IETF Logo Mail Archive

Re: [Idr] I-D Action: draft-ietf-idr-bgp-fwd-rr-02.txt

Robert Raszuk <robert@raszuk.net> Mon, 18 March 2024 10:55 UTC

Return-Path: <robert@raszuk.net>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BBB30C151061 for <idr@ietfa.amsl.com>; Mon, 18 Mar 2024 03:55:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.004
X-Spam-Level:
X-Spam-Status: No, score=-2.004 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=raszuk.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bq5rzuZIim3y for <idr@ietfa.amsl.com>; Mon, 18 Mar 2024 03:55:11 -0700 (PDT)
Received: from mail-ed1-x533.google.com (mail-ed1-x533.google.com [IPv6:2a00:1450:4864:20::533]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 12B16C151093 for <idr@ietf.org>; Mon, 18 Mar 2024 03:55:00 -0700 (PDT)
Received: by mail-ed1-x533.google.com with SMTP id 4fb4d7f45d1cf-56b85146589so153746a12.0 for <idr@ietf.org>; Mon, 18 Mar 2024 03:55:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=raszuk.net; s=google; t=1710759299; x=1711364099; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=Y5ZphJMabjVBOqA8qAskWNFBOMJnUsI+P3oqxP5q9LQ=; b=A6z0J3e39QJbyG0Mlh9M6CfmM28HQn32Qv+/+JXB+J7BohmZm/+oeBqy5JOfXl0deS HlATnniIo7hSAH2x53Pcjt7WG9Z70Y4AeB5tq3gKkWrQDtwCF08TWRit4VBAKrakEWRS tSXaTWlPdFeeySbSoAw7y9T4xlH5fS5P/OwTLpVCmuqb6Yh2rxs4gjxhQ7e7XWjz6o9I Ul95jZzS/keGakWvpmhTdbFcVYRV/j2pEnEOBpPPXJUEJ+2/qX5klwjQ0i0NkejXRdY5 ems0QTpuh6cql+RwW4qVYTboV5K2SilNFLLqBsOL4mNd22tBgL/bNnjsLA0YY50csoGM B9ag==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1710759299; x=1711364099; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=Y5ZphJMabjVBOqA8qAskWNFBOMJnUsI+P3oqxP5q9LQ=; b=pDkuMyIY95QdoKnxMFG9bHJVxEajk1p4A2VOy5izKxbCKsa+r9m8alvB5EG+9oyP+s Vx1DwW47UNe7zEP+suebIP/GcxxnBObhNpzAj3th7o33DKYAtnuvpBdfjQVaGzeTodQ7 O+j4wAmxgqyaMS6dEzdPRDPWKlQoL9NYEa+Okz5UyPfrMM3DQPTDHDka3DOtLSV9+rU/ UbL9agjV9mJlVjVxDEURsq+cWK2abdE7ljYtbmM3YWgURExem5CBgm5x8wGrj+gtuDps jkiW0FHtWjNaE/VogB3ba7hskFxczaHtytcadvQ9zSQ14wgRb5TfhHndkiF1ibIZLDud SfyQ==
X-Forwarded-Encrypted: i=1; AJvYcCWecZ4eC4W4ogmQdZjUl7HH4Nn68uaXIlQgy+6DwW358Zf26weTK+XiMYu6pnSCuRYtORpwREgOYQtwmsE=
X-Gm-Message-State: AOJu0YyxBnLHU6XSmAsRKUmREOuL0IWuud+JgK5A/hGbQKQz7mWKblrw SHJbygaXaX6oSbkFcEwQg/T58Age7D9SN2qzdB7pW4KeSn4FN7YO7XvaXATeZD6Vy8qsjghBxAX D2iMstZ/06k6rvnLxrRYRH1XfTvEdFwzGYgQa8A==
X-Google-Smtp-Source: AGHT+IE7GtKIsonHwk051sNmFlOQCJXS796A9+fmbswGnJhreZJj8RJTgFpv04XU1VNYYNsR/ohXaH8CUShv/V0QT+U=
X-Received: by 2002:aa7:d586:0:b0:56b:7eee:fee9 with SMTP id r6-20020aa7d586000000b0056b7eeefee9mr804366edq.5.1710759298765; Mon, 18 Mar 2024 03:54:58 -0700 (PDT)
MIME-Version: 1.0
References: <171065415177.59997.7631576612994148063@ietfa.amsl.com> <CAOj+MMEsp_UfuiHdc4U_Bv5o7xsYYK_RryusUZ88u+SH9xifSA@mail.gmail.com> <SJ0PR05MB86322B34D635E7F221C04C0FA22D2@SJ0PR05MB8632.namprd05.prod.outlook.com> <CAEfhRrxDVi_Yw2wtTWiGzjw4pQ-8TF-48UCY5AUxMpKdrbexZw@mail.gmail.com>
In-Reply-To: <CAEfhRrxDVi_Yw2wtTWiGzjw4pQ-8TF-48UCY5AUxMpKdrbexZw@mail.gmail.com>
From: Robert Raszuk <robert@raszuk.net>
Date: Mon, 18 Mar 2024 11:54:47 +0100
Message-ID: <CAOj+MMHNAz741WP9Pf2UCSOQRj6YepFh=Q4tzedmwBCm6e289g@mail.gmail.com>
To: Igor Malyushkin <gmalyushkin@gmail.com>
Cc: Kaliraj Vairavakkalai <kaliraj=40juniper.net@dmarc.ietf.org>, "idr@ietf. org" <idr@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000004cb06c0613ed308d"
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/de-GUFenNewTGyNF0cAx_uIkO9I>
Subject: Re: [Idr] I-D Action: draft-ietf-idr-bgp-fwd-rr-02.txt
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Mar 2024 10:55:14 -0000

