IETF Logo Mail Archive

Re: [Idr] I-D Action: draft-ietf-idr-bgp-fwd-rr-02.txt

Robert Raszuk <robert@raszuk.net> Mon, 18 March 2024 19:35 UTC

Return-Path: <robert@raszuk.net>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1A709C1D5C4F for <idr@ietfa.amsl.com>; Mon, 18 Mar 2024 12:35:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.105
X-Spam-Level:
X-Spam-Status: No, score=-2.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=raszuk.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a5gww6S3aTSm for <idr@ietfa.amsl.com>; Mon, 18 Mar 2024 12:35:26 -0700 (PDT)
Received: from mail-ed1-x52b.google.com (mail-ed1-x52b.google.com [IPv6:2a00:1450:4864:20::52b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CC434C1D5C57 for <idr@ietf.org>; Mon, 18 Mar 2024 12:35:25 -0700 (PDT)
Received: by mail-ed1-x52b.google.com with SMTP id 4fb4d7f45d1cf-56b85146589so1147296a12.0 for <idr@ietf.org>; Mon, 18 Mar 2024 12:35:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=raszuk.net; s=google; t=1710790524; x=1711395324; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=w9sZtdmKoWMD2B+LOxdCOIMgpiYnYC5ahRQ+CygzGDw=; b=IxTQUp6+ohVI6FenJmNCuY4orriRTvV2YfK8fOdMdq6w/hKFD2fc1FdJ+8Blra0QL8 ng693cNvG0/hhbGZ0zqtpCd7MWbQpaB1UgWXAoFImheMKzTTSkHGK+hmgyXw/SuzQ6xu HLAvG5sGl+nRWUWSA+duPl679mbsszhG59eujeb2kdpo/3xY5hWrGHkcim4/TgUNBL+k EQOdGJP63CQMVpTdQfIdlz8w/a1oLTHUc0Cb5Y6sBq6gmctLthLxyO0oqMxOX4JnAL1x 9A960A8hc1Phq9urWcaK3QleXEq+QWhks1TUgPWAut1aU5O+F6QlAa1aR+nPJ04Aev5A AhcA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1710790524; x=1711395324; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=w9sZtdmKoWMD2B+LOxdCOIMgpiYnYC5ahRQ+CygzGDw=; b=L0gsfG4dGL4Mrc7W1NKpzR/EWDZJU+MxjLRo7iPfRdjGacOScbWjNGjA4iRx8PGmbp tnMufBHwffU2YGZ9EbzKDds55l7ofz/WeameyG2h38mI+UqYnE05u1dP2blT9LPX4yi4 wZh1XziCmzLWyk6GJH/g+MyO0E+/AeIBphxu+DnAv23fXG5Cpfu6Gyf4ekpMwbnvf7Lh PNpT0zNdBEn8mzUmVHfaQwcb+sLDh+EWdsPGq6lnP5yq7MexEF03EcEHqYwBin9vvpnM +rzKJyNHTMyse5Kxtm47F9Wc2Y0X9tjkIk9c/cRtYoaEbrfcCP7iDAOSJ8buoeVBIP6M xK9Q==
X-Forwarded-Encrypted: i=1; AJvYcCXh53IT6eited/KsgGWLYQtKdtzm/W3bj/oA/RJoarvYiwTIQg4OpeoEq547X6ThGe5mmhV4hQWf2PObv0=
X-Gm-Message-State: AOJu0YyumC7eGiOWfNjXV28VJopWo4Dvu+XBkD+C+qVK8rNcwuNitngG AWX7aQDrYBv20cPyA/D8UFOQqFj8ff8aqmCJiEyEK4pN9k7q/X/FjRSGe6psNcn7qWZ4J9DNzlk 3DQGaHVdyVH3qAYr6jnPwrO0+0zCGxt9ZU+XKvCQ0Ki+31qOL
