IETF Logo Mail Archive

Re: [Idr] I-D Action: draft-ietf-idr-bgp-fwd-rr-02.txt

Igor Malyushkin <gmalyushkin@gmail.com> Mon, 18 March 2024 11:15 UTC

Return-Path: <gmalyushkin@gmail.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1EF68C180B6E for <idr@ietfa.amsl.com>; Mon, 18 Mar 2024 04:15:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.004
X-Spam-Level:
X-Spam-Status: No, score=-2.004 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cX7K9R-UtkgT for <idr@ietfa.amsl.com>; Mon, 18 Mar 2024 04:15:30 -0700 (PDT)
Received: from mail-vk1-xa2d.google.com (mail-vk1-xa2d.google.com [IPv6:2607:f8b0:4864:20::a2d]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EA70AC14F69E for <idr@ietf.org>; Mon, 18 Mar 2024 04:13:56 -0700 (PDT)
Received: by mail-vk1-xa2d.google.com with SMTP id 71dfb90a1353d-4d43b8b258aso730043e0c.1 for <idr@ietf.org>; Mon, 18 Mar 2024 04:13:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1710760436; x=1711365236; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=BVetxlWw9drtn0sEBCF8QLAyviMpH3WlYUMRBw5iIJk=; b=HIGNaaiQJyHr4LVKq4YsHFfps58mt+MrNJDxkhelFGqgJ3jGaooyBPDbmEG+ToHho8 bSiCc0gGS56S5JrBFwlKoxUmqi2dbO3JuT5oUaVmv09BnR2TSnRuMil/MlanmXgvKbVC af9yKD+q98FdFsi9oy24XxiedjXntpltIBo2lxyneH7SI9XyWgAhpNZ8BJwPNqp2iGsj 6d7UBBbRHi9nYe0uXbNJmjvoNBVhXzY/5tyqt2U+MlykLHOCF1FkpX0SK+Ik0nFYS1XJ pEg0b3i3YVuEVFTHkf5NibtJ9ZDQXz/ssu1hz+CruEz15uAQxfaZQmFbYs/KRjYRD6Vw L5Eg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1710760436; x=1711365236; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=BVetxlWw9drtn0sEBCF8QLAyviMpH3WlYUMRBw5iIJk=; b=A2kbn6/cLOB8lgTsyejY3ONV8ZNGpNFz9XyPza8/iP6OwHwGNnuUUjAu73NJL29//i RA9lqj4tDr2MIfUW+8Rf3+qR093yokzW0RlXIn3PZnNJoLaeIm90+Xz1y7xHeQg5MsUX uXa7/L+6XOiGLOVHTTqQUh7zE6tBBOkGGiqelCW613/a7ixCOPVafZxDqZ/fZMZLAbww v0k4MTrJFKflEhCtX9onojnq5ZBCC1ZD2+HdSMAv2xCwvD8OM4n5jUmCejZ3mMT9nt0E yauL6Veg524JyGEmrq8O8u2tDH65mMcXVXnwXJXajneUrEaJW+qd/SJxm7M1mipISB3D lQuQ==
X-Forwarded-Encrypted: i=1; AJvYcCUJm5FU9IfyN5YXYZZyn/DKSGfDezL4D5sVGTNX7DBA9VFZ9o/cMpR7ouGEd5CvZ6Ablj40CbZ6YihOEwI=
X-Gm-Message-State: AOJu0YzMxskYVyBct6IfiDm0HaepM4RXqSv436UAJV27TeKRxR+ybAHM qCzJwSuhRWos8rq0aBcXnjY5TPe+7j/a8IzPgPmVZy+Pl+CLUVVrM5TPhkj5Z30Cxi5duPQKCLk KZpywUQKZ44NCXhHz4RJAeN60baAcguzm0VU=
X-Google-Smtp-Source: AGHT+IGAfLw0UeVQMo2gZ+2dDgwP444YGFOJBT9rtsZB5b69fooe91/PsNtGfuLc47sYiUaQDyfXpCdJOPve9DLOcfI=
X-Received: by 2002:a1f:fe4b:0:b0:4d1:34a1:c892 with SMTP id l72-20020a1ffe4b000000b004d134a1c892mr6378606vki.13.1710760435668; Mon, 18 Mar 2024 04:13:55 -0700 (PDT)
MIME-Version: 1.0
References: <171065415177.59997.7631576612994148063@ietfa.amsl.com> <CAOj+MMEsp_UfuiHdc4U_Bv5o7xsYYK_RryusUZ88u+SH9xifSA@mail.gmail.com> <SJ0PR05MB86322B34D635E7F221C04C0FA22D2@SJ0PR05MB8632.namprd05.prod.outlook.com> <CAEfhRrxDVi_Yw2wtTWiGzjw4pQ-8TF-48UCY5AUxMpKdrbexZw@mail.gmail.com> <CAOj+MMHNAz741WP9Pf2UCSOQRj6YepFh=Q4tzedmwBCm6e289g@mail.gmail.com>
In-Reply-To: <CAOj+MMHNAz741WP9Pf2UCSOQRj6YepFh=Q4tzedmwBCm6e289g@mail.gmail.com>
From: Igor Malyushkin <gmalyushkin@gmail.com>
Date: Mon, 18 Mar 2024 15:13:44 +0400
Message-ID: <CAEfhRryMW9nyWfnDQdi+R5g-nypg5ppwFy_Gdf71pRMFmZysHA@mail.gmail.com>
To: Robert Raszuk <robert@raszuk.net>
Cc: Kaliraj Vairavakkalai <kaliraj=40juniper.net@dmarc.ietf.org>, "idr@ietf. org" <idr@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000105d0d0613ed741e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/ow9AtKIqiuCzZ3g2TC9nbjMXPWI>
Subject: Re: [Idr] I-D Action: draft-ietf-idr-bgp-fwd-rr-02.txt
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Mar 2024 11:15:34 -0000

