH
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_2e1fccfb-80ca-4fe1-a574-1516544edb53_Enabled=true; MSIP_Label_2e1fccfb-80ca-4fe1-a574-1516544edb53_Name=C2 General; MSIP_Label_2e1fccfb-80ca-4fe1-a574-1516544edb53_ActionId=e53342f1-c13f-4d09-b735-d1b2f5ab8108; MSIP_Label_2e1fccfb-80ca-4fe1-a574-1516544edb53_Enabled=true; MSIP_Label_2e1fccfb-80ca-4fe1-a574-1516544edb53_SiteId=364e5b87-c1c7-420d-9bee-c35d19b557a1; MSIP_Label_2e1fccfb-80ca-4fe1-a574-1516544edb53_ContentBits=0; MSIP_Label_2e1fccfb-80ca-4fe1-a574-1516544edb53_Method=Standard; MSIP_Label_2e1fccfb-80ca-4fe1-a574-1516544edb53_SetDate=2024-01-12T13:37:29Z;
user-agent: Microsoft-MacOutlook/16.80.23121017
x-originating-ip: [10.45.8.254]
Content-Type: text/plain; charset="utf-8"
Content-ID: <F64282782537414698387FC932461ACD@swisscom.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/grow/Pmt5tf9vyw2av_ULnXJcbuimWuM>
Subject: Re: [GROW] GROW, draft-lucente-grow-bmp-rel - BMP warning and upper bound event reason codes
X-BeenThere: grow@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Grow Working Group Mailing List <grow.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/grow>, <mailto:grow-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/grow/>
List-Post: <mailto:grow@ietf.org>
List-Help: <mailto:grow-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/grow>, <mailto:grow-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Jan 2024 13:40:28 -0000
Hello all, I second Thomas Graf, these are important metrics to monitor. However, I would approach it slightly differently: - Max configured number of prefixes for AFI/SAFI - Current used number of prefixes for AFI/SAFI. - Absolute max or Hardware max (if applicable) for AFI/SAFI. And would avoid sending percentages, to avoid nasty floating points being sent in the wire protocol. Best, -Ahmed On 10.01.2024, 23:30, "GROW on behalf of Paolo Lucente" <grow-bounces@ietf.org <mailto:grow-bounces@ietf.org> on behalf of paolo@ntt.net <mailto:paolo@ntt.net>> wrote: Be aware: This is an external email. Hi Thomas, Thanks for your comment. I see your need for these reason codes and i will include them in the next revision of the draft -- the more event-driven use-cases for REL, the better. As i may have said before, I also like that counters make it to the Stats message as i regard Stats and REL highly complementary in that regard, one provides the summary, the other optionally provides the details. Paolo On 6/1/24 13:04, Thomas.Graf@swisscom.com <mailto:Thomas.Graf@swisscom.com> wrote: > Dear Paolo and Camilo, > > I have a comment on Section 3.3.1 of draft draft-lucente-grow-bmp-rel > (https://datatracker.ietf.org/doc/html/draft-lucente-grow-bmp-rel-03#section-3.3.1 <https://datatracker.ietf.org/doc/html/draft-lucente-grow-bmp-rel-03#section-3.3.1> <https://datatracker.ietf.org/doc/html/draft-lucente-grow-bmp-rel-03#section-3.3.1> <https://datatracker.ietf.org/doc/html/draft-lucente-grow-bmp-rel-03#section-3.3.1>>). Please consider to add two additional event reason codes as described below. > > As described in my previous post to the > draft-msri-grow-bmp-bgp-rib-stats authors. > > A BGP speaker may have an prefix count upper bound as described in > Section 6.7 of RFC 4271 > (https://datatracker.ietf.org/doc/html/rfc4271#section-6.7 <https://datatracker.ietf.org/doc/html/rfc4271#section-6.7> > <https://datatracker.ietf.org/doc/html/rfc4271#section-6.7> <https://datatracker.ietf.org/doc/html/rfc4271#section-6.7>>) configured. > When this upper bound is being reached, the BGP peer will be temporarely > be teared down and a BGP NOTIFICATION message with reason subcode as > described in Section 3 of RFC 4486 > (https://datatracker.ietf.org/doc/html/rfc4486#section-3 <https://datatracker.ietf.org/doc/html/rfc4486#section-3> > <https://datatracker.ietf.org/doc/html/rfc4486#section-3> <https://datatracker.ietf.org/doc/html/rfc4486#section-3>>) is being > encapsulated in the BMP peer_down message with reason code 1 as > described in Section 4.9 of RFC 7854 > (https://datatracker.ietf.org/doc/html/rfc7854#section-4.9 <https://datatracker.ietf.org/doc/html/rfc7854#section-4.9> > <https://datatracker.ietf.org/doc/html/rfc7854#section-4.9> <https://datatracker.ietf.org/doc/html/rfc7854#section-4.9>>). > > However