IETF Logo Mail Archive

Re: [Idr] ietf-104 responding to Rüdiger's comment about bfd strict mode

"Rajiv Asati (rajiva)" <rajiva@cisco.com> Thu, 28 March 2019 13:45 UTC

Return-Path: <rajiva@cisco.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9D8DD12043F for <idr@ietfa.amsl.com>; Thu, 28 Mar 2019 06:45:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.501
X-Spam-Level:
X-Spam-Status: No, score=-14.501 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=Gz1hIDZy; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=LaqazNtU
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TVw7cmuj4vxS for <idr@ietfa.amsl.com>; Thu, 28 Mar 2019 06:45:51 -0700 (PDT)
Received: from rcdn-iport-5.cisco.com (rcdn-iport-5.cisco.com [173.37.86.76]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BECF5120428 for <idr@ietf.org>; Thu, 28 Mar 2019 06:45:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=12365; q=dns/txt; s=iport; t=1553780750; x=1554990350; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=ESq05DC1iCeZpEo88ufRWYIYL8eJb4FZ92sEEq58Zwc=; b=Gz1hIDZyI3Cxpkt4n/ewp4pFoZ852AvtMUWonx72Dc01nV5lPKMOtHC7 a5LDp1qrhBcNrwGNTKg1UEEIzExJJRS6kBMY3Ncbac7SifcSNMBFbfx6E 4cJlQ5jN8WgoiQtVcV0v7tS3aVgGiWM2E9Oa6hVZzoyeYxJSfon01bfyc 8=;
IronPort-PHdr: 9a23:Tt+NGRXaNxNEZMp5pWH6u3eDHpDV8LGuZFwc94YnhrRSc6+q45XlOgnF6O5wiEPSANSJ8OpK3uzRta2oGXcN55qMqjgjSNRNTFdE7KdehAk8GIiAAEz/IuTtankgFcZDSlZN9HCgOk8TE8H7NBXf
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0AEAACfzpxc/4MNJK1kGgEBAQEBAgEBAQEHAgEBAQGBUQUBAQEBCwGBPSQFJwNodAQLJwqEBINHA4RSiliCMpJqhEmBLoEkA1QNAQEYAQoJhEACF4UbIjQJDQEBAwEBCQEDAm0cDIVLAgQBASEdAQEFJwsBDwIBCD8DAgICJQsUBgsCBA4FgyIBgRFMAxUBAgyfBQKKFHGBL4J4AQEFLYEIAoNNGIIMAwWBLwGLMReBQD+BOAwTgkw+gmEBAQOBdRaCXTGCJox8hCKHSoxGCQKHaotbGoIDkgmCdolOhHGNMQIEAgQFAg4BAQWBTTgogS5wFTsqAYJBggoMF4EAAQmCQYUUhT9ygSiNLgGBHgEB
X-IronPort-AV: E=Sophos;i="5.60,280,1549929600"; d="scan'208,217";a="322402414"
Received: from alln-core-1.cisco.com ([173.36.13.131]) by rcdn-iport-5.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 28 Mar 2019 13:45:49 +0000
Received: from XCH-ALN-012.cisco.com (xch-aln-012.cisco.com [173.36.7.22]) by alln-core-1.cisco.com (8.15.2/8.15.2) with ESMTPS id x2SDjnuG005327 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Thu, 28 Mar 2019 13:45:49 GMT
Received: from xhs-rcd-002.cisco.com (173.37.227.247) by XCH-ALN-012.cisco.com (173.36.7.22) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Thu, 28 Mar 2019 08:45:48 -0500
Received: from xhs-rtp-003.cisco.com (64.101.210.230) by xhs-rcd-002.cisco.com (173.37.227.247) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Thu, 28 Mar 2019 08:45:47 -0500
Received: from NAM02-SN1-obe.outbound.protection.outlook.com (64.101.32.56) by xhs-rtp-003.cisco.com (64.101.210.230) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Thu, 28 Mar 2019 09:45:47 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector1-cisco-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ESq05DC1iCeZpEo88ufRWYIYL8eJb4FZ92sEEq58Zwc=; b=LaqazNtUZAnm3mMe79g434pQCuhw10YrlQ6blmzxd367eOCo6F4Yb5B9XBINGeQw8HJju2yucPamTZ42gL7vAtxRRK3hkw1J/UXgxesOFPQMBlB/wsBuG5clhGLiVdAbGdXy6yZDjEB7KtnnJxVDBg/BeoSes4nj/J7j9g3QdJo=
Received: from DM6PR11MB3068.namprd11.prod.outlook.com (20.177.218.153) by DM6PR11MB2681.namprd11.prod.outlook.com (20.176.99.143) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1750.15; Thu, 28 Mar 2019 13:45:46 +0000