X-Google-Smtp-Source: AGHT+IHtFGaI8kMtKo3OundlQvgO32/KNfOd5AI80AXWc+IMhbKtDXIF5DsleYKtwJi4/Hh3hMLPhzj6S7gUnckEalI=
X-Received: by 2002:a50:d7de:0:b0:568:c6d5:e13a with SMTP id m30-20020a50d7de000000b00568c6d5e13amr530503edj.15.1710790523806; Mon, 18 Mar 2024 12:35:23 -0700 (PDT)
MIME-Version: 1.0
References: <171065415177.59997.7631576612994148063@ietfa.amsl.com> <CAOj+MMEsp_UfuiHdc4U_Bv5o7xsYYK_RryusUZ88u+SH9xifSA@mail.gmail.com> <SJ0PR05MB86322B34D635E7F221C04C0FA22D2@SJ0PR05MB8632.namprd05.prod.outlook.com> <CAEfhRrxDVi_Yw2wtTWiGzjw4pQ-8TF-48UCY5AUxMpKdrbexZw@mail.gmail.com> <CAOj+MMHNAz741WP9Pf2UCSOQRj6YepFh=Q4tzedmwBCm6e289g@mail.gmail.com> <CAEfhRryMW9nyWfnDQdi+R5g-nypg5ppwFy_Gdf71pRMFmZysHA@mail.gmail.com> <CAOj+MMF2-oqZ29hSBgaO+gzYXXyvCRgJ0m-zW2K7CWattCpgrQ@mail.gmail.com> <CAEfhRrw=acXDgVtzUEhqxZcOPYbJwT0Ha36k-ADgZaiy863erg@mail.gmail.com> <CAOj+MMGnup=Qg7+XiyXtCJe0a2csmdFVVLtJj_TmoA4yysbghw@mail.gmail.com> <CAEfhRrxFBay_pctO32G9S9kL8Ry_Y2Cx+rQEknN3D6qU9XG2+Q@mail.gmail.com> <CAOj+MMFDUtDzSVWRyH6U2arCUWsn-hNTA-+_RXxan_hPLS=AAQ@mail.gmail.com> <CAEfhRrwxXgTNR0hWd96WnAi_wOvUqCsQkN=5bvbqycgxqMCkeg@mail.gmail.com> <CAOj+MMEpvT4f3W238RPr2bULuwyqTn0jwg6xRf01dLYp6H_6hg@mail.gmail.com> <CAEfhRrz+6ZP6DMgUj-MOwkGQDwj_Z-q0NUAo6VR2-V9fjk7KAw@mail.gmail.com> <CAOj+MMFmY4LrUc=-Nb+rgOQywcTAQ3JZKA071hsHc9SEo=dM9g@mail.gmail.com> <CAEfhRrzb5GsFX_AQ4dY9+2azVbNRvNZDQda3g_rMRPmj_no1tw@mail.gmail.com>
In-Reply-To: <CAEfhRrzb5GsFX_AQ4dY9+2azVbNRvNZDQda3g_rMRPmj_no1tw@mail.gmail.com>
From: Robert Raszuk <robert@raszuk.net>
Date: Mon, 18 Mar 2024 20:35:13 +0100
Message-ID: <CAOj+MMGYTYH3zJ-BcM32PYstBBCkV5Hv_t=EZWaxYi7B4sJnHQ@mail.gmail.com>
To: Igor Malyushkin <gmalyushkin@gmail.com>
Cc: Kaliraj Vairavakkalai <kaliraj=40juniper.net@dmarc.ietf.org>, "idr@ietf. org" <idr@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000007506d90613f4751d"
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/0rOkVVVTGKtiSsHmCpDMEC6s6Fo>
Subject: Re: [Idr] I-D Action: draft-ietf-idr-bgp-fwd-rr-02.txt
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Mar 2024 19:35:30 -0000

Igor,

To hopefully put a final note here please observe that in well designed
network each ABRs will be receiving at least two paths with different next
hops. In the discussed case those will be coming via RR27 from ASBR21 and
ASBR22.