Well, maybe there is some gap in terminology. I always considered this
behavior as a PIC, because we can switch between the next hops without any
dependency on the number of prefixes above. An egress characteristic here
is that it happens on a failed next-hop node (an ingress is not aware
at the moment or is just starting to react). But we can find a better name
for this to avoid confusion.

Speaking about the propagation of withdraws. As I've previously mentioned,
traffic may be sent slightly before (a few milliseconds) or just in time of
a failure. Without "protection" at egress, it will be lost if ABRs do not
exchange their routes (e.g., because of the same CLUSTER ID).
Another moment to consider is that the fast propagation not only depends on
the diameter of the BGP network (the number of BGP hops from a source of
the event to all its potential receivers) but also on the situation on
every such hop (e.g., CPU spikes). In other words, it is not constant.

пн, 18 мар. 2024 г. в 14:54, Robert Raszuk <robert@raszuk.net>:

> > the egress PIC
>
> Except this is not real egress PIC.
>
> In egress PIC ASBRs or PEs receive EBGP paths and rarely act as RRs.
>
> Here we seem to have a case of option C and IBGP domain where ABRs are
> usually redundantly connected and they learn routes over IBGP from each
> site.
>
> I must admit that I have never seen a real practical analysis if in such
> cases we should be doing PIC between ABRs acting as RRs. Especially for
> infrastructure routes.
>
> And btw propagating withdraws via good RRs last time I measured was taking
> at most single milliseconds.
>
> Cheers,
> R.
>
>
> On Mon, Mar 18, 2024 at 11:24 AM Igor Malyushkin <gmalyushkin@gmail.com>
> wrote:
>
>> Hi,
>>
>> AFAIK, the egress PIC is a widely deployed feature with labeled paths.
>> One of its characteristics is to preserve traffic in-flight, that was sent
>> just in time of a failure event or slightly after that. Traffic is almost
>> always faster than any control plane stuff. The significant problem with
>> PIC in this case is a possible temporal loop if a destination node fails,
>> but it is a separate topic.
>>
>> My 2 cents.
>>
>> пн, 18 мар. 2024 г. в 08:40, Kaliraj Vairavakkalai <kaliraj=
>> 40juniper.net@dmarc.ietf.org>:
>>
>>> Hi Robert, please see inline. KV>
>>>
>>>
>>>
>>> Thanks
>>>
>>> Kaliraj
>>>
>>>
>>>
>>> Juniper Business Use Only
>>>
>>> *From: *Robert Raszuk <robert@raszuk.net>
>>> *Date: *Sunday, March 17, 2024 at 11:28 PM
>>> *To: *Kaliraj Vairavakkalai <kaliraj@juniper.net>
>>> *Cc: *idr@ietf. org <idr@ietf.org>
>>> *Subject: *Fwd: I-D Action: draft-ietf-idr-bgp-fwd-rr-02.txt
>>>
>>> *[External Email. Be cautious of content]*
>>>
>>>
>>>
>>> Hi Kaliraj,
>>>
>>>
>>>