Received: from DM6PR11MB3068.namprd11.prod.outlook.com ([fe80::5d16:a8db:b524:e147]) by DM6PR11MB3068.namprd11.prod.outlook.com ([fe80::5d16:a8db:b524:e147%4]) with mapi id 15.20.1750.014; Thu, 28 Mar 2019 13:45:46 +0000
From: "Rajiv Asati (rajiva)" <rajiva@cisco.com>
To: Robert Raszuk <robert@raszuk.net>
CC: Jeffrey Haas <jhaas@pfrc.org>, "idr@ietf. org" <idr@ietf.org>
Thread-Topic: [Idr] ietf-104 responding to Rüdiger's comment about bfd strict mode
Thread-Index: AQHU5V6hvCeBEnYKGE+SHLgOd36tj6YhDj8A
Date: Thu, 28 Mar 2019 13:45:46 +0000
Message-ID: <5C0D4799-8650-4BF5-822F-99147B23C131@cisco.com>
References: <20190328111833.GB24351@pfrc.org> <CAOj+MMGorV9StNVCvDyHgHHTdg+u0EQ0VDT-L6AVVUQTKGkwfQ@mail.gmail.com>
In-Reply-To: <CAOj+MMGorV9StNVCvDyHgHHTdg+u0EQ0VDT-L6AVVUQTKGkwfQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=rajiva@cisco.com;
x-originating-ip: [107.77.221.72]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 2bdbbb84-4739-47d8-8db7-08d6b383ae48
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600127)(711020)(4605104)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7153060)(7193020); SRVR:DM6PR11MB2681;
x-ms-traffictypediagnostic: DM6PR11MB2681:
x-ms-exchange-purlcount: 2
x-microsoft-antispam-prvs: <DM6PR11MB2681895672BB6FA69030E5B9C7590@DM6PR11MB2681.namprd11.prod.outlook.com>
x-forefront-prvs: 0990C54589
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(366004)(39860400002)(136003)(396003)(376002)(346002)(189003)(199004)(26005)(8936002)(186003)(5660300002)(105586002)(36756003)(478600001)(3846002)(86362001)(99286004)(966005)(53546011)(6506007)(606006)(102836004)(106356001)(224303003)(66066001)(66574012)(97736004)(68736007)(2906002)(7736002)(229853002)(316002)(33656002)(81166006)(6436002)(81156014)(82746002)(6116002)(561944003)(446003)(4326008)(71190400001)(54896002)(14454004)(6486002)(6916009)(14444005)(236005)(25786009)(11346002)(2616005)(256004)(71200400001)(54906003)(486006)(6306002)(53936002)(76176011)(83716004)(6246003)(6512007)(476003); DIR:OUT; SFP:1101; SCL:1; SRVR:DM6PR11MB2681; H:DM6PR11MB3068.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: cABrzlzHv9T721yanI/CuPUAJmVVJgH8jO7efnyZT/QrzTVdi59HcJwx/J5lq3ENUUgCU2Tj1ykIldkyGpM/mzJ9C8NocdLoxYIo1UrOFXXF0y2vhl8rbXimZ9XLQYxsVa0wjZcQLGu9/ktjIJ7hwVcmoF7lQr+QI5S/d9GqnD9r4CyQXfTXbJarRf2/odFcY17IYmRWAYRPCglrJv6aRoQ0ngeTUNu2D0gZ1QRrx7L6GW4bTSnR7AUcbtKG50Cs8o51ILjII2oTL2j7br/cSRJbNCDENXuvydmemKsWVlP5AFqEcNKHx9Ss+D7Nb6/Flb26hfQiZgSsdpKkYb2prGPkxbFh05dRIpspoZkaQEWGqAs3O3yH3YUABZQrqdnlI80YxdrvaUB5uHaW+djnNK0CojoloP6vq9L/XprEU6Q=
Content-Type: multipart/alternative; boundary="_000_5C0D479986504BF5822F99147B23C131ciscocom_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 2bdbbb84-4739-47d8-8db7-08d6b383ae48
X-MS-Exchange-CrossTenant-originalarrivaltime: 28 Mar 2019 13:45:46.4441 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR11MB2681
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.22, xch-aln-012.cisco.com
X-Outbound-Node: alln-core-1.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/pNdhObggAqepwKCzMnDSwEW9unw>
Subject: Re: [Idr] ietf-104 responding to Rüdiger's comment about bfd strict mode
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Mar 2019 13:45:57 -0000