> the egress PIC

Except this is not real egress PIC.

In egress PIC ASBRs or PEs receive EBGP paths and rarely act as RRs.

Here we seem to have a case of option C and IBGP domain where ABRs are
usually redundantly connected and they learn routes over IBGP from each
site.

I must admit that I have never seen a real practical analysis if in such
cases we should be doing PIC between ABRs acting as RRs. Especially for
infrastructure routes.

And btw propagating withdraws via good RRs last time I measured was taking
at most single milliseconds.

Cheers,
R.


On Mon, Mar 18, 2024 at 11:24 AM Igor Malyushkin <gmalyushkin@gmail.com>
wrote:

> Hi,
>
> AFAIK, the egress PIC is a widely deployed feature with labeled paths. One
> of its characteristics is to preserve traffic in-flight, that was sent just
> in time of a failure event or slightly after that. Traffic is almost always
> faster than any control plane stuff. The significant problem with PIC in
> this case is a possible temporal loop if a destination node fails, but it
> is a separate topic.
>
> My 2 cents.
>
> пн, 18 мар. 2024 г. в 08:40, Kaliraj Vairavakkalai <kaliraj=
> 40juniper.net@dmarc.ietf.org>:
>
>> Hi Robert, please see inline. KV>
>>
>>
>>
>> Thanks
>>
>> Kaliraj
>>
>>
>>
>> Juniper Business Use Only
>>
>> *From: *Robert Raszuk <robert@raszuk.net>
>> *Date: *Sunday, March 17, 2024 at 11:28 PM
>> *To: *Kaliraj Vairavakkalai <kaliraj@juniper.net>
>> *Cc: *idr@ietf. org <idr@ietf.org>
>> *Subject: *Fwd: I-D Action: draft-ietf-idr-bgp-fwd-rr-02.txt
>>
>> *[External Email. Be cautious of content]*
>>
>>
>>
>> Hi Kaliraj,
>>
>>
>>
>> Thx for posting the new version.
>>
>>
>>
>> I have one observation or clarification to be made in respect to text you
>> added in section 4.1:
>>
>>
>>
>> > However this approach does not allow the ABR-ABR tunnels to be
>>
>> > used as backup path, in the event where an ABR looses all tunnels
>>
>> > to upstream ASBR.
>>
>>
>>
>> So you are talking about the delta time it takes for ABR which looses all
>> tunnels to upstream ASBRs to send BGP withdraws for those learned
>> infrastructure routes - correct ?
>>
>>
>>
>> KV> Yes. Those withdrawals need to anyway happen, and reach both the
>> ingress PEs and adjoining/redundant ABR.
>>
>> KV> So that they can do BGP PIC repair based on that event.
>>
>> KV> Here I am saying that such BGP PIC repair can happen only at ingress
>> PE
>>
>> KV> (which may be multiple BGP hops away), and not at the adjoining ABR.
>>
>>
>>
>> So we are talking 10s of milliseconds here from the moment all such paths
>> are invalidated (which  -the detection and invalidation is needed in any
>> scenario).
>>
>>
>>
>> KV> The BGP update propagation can take longer, based on load on the BGP
>> propagation path. But BGP PIC itself can’t always
>>
>> KV> guarantee 10s of ms restoration. It only guarantees restoring the
>> traffic without depending on service-prefix scale
>>
>> KV> once the unreachability is detected (in this case: BGP withdrawal is
>> received).
>>
>>
>>
>> As you have established each ABR will set next hop self and advertise
>> routes to local PEs (directly or via yet one more pair of RRs (RR26 here)).
>> So each PE will already have backup paths all what you are observing here
>> is the time before PEs invalidate paths advertised by ASBR which
>> looses upstream tunnels.
>>
>>
>>
>> KV> Agreed.
>>
>>
>>
>> So if such failure models are really likely to happen (in spite of