So when you lose such next hop from region-2 you:

a) have already another path via different ASBR

b) it is highly likely that any of the region-2 ASBRs going down will go
down from both ABRs in the same time.

IMO creating repair between ABRs is unnecessary. Keep in mind that NH
metric to any remote ASBRs (via any path in region-2) MUST be lower then
metric to peer ABR's next hop. This means that any local protection will
use paths from region-2 not such ABR to ABR link.

Thx a lot,
R.



On Mon, Mar 18, 2024 at 5:34 PM Igor Malyushkin <gmalyushkin@gmail.com>
wrote:

>
>
> пн, 18 мар. 2024 г. в 20:11, Robert Raszuk <robert@raszuk.net>:
>
>> Hi Igor,
>>
>>
>>> This is crucial to my point. The local "repair" action is really not a
>>>> repair. When you loose your sessions on primary ABR1 to region-2, or you
>>>> get withdraws etc ...) you need to re-run local (on said ABR1) best path as
>>>> there is no other trigger to simply activate bulk switchover in data plane
>>>> to suddenly go to ABR2. This is the key.
>>>>
>>> [IM] I see at least three such triggers.
>>>
>>
>> Ahhh see the crux of the matter is that none of those listed below is
>> applicable to support bulk data plane switchover to back ABR :(
>>
> [IM] Generally, all infrastructure routes have several possible next-hop
> addresses. We monitor the availability of the next hops (and LSPs to them),
> not prefixes. So, the "bulkiness" here is about our reaction to a next-hop
> failure. This next-hop is a part of many NHFLEs. But modern gear has lots
> of optimizations with pointers and so on to make it almost instant.
>
>>
>> An outgoing Region2-faced interface failure.
>>>
>>
>> When you loose interface and ABR is (and should be) connected via at
>> least two interfaces to each region your IBGP sessions are intact.
>>
> [IM] Yes, and it is always a good option to have the second interface as a
> backup. But it is the same next-hop protection technique and another layer
> in the hierarchy (upper). Modern devices have several layers of next-hops
> and can react to different failures.
>
>>
>> And even if this is single interface and you invent new harmful knob to
>> invalidate IBGP sessions when interface X goes down (this is common
>> practice on directly connected EBGP sessions only) you still have zoo of
>> prefixes received over those IBGP sessions and each may have been
>> advertised with different label.
>>
>
>> So you still need to run full best path and pick new (now backup path) on
>> a per prefix basis and install one by one in RIB/FIB/LFIB.
>>
>
>>
>>> An IGP event in Region 2 with a remote ASBR failure.
>>>
>>
>> Ok you can invalidate a remote next hop. Sure. But that means as you have
>> observed already that each route may be incoming with different label so
>> you need prefix by prefix pick alternative label and install it in
>> RIB/FIB/LFIB locally.
>>
>  [IM] Actually, this is a parallel process, we can protect our labeled
> traffic during the calculation of new bests.
>
>>
>>
>>
>>> An RSVP event of underlying Region 2's LSP failure.
>>>
>>
>> Whow ... now we see a soft state protocol through into this mix.  And
>> when an RSVP-TE LSP to remote next hop in region-2 goes down you want to
>> consider this a trigger to invalidate given next hop ? Ok but we are back
>> to #2 above. Still one by one ...
>>
> [IM] Sure! Most of the modern SP-ready devices react on an LSP failure.
> Once I tested an IOS device and it didn't react on an LSP failure at all
> because it had a route toward an NH. Horrible...
>
>>
>>
>>> All of them describe some group of prefixes and can influence the
>>> switchover to their backups.
>>>
>>
>> That would be true for vanilla IPv4/\Pv6 SAFI 1. Not for SAFI 4 or SAFI
>> 76.
>>
> [IM] I didn't get it, sorry.
>
>>
>> Cheers,
>> R.
>>
>>

v2.23.0 | Report a Bug | By Email