that the network operator is being notified when the upper bound > is being reached is not sufficient, the network operator also wants to > monitor the capacity, how many prefixes left until the upper bound is > being reached. > > I suggest therefore to add an additional BMP stats counter in > draft-msri-grow-bmp-bgp-rib-stats describing > > - how many prefixes until upper bound is being reached > > - how much percentage of the defined bound is currently being used > > The network operator usually has the possibility to chose between taking > the peer down when the upper bound is being reached, or filter the paths > above the configured upper bound. > > I suggest therefore to add two event reason codes in > draft-lucente-grow-bmp-rel describing > > - Crossed warning bound, path not being dropped > > - Crossed upper bound, path being dropped > > These two reasons codes enables the network operator to perform root > cause analysis. Its not only enough to monitor proactively the capacity > of the peer and being notified with the right reason code and upper > bound value in the BGP notification message when peer is being > proactively being taken down. The network operator also wants to > understand who caused the crossing of the warning and upper bound. The > who translates to paths being exported by BMP route-monitoring sharing > the following BGP attributes: > > * BGP origin > (https://datatracker.ietf.org/doc/html/rfc4271#section-5.1.1 <https://datatracker.ietf.org/doc/html/rfc4271#section-5.1.1> > <https://datatracker.ietf.org/doc/html/rfc4271#section-5.1.1> <https://datatracker.ietf.org/doc/html/rfc4271#section-5.1.1>>) > * BGP AS Path > (https://datatracker.ietf.org/doc/html/rfc4271#section-5.1.2 <https://datatracker.ietf.org/doc/html/rfc4271#section-5.1.2> > <https://datatracker.ietf.org/doc/html/rfc4271#section-5.1.2> <https://datatracker.ietf.org/doc/html/rfc4271#section-5.1.2>>) > * BGP next-hop > (https://datatracker.ietf.org/doc/html/rfc4271#section-5.1.3 <https://datatracker.ietf.org/doc/html/rfc4271#section-5.1.3> > <https://datatracker.ietf.org/doc/html/rfc4271#section-5.1.3> <https://datatracker.ietf.org/doc/html/rfc4271#section-5.1.3>>) > > I hope that makes sense. Feedback and comments welcome. > > I will also augment the control plane a list of common symptoms in > Semantic Metadata Annotation for Network Anomaly Detection > (https://datatracker.ietf.org/doc/html/draft-netana-opsawg-nmrg-network-anomaly-semantics-01#symptom_control_plane_actions_table <https://datatracker.ietf.org/doc/html/draft-netana-opsawg-nmrg-network-anomaly-semantics-01#symptom_control_plane_actions_table> <https://datatracker.ietf.org/doc/html/draft-netana-opsawg-nmrg-network-anomaly-semantics-01#symptom_control_plane_actions_table> <https://datatracker.ietf.org/doc/html/draft-netana-opsawg-nmrg-network-anomaly-semantics-01#symptom_control_plane_actions_table>>) where we start defining an informational module for network symptoms for network anomaly detection describing network action, reason, cause. Was presented at NMRG and IEPG at IETF 118. https://datatracker.ietf.org/meeting/118/materials/slides-118-nmrg-semantic-metadata-annotation-for-network-anomaly-detection-01.pdf <https://datatracker.ietf.org/meeting/118/materials/slides-118-nmrg-semantic-metadata-annotation-for-network-anomaly-detection-01.pdf> <https://datatracker.ietf.org/meeting/118/materials/slides-118-nmrg-semantic-metadata-annotation-for-network-anomaly-detection-01.pdf> <https://datatracker.ietf.org/meeting/118/materials/slides-118-nmrg-semantic-metadata-annotation-for-network-anomaly-detection-01.pdf>> > > Best wishes > > Thomas > > > _______________________________________________ > GROW mailing list > GROW@ietf.org <mailto:GROW@ietf.org> > https://www.ietf.org/mailman/listinfo/grow <https://www.ietf.org/mailman/listinfo/grow> _______________________________________________ GROW mailing list GROW@ietf.org <mailto:GROW@ietf.org> https://www.ietf.org/mailman/listinfo/grow <https://www.ietf.org/mailman/listinfo/grow>
- [GROW] GROW, draft-lucente-grow-bmp-rel - BMP war… Thomas.Graf
- Re: [GROW] GROW, draft-lucente-grow-bmp-rel - BMP… Paolo Lucente
- Re: [GROW] GROW, draft-lucente-grow-bmp-rel - BMP… Ahmed.Elhassany