>>> Thx for posting the new version.
>>>
>>>
>>>
>>> I have one observation or clarification to be made in respect to text
>>> you added in section 4.1:
>>>
>>>
>>>
>>> > However this approach does not allow the ABR-ABR tunnels to be
>>>
>>> > used as backup path, in the event where an ABR looses all tunnels
>>>
>>> > to upstream ASBR.
>>>
>>>
>>>
>>> So you are talking about the delta time it takes for ABR which
>>> looses all tunnels to upstream ASBRs to send BGP withdraws for those
>>> learned infrastructure routes - correct ?
>>>
>>>
>>>
>>> KV> Yes. Those withdrawals need to anyway happen, and reach both the
>>> ingress PEs and adjoining/redundant ABR.
>>>
>>> KV> So that they can do BGP PIC repair based on that event.
>>>
>>> KV> Here I am saying that such BGP PIC repair can happen only at ingress
>>> PE
>>>
>>> KV> (which may be multiple BGP hops away), and not at the adjoining ABR.
>>>
>>>
>>>
>>> So we are talking 10s of milliseconds here from the moment all such
>>> paths are invalidated (which  -the detection and invalidation is needed in
>>> any scenario).
>>>
>>>
>>>
>>> KV> The BGP update propagation can take longer, based on load on the BGP
>>> propagation path. But BGP PIC itself can’t always
>>>
>>> KV> guarantee 10s of ms restoration. It only guarantees restoring the
>>> traffic without depending on service-prefix scale
>>>
>>> KV> once the unreachability is detected (in this case: BGP withdrawal is
>>> received).
>>>
>>>
>>>
>>> As you have established each ABR will set next hop self and advertise
>>> routes to local PEs (directly or via yet one more pair of RRs (RR26 here)).
>>> So each PE will already have backup paths all what you are observing here
>>> is the time before PEs invalidate paths advertised by ASBR which
>>> looses upstream tunnels.
>>>
>>>
>>>
>>> KV> Agreed.
>>>
>>>
>>>
>>> So if such failure models are really likely to happen (in spite of
>>> redundant ABR connectivity in each area)  I would rather focus on fast
>>> removal of broken paths from the network with one next hop invalidation
>>> (single BGP or IGP message, single RIB to FIB switchover on PEs) etc ...
>>>
>>>
>>>
>>> KV> As explained above, that would also happen. But it may take longer
>>> than if the repair happened at the ABR, which is closer to the failure
>>> event.
>>>
>>> KV> Just a tradeoff to be aware of. Thx.
>>>
>>>
>>>
>>> Thx,
>>> Robert
>>>
>>>
>>>
>>> ---------- Forwarded message ---------
>>> From: <internet-drafts@ietf.org>
>>> Date: Sun, Mar 17, 2024 at 6:42 AM
>>> Subject: I-D Action: draft-ietf-idr-bgp-fwd-rr-02.txt
>>> To: <i-d-announce@ietf.org>
>>> Cc: <idr@ietf.org>
>>>
>>>
>>>
>>> Internet-Draft draft-ietf-idr-bgp-fwd-rr-02.txt is now available. It is
>>> a work
