[Idr] draft-uttaro-idr-bgp-persistence-00

Robert Raszuk <robert@raszuk.net> Sun, 23 October 2011 21:32 UTC

Return-Path: <robert@raszuk.net>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 2B8C121F8AAA for <idr@ietfa.amsl.com>; Sun, 23 Oct 2011 14:32:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.68
X-Spam-Status: No, score=-1.68 tagged_above=-999 required=5 tests=[AWL=-0.300, BAYES_00=-2.599, J_CHICKENPOX_13=0.6, RCVD_IN_SORBS_WEB=0.619]
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id i2NwPqsYfPT2 for <idr@ietfa.amsl.com>; Sun, 23 Oct 2011 14:32:23 -0700 (PDT)
Received: from mail37.opentransfer.com (mail37.opentransfer.com []) by ietfa.amsl.com (Postfix) with SMTP id 52EFE21F8AA9 for <idr@ietf.org>; Sun, 23 Oct 2011 14:32:22 -0700 (PDT)
Received: (qmail 13944 invoked by uid 399); 23 Oct 2011 21:32:21 -0000
Received: from unknown (HELO ? ( by mail37.opentransfer.com with SMTP; 23 Oct 2011 21:32:21 -0000
Message-ID: <4EA487E4.2040201@raszuk.net>
Date: Sun, 23 Oct 2011 23:32:20 +0200
From: Robert Raszuk <robert@raszuk.net>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20110929 Thunderbird/7.0.1
MIME-Version: 1.0
To: "idr@ietf.org List" <idr@ietf.org>
References: <4EA1F0FB.3090100@raszuk.net>
In-Reply-To: <4EA1F0FB.3090100@raszuk.net>
X-Forwarded-Message-Id: <4EA1F0FB.3090100@raszuk.net>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: [Idr] draft-uttaro-idr-bgp-persistence-00
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: robert@raszuk.net
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/idr>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 23 Oct 2011 21:32:24 -0000


Actually when discussing this draft a new concern surfaced which I would 
like to get your answer on.

The draft in section 4.2 says as one of the forwarding rules:

    o  Forwarding to a "stale" route is only used if there are no other
       paths available to that route.  In other words an active path
       always wins regardless of path selection.  "Stale" state is always
       considered to be less preferred when compared with an active path.

In the light of the above rule let's consider a very simple case of dual 
PE attached site of L3VPN service. Two CEs would inject into their IBGP 
mesh routes to the remote destination: one marked as STALE and  one not 
marked at all. (Each CE is connected to different PE and each PE RT 
imports only a single route to a remote hub headquarter to support 
geographic load balancing).

Let me illustrate:

  VPN Customer HUB

    PE3      PE4
    PE1      PE2
     |        |
     |        |
    CE1      CE2
     |        |
    1|        |10
     |        |
    R1 ------ R2

CE1,CE2,R1,R2 are in IBGP mesh. IGP metric of CE1-R1 and R1-R2 are 1 and 
R2-CE2 is 10.

Prefix X is advertised by remote hub in the given VPN such that PE1 vrf 
towards CE1 only has X via PE3 and PE2's vrf towards CE2 only has X via PE4.

Let's assume EBGP sessions PE3 to HUB went down, but ethernet link is 
up, next hop is in the RIB while data plane is gone. Assume no data 
plane real validation too. /* That is why in my former message I 
suggested that data plane validation would be necessary */.

R1 has X via PE1/S (stale) and X via PE2/A (active) - it understands 
STALE so selects in his forwarding table path via CE2.

R2 has X via PE1/S (stale) and X via PE2/A (active) - it does not 
understand STALE, never was upgraded to support the forwarding rule 
stated above in the draft and chooses X via CE1 (NH metric 2 vs 10).

R1--R2 produce data plane loop as long as STALE paths are present in the 
system. Quite fun to troubleshoot too as the issue of PE3 injecting such 
STALE paths may be on the opposite site of the world.

The issue occurs when some routers within the customer site will be able 
to recognize STALE transitive community and prefer non stale paths in 
their forwarding planes (or BGP planes for that matter) while others 
will not as well as when both stale and non stale paths will be present.

Question 1: How do you prevent forwarding loop in such case ?

Question 2: How do you prevent forwarding loop in the case when customer 
would have backup connectivity to his sites or connectivity via 
different VPN provider yet routers in his site only partially understand 
the STALE community and only partially follow the forwarding rules ?

In general as the rule is about mandating some particular order of path 
forwarding selection what is the mechanism in distributed systems like 
today's routing to be able to achieve any assurance that such rule is 
active and enforced across _all_ routers behind EBGP PE-CE L3VPN 
boundaries in customer sites ?

Best regards,

-------- Original Message --------
Subject: [Idr] draft-uttaro-idr-bgp-persistence-00
Date: Sat, 22 Oct 2011 00:23:55 +0200
From: Robert Raszuk <robert@raszuk.net>
Reply-To: robert@raszuk.net
To: idr@ietf.org List <idr@ietf.org>


I have read the draft and have one question and one observation.


What is the point of defining DO_NOT_PERSIST community ? In other words
why not having PERSIST community set would not mean the same as having
path marked with DO_NOT_PERSIST.


I found the below statement in section 4.2:

    o  Forwarding must ensure that the Next Hop to a "stale" route is

Of course I agree. But since we stating obvious in the forwarding
section I think it would be good to explicitly also state this in the
best path selection that next hop to STALE best path must be valid.

However sessions especially those between loopbacks do not go down for
no reason. Most likely there is network problem which may have caused
those sessions to go down. It is therefor likely that LDP session went
also down between any of the LSRs in the data path and that in spite of
having the paths in BGP and next hops in IGP the LSP required for both
quoted L2/L3VPN applications is broken. That may particularly happen
when network chooses to use independent control mode for label allocation.

I would suggest to at least add the recommendation statement to the
document that during best path selection especially for stale paths a
validity of required forwarding paradigm to next hop of stale paths
should be verified.

For example using techniques as described in:

Best regards,

Idr mailing list