>> redundant ABR connectivity in each area)  I would rather focus on fast
>> removal of broken paths from the network with one next hop invalidation
>> (single BGP or IGP message, single RIB to FIB switchover on PEs) etc ...
>>
>>
>>
>> KV> As explained above, that would also happen. But it may take longer
>> than if the repair happened at the ABR, which is closer to the failure
>> event.
>>
>> KV> Just a tradeoff to be aware of. Thx.
>>
>>
>>
>> Thx,
>> Robert
>>
>>
>>
>> ---------- Forwarded message ---------
>> From: <internet-drafts@ietf.org>
>> Date: Sun, Mar 17, 2024 at 6:42 AM
>> Subject: I-D Action: draft-ietf-idr-bgp-fwd-rr-02.txt
>> To: <i-d-announce@ietf.org>
>> Cc: <idr@ietf.org>
>>
>>
>>
>> Internet-Draft draft-ietf-idr-bgp-fwd-rr-02.txt is now available. It is a
>> work
>> item of the Inter-Domain Routing (IDR) WG of the IETF.
>>
>>    Title:   BGP Route Reflector with Next Hop Self
>>    Authors: Kaliraj Vairavakkalai
>>             Natrajan Venkataraman
>>    Name:    draft-ietf-idr-bgp-fwd-rr-02.txt
>>    Pages:   9
>>    Dates:   2024-03-16
>>
>> Abstract:
>>
>>    The procedures in BGP Route Reflection (RR) spec RFC4456 primarily
>>    deal with scenarios where the RR is reflecting BGP routes with next
>>    hop unchanged.  In some deployments like Inter-AS Option C
>>    (Section 10, RFC4364), the ABRs may perform RR functionality with
>>    nexthop set to self.  If adequate precautions are not taken, the
>>    RFC4456 procedures can result in traffic forwarding loop in such
>>    deployments.
>>
>>    This document illustrates one such looping scenario, and specifies
>>    approaches to minimize possiblity of traffic forwarding loop in such
>>    deployments.  An example with Inter-AS Option C (Section 10, RFC4364)
>>    deployment is used, where RR with next hop self is used at redundant
>>    ABRs when they re-advertise BGP transport family routes between
>>    multiple IGP domains.
>>
>> The IETF datatracker status page for this Internet-Draft is:
>> https://datatracker.ietf.org/doc/draft-ietf-idr-bgp-fwd-rr/
>> <https://urldefense.com/v3/__https:/datatracker.ietf.org/doc/draft-ietf-idr-bgp-fwd-rr/__;!!NEt6yMaO-gk!Hv7GNYr6n89i4QRD_aXV0QhV0N_J6YWRal9RjghMoB6DdmitfkQrjPi8YKCDbwPDc6YiEq2NYiMTgzkj$>
>>
>> There is also an HTMLized version available at:
>> https://datatracker.ietf.org/doc/html/draft-ietf-idr-bgp-fwd-rr-02
>> <https://urldefense.com/v3/__https:/datatracker.ietf.org/doc/html/draft-ietf-idr-bgp-fwd-rr-02__;!!NEt6yMaO-gk!Hv7GNYr6n89i4QRD_aXV0QhV0N_J6YWRal9RjghMoB6DdmitfkQrjPi8YKCDbwPDc6YiEq2NYmrSzwvH$>
>>
>> A diff from the previous version is available at:
>> https://author-tools.ietf.org/iddiff?url2=draft-ietf-idr-bgp-fwd-rr-02
>> <https://urldefense.com/v3/__https:/author-tools.ietf.org/iddiff?url2=draft-ietf-idr-bgp-fwd-rr-02__;!!NEt6yMaO-gk!Hv7GNYr6n89i4QRD_aXV0QhV0N_J6YWRal9RjghMoB6DdmitfkQrjPi8YKCDbwPDc6YiEq2NYmTSTQwU$>
>>
>> Internet-Drafts are also available by rsync at:
>> rsync.ietf.org::internet-drafts
>>
>>
>> _______________________________________________
>> I-D-Announce mailing list
>> I-D-Announce@ietf.org
>> https://www.ietf.org/mailman/listinfo/i-d-announce
>> <https://urldefense.com/v3/__https:/www.ietf.org/mailman/listinfo/i-d-announce__;!!NEt6yMaO-gk!Hv7GNYr6n89i4QRD_aXV0QhV0N_J6YWRal9RjghMoB6DdmitfkQrjPi8YKCDbwPDc6YiEq2NYmzhCeS9$>
>> _______________________________________________
>> Idr mailing list
>> Idr@ietf.org
>> https://www.ietf.org/mailman/listinfo/idr
>>
>

v2.23.0 | Report a Bug | By Email