>>> item of the Inter-Domain Routing (IDR) WG of the IETF.
>>>
>>>    Title:   BGP Route Reflector with Next Hop Self
>>>    Authors: Kaliraj Vairavakkalai
>>>             Natrajan Venkataraman
>>>    Name:    draft-ietf-idr-bgp-fwd-rr-02.txt
>>>    Pages:   9
>>>    Dates:   2024-03-16
>>>
>>> Abstract:
>>>
>>>    The procedures in BGP Route Reflection (RR) spec RFC4456 primarily
>>>    deal with scenarios where the RR is reflecting BGP routes with next
>>>    hop unchanged.  In some deployments like Inter-AS Option C
>>>    (Section 10, RFC4364), the ABRs may perform RR functionality with
>>>    nexthop set to self.  If adequate precautions are not taken, the
>>>    RFC4456 procedures can result in traffic forwarding loop in such
>>>    deployments.
>>>
>>>    This document illustrates one such looping scenario, and specifies
>>>    approaches to minimize possiblity of traffic forwarding loop in such
>>>    deployments.  An example with Inter-AS Option C (Section 10, RFC4364)
>>>    deployment is used, where RR with next hop self is used at redundant
>>>    ABRs when they re-advertise BGP transport family routes between
>>>    multiple IGP domains.
>>>
>>> The IETF datatracker status page for this Internet-Draft is:
>>> https://datatracker.ietf.org/doc/draft-ietf-idr-bgp-fwd-rr/
>>> <https://urldefense.com/v3/__https:/datatracker.ietf.org/doc/draft-ietf-idr-bgp-fwd-rr/__;!!NEt6yMaO-gk!Hv7GNYr6n89i4QRD_aXV0QhV0N_J6YWRal9RjghMoB6DdmitfkQrjPi8YKCDbwPDc6YiEq2NYiMTgzkj$>
>>>
>>> There is also an HTMLized version available at:
>>> https://datatracker.ietf.org/doc/html/draft-ietf-idr-bgp-fwd-rr-02
>>> <https://urldefense.com/v3/__https:/datatracker.ietf.org/doc/html/draft-ietf-idr-bgp-fwd-rr-02__;!!NEt6yMaO-gk!Hv7GNYr6n89i4QRD_aXV0QhV0N_J6YWRal9RjghMoB6DdmitfkQrjPi8YKCDbwPDc6YiEq2NYmrSzwvH$>
>>>
>>> A diff from the previous version is available at:
>>> https://author-tools.ietf.org/iddiff?url2=draft-ietf-idr-bgp-fwd-rr-02
>>> <https://urldefense.com/v3/__https:/author-tools.ietf.org/iddiff?url2=draft-ietf-idr-bgp-fwd-rr-02__;!!NEt6yMaO-gk!Hv7GNYr6n89i4QRD_aXV0QhV0N_J6YWRal9RjghMoB6DdmitfkQrjPi8YKCDbwPDc6YiEq2NYmTSTQwU$>
>>>
>>> Internet-Drafts are also available by rsync at:
>>> rsync.ietf.org::internet-drafts
>>>
>>>
>>> _______________________________________________
>>> I-D-Announce mailing list
>>> I-D-Announce@ietf.org
>>> https://www.ietf.org/mailman/listinfo/i-d-announce
>>> <https://urldefense.com/v3/__https:/www.ietf.org/mailman/listinfo/i-d-announce__;!!NEt6yMaO-gk!Hv7GNYr6n89i4QRD_aXV0QhV0N_J6YWRal9RjghMoB6DdmitfkQrjPi8YKCDbwPDc6YiEq2NYmzhCeS9$>
>>> _______________________________________________
>>> Idr mailing list
>>> Idr@ietf.org
>>> https://www.ietf.org/mailman/listinfo/idr
>>>
>>

v2.23.0 | Report a Bug | By Email