Re: [GROW] GROW, draft-lucente-grow-bmp-rel - BMP warning and upper bound event reason codes
Paolo Lucente <paolo@ntt.net> Wed, 10 January 2024 22:29 UTC
Return-Path: <paolo@ntt.net>
X-Original-To: grow@ietfa.amsl.com
Delivered-To: grow@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 898C3C14F5FF for <grow@ietfa.amsl.com>; Wed, 10 Jan 2024 14:29:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.906
X-Spam-Level:
X-Spam-Status: No, score=-1.906 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JS3C1BFmPL_q for <grow@ietfa.amsl.com>; Wed, 10 Jan 2024 14:29:56 -0800 (PST)
Received: from mail4.dllstx09.us.to.gin.ntt.net (mail.gin.ntt.net [IPv6:2001:418:3ff:5::192:26]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9DE77C14F5F5 for <grow@ietf.org>; Wed, 10 Jan 2024 14:29:56 -0800 (PST)
Received: from [IPV6:2001:418:1401:10::1028] (unknown [IPv6:2001:418:1401:10::1028]) by mail4.dllstx09.us.to.gin.ntt.net (Postfix) with ESMTPSA id 707D3EE0110; Wed, 10 Jan 2024 22:29:54 +0000 (UTC)
Message-ID: <171ee42b-09d1-4690-9aff-4a6efcbd4295@ntt.net>
Date: Wed, 10 Jan 2024 23:29:52 +0100
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
From: Paolo Lucente <paolo@ntt.net>
To: Thomas.Graf@swisscom.com, grow@ietf.org, camilo.cardona@global.ntt
Cc: nmrg@ietf.org
References: <cf9da9aa79e642c793b9de37519cb4aa@swisscom.com>
Content-Language: en-US
In-Reply-To: <cf9da9aa79e642c793b9de37519cb4aa@swisscom.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/grow/xHs7Cmc7cLmoEJbGghC9oGDskKk>
Subject: Re: [GROW] GROW, draft-lucente-grow-bmp-rel - BMP warning and upper bound event reason codes
X-BeenThere: grow@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Grow Working Group Mailing List <grow.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/grow>, <mailto:grow-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/grow/>
List-Post: <mailto:grow@ietf.org>
List-Help: <mailto:grow-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/grow>, <mailto:grow-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Jan 2024 22:29:57 -0000
Hi Thomas, Thanks for your comment. I see your need for these reason codes and i will include them in the next revision of the draft -- the more event-driven use-cases for REL, the better. As i may have said before, I also like that counters make it to the Stats message as i regard Stats and REL highly complementary in that regard, one provides the summary, the other optionally provides the details. Paolo On 6/1/24 13:04, Thomas.Graf@swisscom.com wrote: > Dear Paolo and Camilo, > > I have a comment on Section 3.3.1 of draft draft-lucente-grow-bmp-rel > (https://datatracker.ietf.org/doc/html/draft-lucente-grow-bmp-rel-03#section-3.3.1 <https://datatracker.ietf.org/doc/html/draft-lucente-grow-bmp-rel-03#section-3.3.1>). Please consider to add two additional event reason codes as described below. > > As described in my previous post to the > draft-msri-grow-bmp-bgp-rib-stats authors. > > A BGP speaker may have an prefix count upper bound as described in > Section 6.7 of RFC 4271 > (https://datatracker.ietf.org/doc/html/rfc4271#section-6.7 > <https://datatracker.ietf.org/doc/html/rfc4271#section-6.7>) configured. > When this upper bound is being reached, the BGP peer will be temporarely > be teared down and a BGP NOTIFICATION message with reason subcode as > described in Section 3 of RFC 4486 > (https://datatracker.ietf.org/doc/html/rfc4486#section-3 > <https://datatracker.ietf.org/doc/html/rfc4486#section-3>) is being > encapsulated in the BMP peer_down message with reason code 1 as > described in Section 4.9 of RFC 7854 > (https://datatracker.ietf.org/doc/html/rfc7854#section-4.9 > <https://datatracker.ietf.org/doc/html/rfc7854#section-4.9>). > > However that the network operator is being notified when the upper bound > is being reached is not sufficient, the network operator also wants to > monitor the capacity, how many prefixes left until the upper bound is > being reached. > > I suggest therefore to add an additional BMP stats counter in > draft-msri-grow-bmp-bgp-rib-stats describing > > - how many prefixes until upper bound is being reached > > - how much percentage of the defined bound is currently being used > > The network operator usually has the possibility to chose between taking > the peer down when the upper bound is being reached, or filter the paths > above the configured upper bound. > > I suggest therefore to add two event reason codes in > draft-lucente-grow-bmp-rel describing > > - Crossed warning bound, path not being dropped > > - Crossed upper bound, path being dropped > > These two reasons codes enables the network operator to perform root > cause analysis. Its not only enough to monitor proactively the capacity > of the peer and being notified with the right reason code and upper > bound value in the BGP notification message when peer is being > proactively being taken down. The network operator also wants to > understand who caused the crossing of the warning and upper bound. The > who translates to paths being exported by BMP route-monitoring sharing > the following BGP attributes: > > * BGP origin > (https://datatracker.ietf.org/doc/html/rfc4271#section-5.1.1 > <https://datatracker.ietf.org/doc/html/rfc4271#section-5.1.1>) > * BGP AS Path > (https://datatracker.ietf.org/doc/html/rfc4271#section-5.1.2 > <https://datatracker.ietf.org/doc/html/rfc4271#section-5.1.2>) > * BGP next-hop > (https://datatracker.ietf.org/doc/html/rfc4271#section-5.1.3 > <https://datatracker.ietf.org/doc/html/rfc4271#section-5.1.3>) > > I hope that makes sense. Feedback and comments welcome. > > I will also augment the control plane a list of common symptoms in > Semantic Metadata Annotation for Network Anomaly Detection > (https://datatracker.ietf.org/doc/html/draft-netana-opsawg-nmrg-network-anomaly-semantics-01#symptom_control_plane_actions_table <https://datatracker.ietf.org/doc/html/draft-netana-opsawg-nmrg-network-anomaly-semantics-01#symptom_control_plane_actions_table>) where we start defining an informational module for network symptoms for network anomaly detection describing network action, reason, cause. Was presented at NMRG and IEPG at IETF 118. https://datatracker.ietf.org/meeting/118/materials/slides-118-nmrg-semantic-metadata-annotation-for-network-anomaly-detection-01.pdf <https://datatracker.ietf.org/meeting/118/materials/slides-118-nmrg-semantic-metadata-annotation-for-network-anomaly-detection-01.pdf> > > Best wishes > > Thomas > > > _______________________________________________ > GROW mailing list > GROW@ietf.org > https://www.ietf.org/mailman/listinfo/grow
- [GROW] GROW, draft-lucente-grow-bmp-rel - BMP war… Thomas.Graf
- Re: [GROW] GROW, draft-lucente-grow-bmp-rel - BMP… Paolo Lucente
- Re: [GROW] GROW, draft-lucente-grow-bmp-rel - BMP… Ahmed.Elhassany