Hi Robert,

Let me make sure that I get it right - Data plane liveness check (for 2 neighbors’ IP addresses) should be done and the result should be fed back into BGP.

The reason for not using BFD, and rather using non-BFD alternatives (such as TWAMP, IPSLA etc) is that the latter checks for neighbors IP reachability, not just link stability.

And the reason we don’t want to rely BGP initial packets (inc TCP 3-way) is that it wouldn’t detect the data plane failure for neighbor reach ability after the session has come up.

So far so good? Did I get that right?


However, Is there a broad () assumption that just because link is stable, BGP session is UP (neighbors can reach each other), then routes could be advertised and traffic would flow *through* them just fine?

As you know well, the assumption is not always valid, as we have observed in production networks. And if hooks in BGP are desired, then let’s do them to solve the broader set of issues as well.

Cheers,
Rajiv


On Mar 28, 2019, at 1:06 PM, Robert Raszuk <robert@raszuk.net<mailto:robert@raszuk.net>> wrote:

Hi,

As commented on the mic for partially loosy links I would like to see hooks in BGP outside of BFD to determine if BGP session is to be established or torn down.

Specifically using existing tools like rpm or ip sla probes ...

Thx
R.

On Thu, Mar 28, 2019, 12:19 Jeffrey Haas <jhaas@pfrc.org<mailto:jhaas@pfrc.org>> wrote:
In IETF 104, Rüdiger responded that he'd like to see BFD in BGP be used to
prove that a link is "stable enough" before we even announce routes.

As I mentioned at the mic, the critical issue is that we have varying
implementations of when BFD must be up in differing implementations with
regard to the BGP FSM.  E.g. Up before we start the transport session
(Connect), or Up before we transition to Established, or Up after
Established.

The proposal from Mercia and Acee effective summ to "if BFD strict
negotiated, wait for BFD to come up before transition to Established".  This
provides a common point for implementations to interoperate.  There is still
potentially issue with older implementations that relied on BFD to be Up
before BGP starts its TCP session; however upon supporting this feature we
implicitly add an option where the behavior is changed.

Back to Rüdiger's point: He has a desire that the session is stable before
we start announcing routes.  In BGP RFC parlance, we do not exchange our
routes in the Update-Send process until stability is declared.

While this is doable, how do you negotiate what level of stability is
desired?  BFD, without extensions, mostly will simply declare the session
Down when enough packets are lost.  If the link quality is very bad, this
should happen quite quickly. If the link quality is partially lossy, BFD
doesn't help.  (However, see https://tools.ietf.org/html/draft-am-bfd-performance-00)

-- Jeff

_______________________________________________
Idr mailing list
Idr@ietf.org<mailto:Idr@ietf.org>
https://www.ietf.org/mailman/listinfo/idr
_______________________________________________
Idr mailing list
Idr@ietf.org<mailto:Idr@ietf.org>
https://www.ietf.org/mailman/listinfo/idr

v2.15.0 | Report a Bug | By Email